./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3183850553 <...> med>) = 0 [pid 5077] rmdir("./227" [pid 6229] <... prctl resumed>) = 0 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] <... rmdir resumed>) = 0 [pid 6229] setpgid(0, 0) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5077] mkdir("./228", 0777 [pid 6229] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] umount2("./229/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] <... mkdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] newfstatat(AT_FDCWD, "./229/binderfs", [pid 5077] <... openat resumed>) = 3 [pid 6229] <... openat resumed>) = 3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5078] unlink("./229/binderfs") = 0 [pid 6229] write(3, "1000", 4) = 4 [pid 5078] umount2("./229/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6229] close(3) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5078] umount2("./229/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6229] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./229/file0", [pid 6229] <... symlink resumed>) = 0 [pid 5080] close(3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... close resumed>) = 0 [pid 5078] umount2("./229/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./229/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", [pid 6229] memfd_create("syzkaller", 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6229] <... memfd_create resumed>) = 3 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6230 [pid 5078] getdents64(4, ./strace-static-x86_64: Process 6230 attached [pid 6229] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6230] set_robust_list(0x555556d3f660, 24 [pid 6229] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6230] <... set_robust_list resumed>) = 0 [pid 5078] getdents64(4, [pid 6230] chdir("./226" [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./229/file0") = 0 [pid 5078] getdents64(3, [pid 6230] <... chdir resumed>) = 0 [pid 6228] <... write resumed>) = 2097152 [pid 6228] munmap(0x7f3feae00000, 138412032 [pid 6230] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6228] <... munmap resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6230] setpgid(0, 0) = 0 [pid 6230] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] close(3 [pid 6230] <... openat resumed>) = 3 [pid 5078] <... close resumed>) = 0 [pid 5078] rmdir("./229" [pid 6230] write(3, "1000", 4 [pid 5078] <... rmdir resumed>) = 0 [pid 6230] <... write resumed>) = 4 [pid 5078] mkdir("./230", 0777 [pid 6230] close(3 [pid 6228] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6230] <... close resumed>) = 0 [pid 6230] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6228] <... openat resumed>) = 4 [pid 5078] <... mkdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 6228] ioctl(4, LOOP_SET_FD, 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6230] memfd_create("syzkaller", 0 [pid 6228] <... ioctl resumed>) = 0 [pid 6230] <... memfd_create resumed>) = 3 [pid 5077] <... ioctl resumed>) = 0 [pid 6230] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6228] close(3) = 0 [pid 6228] close(4) = 0 [pid 6228] mkdir("./file0", 0777) = 0 [ 242.045277][ T6228] loop3: detected capacity change from 0 to 4096 [pid 6229] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6228] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5078] <... ioctl resumed>) = 0 [pid 5077] close(3 [pid 5078] close(3 [pid 5077] <... close resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6231 attached [pid 5078] <... close resumed>) = 0 [pid 6231] set_robust_list(0x555556d3f660, 24 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6231 [pid 6231] <... set_robust_list resumed>) = 0 [pid 6231] chdir("./228" [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6232 [pid 6231] <... chdir resumed>) = 0 [pid 6231] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 6232 attached [pid 6232] set_robust_list(0x555556d3f660, 24) = 0 [pid 6232] chdir("./230") = 0 [pid 6232] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6231] <... prctl resumed>) = 0 [pid 6232] <... prctl resumed>) = 0 [pid 6232] setpgid(0, 0) = 0 [pid 6232] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6231] setpgid(0, 0 [pid 6232] <... openat resumed>) = 3 [pid 6231] <... setpgid resumed>) = 0 [pid 6232] write(3, "1000", 4 [pid 6231] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6232] <... write resumed>) = 4 [pid 6232] close(3) = 0 [pid 6232] symlink("/dev/binderfs", "./binderfs" [pid 6231] <... openat resumed>) = 3 [pid 6232] <... symlink resumed>) = 0 [pid 6232] memfd_create("syzkaller", 0 [pid 6231] write(3, "1000", 4) = 4 [ 242.111014][ T6228] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6232] <... memfd_create resumed>) = 3 [pid 6231] close(3 [pid 6230] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6232] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6231] <... close resumed>) = 0 [pid 6232] <... mmap resumed>) = 0x7f3feae00000 [pid 6231] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6229] <... write resumed>) = 2097152 [pid 6229] munmap(0x7f3feae00000, 138412032 [pid 6231] memfd_create("syzkaller", 0 [pid 6229] <... munmap resumed>) = 0 [pid 6228] <... mount resumed>) = 0 [pid 6231] <... memfd_create resumed>) = 3 [pid 6228] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6231] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6228] <... openat resumed>) = 3 [pid 6228] chdir("./file0" [pid 6229] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6228] <... chdir resumed>) = 0 [pid 6229] <... openat resumed>) = 4 [pid 6229] ioctl(4, LOOP_SET_FD, 3 [pid 6232] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6228] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6229] <... ioctl resumed>) = 0 [pid 6228] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6231] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6229] close(3 [pid 6228] exit_group(0 [pid 6229] <... close resumed>) = 0 [pid 6229] close(4) = 0 [pid 6229] mkdir("./file0", 0777) = 0 [pid 6228] <... exit_group resumed>) = ? [pid 6229] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6228] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6228, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 6230] <... write resumed>) = 2097152 [pid 5079] umount2("./227", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6230] munmap(0x7f3feae00000, 138412032) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./227", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./227/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./227/binderfs", [pid 6231] <... write resumed>) = 2097152 [pid 6230] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6231] munmap(0x7f3feae00000, 138412032 [pid 6230] <... openat resumed>) = 4 [pid 5079] unlink("./227/binderfs" [pid 6230] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... unlink resumed>) = 0 [ 242.242552][ T6229] loop0: detected capacity change from 0 to 4096 [ 242.271478][ T6229] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5079] umount2("./227/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6230] <... ioctl resumed>) = 0 [pid 6230] close(3) = 0 [pid 6230] close(4) = 0 [pid 6230] mkdir("./file0", 0777 [pid 6232] <... write resumed>) = 2097152 [pid 6231] <... munmap resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5079] umount2("./227/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./227/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./227/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./227/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6232] munmap(0x7f3feae00000, 138412032 [pid 6231] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6230] <... mkdir resumed>) = 0 [pid 5079] getdents64(4, [pid 6232] <... munmap resumed>) = 0 [pid 6231] <... openat resumed>) = 4 [ 242.312343][ T6230] loop4: detected capacity change from 0 to 4096 [pid 6230] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6232] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6231] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, [pid 6232] <... openat resumed>) = 4 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6232] ioctl(4, LOOP_SET_FD, 3 [pid 6229] <... mount resumed>) = 0 [pid 5079] close(4 [pid 6229] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... close resumed>) = 0 [pid 6231] <... ioctl resumed>) = 0 [pid 6232] <... ioctl resumed>) = 0 [pid 6231] close(3 [pid 6229] <... openat resumed>) = 3 [pid 5079] rmdir("./227/file0" [pid 6231] <... close resumed>) = 0 [pid 6231] close(4) = 0 [pid 6229] chdir("./file0" [pid 5079] <... rmdir resumed>) = 0 [pid 6229] <... chdir resumed>) = 0 [pid 6231] mkdir("./file0", 0777 [pid 6229] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6232] close(3) = 0 [pid 6229] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] getdents64(3, [pid 6232] close(4 [pid 6231] <... mkdir resumed>) = 0 [pid 6229] exit_group(0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6232] <... close resumed>) = 0 [pid 6229] <... exit_group resumed>) = ? [pid 6232] mkdir("./file0", 0777 [pid 6231] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6232] <... mkdir resumed>) = 0 [ 242.353602][ T6230] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 242.364513][ T6231] loop1: detected capacity change from 0 to 4096 [ 242.377662][ T6232] loop2: detected capacity change from 0 to 4096 [pid 6232] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6229] +++ exited with 0 +++ [pid 5079] close(3) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6229, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5079] rmdir("./227") = 0 [pid 5079] mkdir("./228", 0777 [pid 5076] umount2("./225", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... mkdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./225", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] getdents64(3, [pid 5079] <... openat resumed>) = 3 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] umount2("./225/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./225/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./225/binderfs") = 0 [pid 5076] umount2("./225/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5076] umount2("./225/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./225/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./225/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./225/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6230] <... mount resumed>) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 6230] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./225/file0" [pid 6230] <... openat resumed>) = 3 [pid 5076] <... rmdir resumed>) = 0 [ 242.402304][ T6231] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 242.415437][ T6232] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6230] chdir("./file0") = 0 [pid 5076] getdents64(3, [pid 6230] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6230] exit_group(0) = ? [pid 5076] close(3) = 0 [pid 5076] rmdir("./225") = 0 [pid 5076] mkdir("./226", 0777 [pid 6230] +++ exited with 0 +++ [pid 5076] <... mkdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6230, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5076] <... openat resumed>) = 3 [pid 5080] restart_syscall(<... resuming interrupted clone ...> [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5080] <... restart_syscall resumed>) = 0 [pid 5080] umount2("./226", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6232] <... mount resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6232] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5080] openat(AT_FDCWD, "./226", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6232] chdir("./file0" [pid 5080] <... openat resumed>) = 3 [pid 6232] <... chdir resumed>) = 0 [pid 5080] newfstatat(3, "", [pid 6232] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6232] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] getdents64(3, [pid 6232] exit_group(0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6232] <... exit_group resumed>) = ? [pid 5080] umount2("./226/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./226/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./226/binderfs") = 0 [pid 5080] umount2("./226/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6232] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6232, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=10 /* 0.10 s */} --- [pid 5080] <... umount2 resumed>) = 0 [pid 5080] umount2("./226/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] umount2("./230", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6231] <... mount resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./230", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] newfstatat(AT_FDCWD, "./226/file0", [pid 5078] <... openat resumed>) = 3 [pid 6231] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5080] umount2("./226/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6231] <... openat resumed>) = 3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./226/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(3, "", [pid 5080] newfstatat(4, "", [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6231] chdir("./file0" [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] close(3 [pid 5078] getdents64(3, [pid 5080] getdents64(4, [pid 5079] <... close resumed>) = 0 [pid 6231] <... chdir resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6231] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] getdents64(4, [pid 6231] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6233 [pid 5080] <... close resumed>) = 0 [pid 6231] exit_group(0 [pid 5080] rmdir("./226/file0" [pid 6231] <... exit_group resumed>) = ? [pid 5080] <... rmdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6231] +++ exited with 0 +++ [pid 5080] getdents64(3, [pid 5078] umount2("./230/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6233 attached [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6233] set_robust_list(0x555556d3f660, 24 [pid 5080] close(3 [pid 5078] newfstatat(AT_FDCWD, "./230/binderfs", [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6231, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 6233] <... set_robust_list resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] restart_syscall(<... resuming interrupted clone ...> [pid 6233] chdir("./228" [pid 5080] rmdir("./226" [pid 5078] unlink("./230/binderfs" [pid 5077] <... restart_syscall resumed>) = 0 [pid 6233] <... chdir resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 6233] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] mkdir("./227", 0777 [pid 6233] <... prctl resumed>) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 6233] setpgid(0, 0) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] umount2("./230/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] umount2("./228", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6233] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... openat resumed>) = 3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6233] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5077] openat(AT_FDCWD, "./228", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6233] write(3, "1000", 4) = 4 [pid 5078] <... umount2 resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 6233] close(3) = 0 [pid 5077] newfstatat(3, "", [pid 6233] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6233] memfd_create("syzkaller", 0 [pid 5076] <... ioctl resumed>) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./228/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./228/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./228/binderfs" [pid 6233] <... memfd_create resumed>) = 3 [pid 5078] umount2("./230/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... unlink resumed>) = 0 [pid 6233] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] umount2("./228/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6233] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] newfstatat(AT_FDCWD, "./230/file0", [pid 5077] <... umount2 resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./230/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] umount2("./228/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./230/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] newfstatat(AT_FDCWD, "./228/file0", [pid 5076] close(3 [pid 5078] <... openat resumed>) = 4 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] newfstatat(4, "", [pid 5077] umount2("./228/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... close resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] openat(AT_FDCWD, "./228/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] getdents64(4, ./strace-static-x86_64: Process 6234 attached 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] <... openat resumed>) = 4 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6234 [pid 5078] getdents64(4, [pid 5077] newfstatat(4, "", [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] close(4 [pid 5077] getdents64(4, [pid 5078] <... close resumed>) = 0 [pid 6234] set_robust_list(0x555556d3f660, 24 [pid 5078] rmdir("./230/file0" [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6234] <... set_robust_list resumed>) = 0 [pid 6234] chdir("./226") = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] getdents64(4, [pid 6234] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6234] setpgid(0, 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] getdents64(3, [pid 5077] close(4 [pid 6234] <... setpgid resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] rmdir("./228/file0" [pid 5078] close(3 [pid 6234] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] <... close resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5078] rmdir("./230" [pid 5077] getdents64(3, [pid 6234] <... openat resumed>) = 3 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] mkdir("./231", 0777 [pid 5077] close(3 [pid 6234] write(3, "1000", 4 [pid 6233] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] <... mkdir resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] rmdir("./228" [pid 6234] <... write resumed>) = 4 [pid 5078] <... openat resumed>) = 3 [pid 5077] <... rmdir resumed>) = 0 [pid 6234] close(3) = 0 [pid 6234] symlink("/dev/binderfs", "./binderfs" [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6234] <... symlink resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5077] mkdir("./229", 0777 [pid 6234] memfd_create("syzkaller", 0 [pid 5080] close(3 [pid 5077] <... mkdir resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6234] <... memfd_create resumed>) = 3 [pid 5077] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6235 [pid 6234] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 6235 attached ) = 0x7f3feae00000 [pid 6235] set_robust_list(0x555556d3f660, 24) = 0 [pid 6233] <... write resumed>) = 2097152 [pid 6233] munmap(0x7f3feae00000, 138412032 [pid 6235] chdir("./227") = 0 [pid 6235] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6235] setpgid(0, 0) = 0 [pid 6235] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6235] write(3, "1000", 4) = 4 [pid 6235] close(3) = 0 [pid 6233] <... munmap resumed>) = 0 [pid 6233] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6235] symlink("/dev/binderfs", "./binderfs" [pid 6233] <... openat resumed>) = 4 [pid 6235] <... symlink resumed>) = 0 [pid 6233] ioctl(4, LOOP_SET_FD, 3 [pid 6234] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6235] memfd_create("syzkaller", 0) = 3 [pid 6235] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6233] <... ioctl resumed>) = 0 [pid 6233] close(3) = 0 [pid 6233] close(4) = 0 [ 242.713268][ T6233] loop3: detected capacity change from 0 to 4096 [pid 6233] mkdir("./file0", 0777) = 0 [pid 6234] <... write resumed>) = 2097152 [pid 6233] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5077] <... ioctl resumed>) = 0 [pid 5077] close(3 [pid 5078] <... ioctl resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] close(3) = 0 ./strace-static-x86_64: Process 6237 attached [pid 6234] munmap(0x7f3feae00000, 138412032 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6237] set_robust_list(0x555556d3f660, 24 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6238 ./strace-static-x86_64: Process 6238 attached [pid 6237] <... set_robust_list resumed>) = 0 [pid 6234] <... munmap resumed>) = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6237 [pid 6238] set_robust_list(0x555556d3f660, 24 [pid 6237] chdir("./229" [pid 6238] <... set_robust_list resumed>) = 0 [pid 6238] chdir("./231" [pid 6237] <... chdir resumed>) = 0 [pid 6238] <... chdir resumed>) = 0 [pid 6235] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6238] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 242.790743][ T6233] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6238] setpgid(0, 0 [pid 6237] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6234] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6234] ioctl(4, LOOP_SET_FD, 3 [pid 6237] <... prctl resumed>) = 0 [pid 6238] <... setpgid resumed>) = 0 [pid 6237] setpgid(0, 0 [pid 6238] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6238] write(3, "1000", 4) = 4 [pid 6238] close(3) = 0 [pid 6238] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6237] <... setpgid resumed>) = 0 [pid 6237] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6238] memfd_create("syzkaller", 0 [pid 6237] write(3, "1000", 4 [pid 6234] <... ioctl resumed>) = 0 [pid 6237] <... write resumed>) = 4 [pid 6233] <... mount resumed>) = 0 [pid 6237] close(3 [pid 6234] close(3 [pid 6237] <... close resumed>) = 0 [pid 6234] <... close resumed>) = 0 [pid 6238] <... memfd_create resumed>) = 3 [pid 6237] symlink("/dev/binderfs", "./binderfs" [pid 6234] close(4 [pid 6233] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6234] <... close resumed>) = 0 [pid 6233] <... openat resumed>) = 3 [pid 6238] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6233] chdir("./file0" [pid 6238] <... mmap resumed>) = 0x7f3feae00000 [pid 6234] mkdir("./file0", 0777 [pid 6233] <... chdir resumed>) = 0 [pid 6237] <... symlink resumed>) = 0 [pid 6234] <... mkdir resumed>) = 0 [pid 6233] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6234] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6233] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 242.838687][ T6234] loop0: detected capacity change from 0 to 4096 [pid 6233] exit_group(0 [pid 6237] memfd_create("syzkaller", 0 [pid 6233] <... exit_group resumed>) = ? [pid 6233] +++ exited with 0 +++ [pid 6237] <... memfd_create resumed>) = 3 [pid 6237] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6233, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5079] restart_syscall(<... resuming interrupted clone ...> [pid 6237] <... mmap resumed>) = 0x7f3feae00000 [pid 5079] <... restart_syscall resumed>) = 0 [pid 5079] umount2("./228", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6238] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./228", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./228/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./228/binderfs", [pid 6235] <... write resumed>) = 2097152 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6235] munmap(0x7f3feae00000, 138412032 [ 242.905499][ T6234] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5079] unlink("./228/binderfs") = 0 [pid 5079] umount2("./228/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6235] <... munmap resumed>) = 0 [pid 6235] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6235] ioctl(4, LOOP_SET_FD, 3 [pid 6234] <... mount resumed>) = 0 [pid 6234] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6234] chdir("./file0") = 0 [pid 6238] <... write resumed>) = 2097152 [pid 6235] <... ioctl resumed>) = 0 [pid 6238] munmap(0x7f3feae00000, 138412032 [pid 6237] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6235] close(3 [pid 6234] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... umount2 resumed>) = 0 [pid 6235] <... close resumed>) = 0 [pid 6234] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] umount2("./228/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6235] close(4 [pid 6234] exit_group(0 [pid 6238] <... munmap resumed>) = 0 [pid 6235] <... close resumed>) = 0 [pid 6234] <... exit_group resumed>) = ? [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./228/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./228/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./228/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", [pid 6235] mkdir("./file0", 0777 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, [pid 6235] <... mkdir resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6235] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [ 242.985501][ T6235] loop4: detected capacity change from 0 to 4096 [pid 5079] close(4 [pid 6238] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6234] +++ exited with 0 +++ [pid 5079] <... close resumed>) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6234, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 5079] rmdir("./228/file0" [pid 5076] <... restart_syscall resumed>) = 0 [pid 5076] umount2("./226", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./226", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./226/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./226/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./226/binderfs") = 0 [pid 6238] <... openat resumed>) = 4 [pid 5076] umount2("./226/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6238] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... rmdir resumed>) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./228" [pid 6238] <... ioctl resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5076] umount2("./226/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] mkdir("./229", 0777 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6238] close(3) = 0 [pid 6238] close(4 [pid 5079] <... mkdir resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./226/file0", [pid 6238] <... close resumed>) = 0 [pid 6238] mkdir("./file0", 0777 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6238] <... mkdir resumed>) = 0 [pid 5076] umount2("./226/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6238] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... openat resumed>) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] openat(AT_FDCWD, "./226/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 243.026595][ T6235] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 243.041864][ T6238] loop2: detected capacity change from 0 to 4096 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./226/file0") = 0 [pid 6237] <... write resumed>) = 2097152 [pid 6237] munmap(0x7f3feae00000, 138412032 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./226") = 0 [pid 5076] mkdir("./227", 0777) = 0 [pid 6237] <... munmap resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6237] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6235] <... mount resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 6237] ioctl(4, LOOP_SET_FD, 3 [pid 6235] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6237] <... ioctl resumed>) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6235] <... openat resumed>) = 3 [pid 6235] chdir("./file0") = 0 [pid 6235] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6235] exit_group(0) = ? [pid 6235] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6235, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5080] umount2("./227", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./227", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6237] close(3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./227/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6237] <... close resumed>) = 0 [pid 6237] close(4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6237] <... close resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./227/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6237] mkdir("./file0", 0777 [pid 5080] unlink("./227/binderfs") = 0 [pid 6237] <... mkdir resumed>) = 0 [ 243.074467][ T6238] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 243.109947][ T6237] loop1: detected capacity change from 0 to 4096 [pid 5080] umount2("./227/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6237] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6238] <... mount resumed>) = 0 [pid 5080] <... umount2 resumed>) = 0 [pid 5080] umount2("./227/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./227/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6238] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] umount2("./227/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./227/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", [pid 6238] <... openat resumed>) = 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5079] close(3 [pid 6238] chdir("./file0") = 0 [pid 5079] <... close resumed>) = 0 [pid 6238] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6238] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] getdents64(4, ./strace-static-x86_64: Process 6239 attached [pid 6238] exit_group(0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6239 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6238] <... exit_group resumed>) = ? [pid 6239] set_robust_list(0x555556d3f660, 24 [pid 5080] close(4 [pid 6239] <... set_robust_list resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./227/file0" [pid 6239] chdir("./229" [pid 5080] <... rmdir resumed>) = 0 [pid 6239] <... chdir resumed>) = 0 [pid 5080] getdents64(3, [pid 6239] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6239] <... prctl resumed>) = 0 [pid 5080] close(3 [pid 6239] setpgid(0, 0 [pid 6238] +++ exited with 0 +++ [pid 5080] <... close resumed>) = 0 [pid 6239] <... setpgid resumed>) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6238, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 5080] rmdir("./227" [pid 6239] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... rmdir resumed>) = 0 [pid 5078] umount2("./231", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./231", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6239] <... openat resumed>) = 3 [pid 5080] mkdir("./228", 0777 [pid 5078] <... openat resumed>) = 3 [ 243.166593][ T6237] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6239] write(3, "1000", 4 [pid 5080] <... mkdir resumed>) = 0 [pid 5078] newfstatat(3, "", [pid 6239] <... write resumed>) = 4 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6239] close(3 [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] umount2("./231/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6239] <... close resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6239] symlink("/dev/binderfs", "./binderfs" [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5078] newfstatat(AT_FDCWD, "./231/binderfs", [pid 6239] <... symlink resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./231/binderfs") = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 6239] memfd_create("syzkaller", 0 [pid 5078] umount2("./231/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 6240 attached [pid 6239] <... memfd_create resumed>) = 3 [pid 5078] umount2("./231/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6239] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6240 [pid 6240] set_robust_list(0x555556d3f660, 24) = 0 [pid 6239] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./231/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./231/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./231/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./231/file0" [pid 6240] chdir("./227") = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 6240] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./231" [pid 6240] setpgid(0, 0 [pid 5078] <... rmdir resumed>) = 0 [pid 6240] <... setpgid resumed>) = 0 [pid 6240] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] mkdir("./232", 0777 [pid 6240] <... openat resumed>) = 3 [pid 5078] <... mkdir resumed>) = 0 [pid 6240] write(3, "1000", 4) = 4 [pid 6240] close(3 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6240] <... close resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6239] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6240] symlink("/dev/binderfs", "./binderfs" [pid 6237] <... mount resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 6240] <... symlink resumed>) = 0 [pid 6237] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] close(3 [pid 6240] memfd_create("syzkaller", 0 [pid 6237] <... openat resumed>) = 3 [pid 5080] <... close resumed>) = 0 [pid 6240] <... memfd_create resumed>) = 3 [pid 6240] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6237] chdir("./file0" [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6241 attached [pid 6240] <... mmap resumed>) = 0x7f3feae00000 [pid 6237] <... chdir resumed>) = 0 [pid 6237] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6241 [pid 6237] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6237] exit_group(0 [pid 6239] <... write resumed>) = 2097152 [pid 6237] <... exit_group resumed>) = ? [pid 6237] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6237, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 5077] umount2("./229", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./229", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./229/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./229/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./229/binderfs") = 0 [pid 5077] umount2("./229/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6241] set_robust_list(0x555556d3f660, 24 [pid 6239] munmap(0x7f3feae00000, 138412032 [pid 6241] <... set_robust_list resumed>) = 0 [pid 6239] <... munmap resumed>) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 6241] chdir("./228") = 0 [pid 6241] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6239] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6241] setpgid(0, 0 [pid 6239] <... openat resumed>) = 4 [pid 6241] <... setpgid resumed>) = 0 [pid 6241] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6239] ioctl(4, LOOP_SET_FD, 3 [pid 6241] write(3, "1000", 4) = 4 [pid 6241] close(3 [pid 5077] umount2("./229/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6241] <... close resumed>) = 0 [pid 6241] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./229/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./229/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6241] <... symlink resumed>) = 0 [pid 5077] openat(AT_FDCWD, "./229/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./229/file0" [pid 6241] memfd_create("syzkaller", 0 [pid 6239] <... ioctl resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 6241] <... memfd_create resumed>) = 3 [pid 6240] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6239] close(3 [pid 5078] <... ioctl resumed>) = 0 [pid 5077] getdents64(3, [pid 6241] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6239] <... close resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6239] close(4 [pid 5077] close(3 [pid 6239] <... close resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./229" [pid 6241] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] close(3 [pid 5077] <... rmdir resumed>) = 0 [pid 5077] mkdir("./230", 0777 [pid 6239] mkdir("./file0", 0777 [pid 5077] <... mkdir resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6239] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6242 attached [pid 6239] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6242 [ 243.412716][ T6239] loop3: detected capacity change from 0 to 4096 [pid 6242] set_robust_list(0x555556d3f660, 24 [pid 5077] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6242] <... set_robust_list resumed>) = 0 [pid 6242] chdir("./232") = 0 [pid 6242] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6242] setpgid(0, 0) = 0 [pid 6242] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6242] write(3, "1000", 4) = 4 [pid 6242] close(3) = 0 [pid 6242] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6242] memfd_create("syzkaller", 0 [pid 6241] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6240] <... write resumed>) = 2097152 [pid 6242] <... memfd_create resumed>) = 3 [pid 6240] munmap(0x7f3feae00000, 138412032 [pid 6242] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6240] <... munmap resumed>) = 0 [ 243.479883][ T6239] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6240] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6241] <... write resumed>) = 2097152 [pid 6240] <... openat resumed>) = 4 [pid 6240] ioctl(4, LOOP_SET_FD, 3 [pid 6241] munmap(0x7f3feae00000, 138412032) = 0 [pid 6240] <... ioctl resumed>) = 0 [pid 6241] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6240] close(3 [pid 5077] <... ioctl resumed>) = 0 [pid 6240] <... close resumed>) = 0 [pid 6241] <... openat resumed>) = 4 [pid 6240] close(4 [pid 6241] ioctl(4, LOOP_SET_FD, 3 [pid 6240] <... close resumed>) = 0 [pid 6240] mkdir("./file0", 0777 [pid 5077] close(3 [pid 6240] <... mkdir resumed>) = 0 [pid 6240] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5077] <... close resumed>) = 0 [ 243.537784][ T6240] loop0: detected capacity change from 0 to 4096 [ 243.575203][ T6241] loop4: detected capacity change from 0 to 4096 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6243 ./strace-static-x86_64: Process 6243 attached [pid 6243] set_robust_list(0x555556d3f660, 24) = 0 [pid 6243] chdir("./230" [pid 6241] <... ioctl resumed>) = 0 [pid 6243] <... chdir resumed>) = 0 [pid 6241] close(3 [pid 6243] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6241] <... close resumed>) = 0 [pid 6243] <... prctl resumed>) = 0 [pid 6243] setpgid(0, 0 [pid 6241] close(4 [pid 6243] <... setpgid resumed>) = 0 [pid 6241] <... close resumed>) = 0 [pid 6243] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6243] write(3, "1000", 4) = 4 [pid 6243] close(3) = 0 [pid 6243] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6243] memfd_create("syzkaller", 0 [pid 6242] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6241] mkdir("./file0", 0777 [pid 6243] <... memfd_create resumed>) = 3 [pid 6243] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6241] <... mkdir resumed>) = 0 [pid 6239] <... mount resumed>) = 0 [pid 6243] <... mmap resumed>) = 0x7f3feae00000 [pid 6241] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [ 243.592364][ T6240] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6239] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6239] chdir("./file0") = 0 [pid 6239] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6239] exit_group(0) = ? [pid 6239] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6239, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [ 243.650392][ T6241] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5079] umount2("./229", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6242] <... write resumed>) = 2097152 [pid 6241] <... mount resumed>) = 0 [pid 6240] <... mount resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./229", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6242] munmap(0x7f3feae00000, 138412032 [pid 6241] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6240] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6241] <... openat resumed>) = 3 [pid 6240] <... openat resumed>) = 3 [pid 5079] umount2("./229/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6240] chdir("./file0" [pid 6241] chdir("./file0" [pid 6240] <... chdir resumed>) = 0 [pid 6241] <... chdir resumed>) = 0 [pid 6240] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] newfstatat(AT_FDCWD, "./229/binderfs", [pid 6241] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6240] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6241] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6240] exit_group(0 [pid 5079] unlink("./229/binderfs" [pid 6240] <... exit_group resumed>) = ? [pid 5079] <... unlink resumed>) = 0 [pid 6242] <... munmap resumed>) = 0 [pid 6241] exit_group(0 [pid 5079] umount2("./229/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6240] +++ exited with 0 +++ [pid 6241] <... exit_group resumed>) = ? [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6240, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 6242] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6241] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6241, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5076] <... restart_syscall resumed>) = 0 [pid 5076] umount2("./227", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6242] <... openat resumed>) = 4 [pid 5076] openat(AT_FDCWD, "./227", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6243] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] <... umount2 resumed>) = 0 [pid 6242] ioctl(4, LOOP_SET_FD, 3 [pid 5079] umount2("./229/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(3, "", [pid 5079] newfstatat(AT_FDCWD, "./229/file0", [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] getdents64(3, [pid 5079] umount2("./229/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./227/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./229/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] newfstatat(AT_FDCWD, "./227/binderfs", [pid 5079] <... openat resumed>) = 4 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] newfstatat(4, "", [pid 5076] unlink("./227/binderfs" [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5079] getdents64(4, [pid 5076] umount2("./227/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... umount2 resumed>) = 0 [pid 5079] getdents64(4, [pid 5076] umount2("./227/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] close(4 [pid 5076] newfstatat(AT_FDCWD, "./227/file0", [pid 6243] <... write resumed>) = 2097152 [pid 6242] <... ioctl resumed>) = 0 [pid 5080] umount2("./228", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... close resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6243] munmap(0x7f3feae00000, 138412032 [pid 6242] close(3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] rmdir("./229/file0" [pid 5076] umount2("./227/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6242] <... close resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./228", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... rmdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6242] close(4 [pid 5080] <... openat resumed>) = 3 [pid 5079] getdents64(3, [pid 5076] openat(AT_FDCWD, "./227/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6242] <... close resumed>) = 0 [pid 5080] newfstatat(3, "", [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] <... openat resumed>) = 4 [pid 6243] <... munmap resumed>) = 0 [pid 6242] mkdir("./file0", 0777 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] close(3 [pid 5076] newfstatat(4, "", [pid 6243] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6242] <... mkdir resumed>) = 0 [pid 6243] <... openat resumed>) = 4 [pid 5079] <... close resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] rmdir("./229" [pid 5076] getdents64(4, [pid 6243] ioctl(4, LOOP_SET_FD, 3 [pid 6242] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5080] getdents64(3, [pid 5079] <... rmdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... close resumed>) = 0 [pid 5080] umount2("./228/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [ 243.782856][ T6242] loop2: detected capacity change from 0 to 4096 [ 243.818028][ T6243] loop1: detected capacity change from 0 to 4096 [pid 5079] mkdir("./230", 0777 [pid 5076] rmdir("./227/file0" [pid 6243] <... ioctl resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... mkdir resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./228/binderfs", [pid 5076] getdents64(3, [pid 6243] close(3 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6243] <... close resumed>) = 0 [pid 5076] close(3 [pid 6243] close(4 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... close resumed>) = 0 [pid 6243] <... close resumed>) = 0 [pid 5076] rmdir("./227") = 0 [pid 6243] mkdir("./file0", 0777 [pid 5080] unlink("./228/binderfs" [pid 5076] mkdir("./228", 0777 [pid 6243] <... mkdir resumed>) = 0 [pid 5080] <... unlink resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] <... mkdir resumed>) = 0 [pid 5080] umount2("./228/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... openat resumed>) = 3 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6243] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5076] <... openat resumed>) = 3 [pid 5080] <... umount2 resumed>) = 0 [pid 5080] umount2("./228/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./228/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 243.828147][ T6242] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5080] umount2("./228/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./228/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./228/file0") = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./228") = 0 [pid 5080] mkdir("./229", 0777) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6243] <... mount resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 6243] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6243] chdir("./file0" [ 243.863906][ T6243] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6243] <... chdir resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 6243] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6243] exit_group(0) = ? [pid 6243] +++ exited with 0 +++ [pid 6242] <... mount resumed>) = 0 [pid 6242] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6243, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 6242] <... openat resumed>) = 3 [pid 5077] umount2("./230", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6242] chdir("./file0") = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6242] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] close(3 [pid 5077] openat(AT_FDCWD, "./230", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6242] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6242] exit_group(0 [pid 5077] <... openat resumed>) = 3 [pid 5079] <... close resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6245 [pid 6242] <... exit_group resumed>) = ? [pid 5076] <... ioctl resumed>) = 0 [pid 6242] +++ exited with 0 +++ [pid 5077] newfstatat(3, "", ./strace-static-x86_64: Process 6245 attached [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6242, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] close(3) = 0 [pid 5077] getdents64(3, [pid 6245] set_robust_list(0x555556d3f660, 24 [pid 5078] umount2("./232", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6245] <... set_robust_list resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6245] chdir("./230" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] umount2("./230/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] openat(AT_FDCWD, "./232", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6245] <... chdir resumed>) = 0 [pid 6245] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] <... openat resumed>) = 3 [pid 5077] newfstatat(AT_FDCWD, "./230/binderfs", [pid 5078] newfstatat(3, "", [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6245] <... prctl resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6246 [pid 5077] unlink("./230/binderfs" [pid 6245] setpgid(0, 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 6245] <... setpgid resumed>) = 0 [pid 5077] umount2("./230/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] getdents64(3, [pid 6245] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./232/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6245] <... openat resumed>) = 3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6245] write(3, "1000", 4 [pid 5078] newfstatat(AT_FDCWD, "./232/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./232/binderfs") = 0 ./strace-static-x86_64: Process 6246 attached [pid 6245] <... write resumed>) = 4 [pid 5080] <... ioctl resumed>) = 0 [pid 5078] umount2("./232/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = 0 [pid 6246] set_robust_list(0x555556d3f660, 24 [pid 6245] close(3 [pid 5077] umount2("./230/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6246] <... set_robust_list resumed>) = 0 [pid 6245] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6246] chdir("./228" [pid 5077] newfstatat(AT_FDCWD, "./230/file0", [pid 6245] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6246] <... chdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./232/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./232/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./230/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] umount2("./232/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] openat(AT_FDCWD, "./230/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./232/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... openat resumed>) = 4 [pid 6246] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] newfstatat(4, "", [pid 6246] <... prctl resumed>) = 0 [pid 5078] <... openat resumed>) = 4 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6246] setpgid(0, 0 [pid 5078] newfstatat(4, "", [pid 5077] getdents64(4, [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4 [pid 5080] close(3 [pid 5078] <... close resumed>) = 0 [pid 5077] close(4 [pid 6245] memfd_create("syzkaller", 0 [pid 5080] <... close resumed>) = 0 [pid 5078] rmdir("./232/file0" [pid 5077] <... close resumed>) = 0 [pid 6246] <... setpgid resumed>) = 0 [pid 6245] <... memfd_create resumed>) = 3 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... rmdir resumed>) = 0 [pid 5077] rmdir("./230/file0" [pid 6246] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 6247 attached [pid 5078] close(3 [pid 6247] set_robust_list(0x555556d3f660, 24 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6247 [pid 5078] <... close resumed>) = 0 [pid 5078] rmdir("./232" [pid 6247] <... set_robust_list resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 6247] chdir("./229") = 0 [pid 5078] mkdir("./233", 0777 [pid 6247] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6247] setpgid(0, 0 [pid 5078] <... mkdir resumed>) = 0 [pid 6247] <... setpgid resumed>) = 0 [pid 6245] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] <... rmdir resumed>) = 0 [pid 6246] <... openat resumed>) = 3 [pid 6245] <... mmap resumed>) = 0x7f3feae00000 [pid 6247] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6247] <... openat resumed>) = 3 [pid 5078] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6247] write(3, "1000", 4) = 4 [pid 6247] close(3) = 0 [pid 6247] symlink("/dev/binderfs", "./binderfs" [pid 6246] write(3, "1000", 4 [pid 5077] getdents64(3, [pid 6246] <... write resumed>) = 4 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6246] close(3 [pid 5077] close(3 [pid 6246] <... close resumed>) = 0 [pid 6246] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... close resumed>) = 0 [pid 6247] <... symlink resumed>) = 0 [pid 6246] <... symlink resumed>) = 0 [pid 5077] rmdir("./230") = 0 [pid 5077] mkdir("./231", 0777 [pid 6247] memfd_create("syzkaller", 0 [pid 6246] memfd_create("syzkaller", 0) = 3 [pid 5077] <... mkdir resumed>) = 0 [pid 6247] <... memfd_create resumed>) = 3 [pid 6246] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 6246] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6247] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6245] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] <... ioctl resumed>) = 0 [pid 5078] close(3) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6248 attached [pid 6248] set_robust_list(0x555556d3f660, 24 [pid 6246] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6248] <... set_robust_list resumed>) = 0 [pid 6248] chdir("./233") = 0 [pid 6248] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6248 [pid 6248] <... prctl resumed>) = 0 [pid 6248] setpgid(0, 0) = 0 [pid 6248] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6248] write(3, "1000", 4) = 4 [pid 6248] close(3) = 0 [pid 6248] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6248] memfd_create("syzkaller", 0 [pid 6247] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... ioctl resumed>) = 0 [pid 6248] <... memfd_create resumed>) = 3 [pid 6248] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6245] <... write resumed>) = 2097152 [pid 6248] <... mmap resumed>) = 0x7f3feae00000 [pid 6245] munmap(0x7f3feae00000, 138412032) = 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6245] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 ./strace-static-x86_64: Process 6249 attached [pid 6245] ioctl(4, LOOP_SET_FD, 3 [pid 6249] set_robust_list(0x555556d3f660, 24 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6249 [pid 6249] <... set_robust_list resumed>) = 0 [pid 6249] chdir("./231") = 0 [pid 6249] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6249] setpgid(0, 0) = 0 [pid 6245] <... ioctl resumed>) = 0 [pid 6249] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6249] write(3, "1000", 4 [pid 6246] <... write resumed>) = 2097152 [pid 6245] close(3 [pid 6249] <... write resumed>) = 4 [pid 6247] <... write resumed>) = 2097152 [pid 6249] close(3) = 0 [pid 6249] symlink("/dev/binderfs", "./binderfs" [pid 6247] munmap(0x7f3feae00000, 138412032 [pid 6246] munmap(0x7f3feae00000, 138412032 [pid 6245] <... close resumed>) = 0 [pid 6249] <... symlink resumed>) = 0 [ 244.214096][ T6245] loop3: detected capacity change from 0 to 4096 [pid 6248] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6245] close(4 [pid 6249] memfd_create("syzkaller", 0 [pid 6245] <... close resumed>) = 0 [pid 6245] mkdir("./file0", 0777) = 0 [pid 6245] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6246] <... munmap resumed>) = 0 [pid 6249] <... memfd_create resumed>) = 3 [pid 6247] <... munmap resumed>) = 0 [pid 6246] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6249] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6247] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6249] <... mmap resumed>) = 0x7f3feae00000 [pid 6247] ioctl(4, LOOP_SET_FD, 3 [pid 6246] <... openat resumed>) = 4 [pid 6246] ioctl(4, LOOP_SET_FD, 3 [pid 6247] <... ioctl resumed>) = 0 [pid 6246] <... ioctl resumed>) = 0 [pid 6247] close(3) = 0 [pid 6247] close(4) = 0 [pid 6247] mkdir("./file0", 0777 [pid 6248] <... write resumed>) = 2097152 [pid 6247] <... mkdir resumed>) = 0 [pid 6246] close(3) = 0 [pid 6246] close(4) = 0 [pid 6246] mkdir("./file0", 0777 [pid 6247] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6246] <... mkdir resumed>) = 0 [ 244.285733][ T6245] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 244.301800][ T6247] loop4: detected capacity change from 0 to 4096 [ 244.311973][ T6246] loop0: detected capacity change from 0 to 4096 [pid 6248] munmap(0x7f3feae00000, 138412032) = 0 [pid 6246] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6245] <... mount resumed>) = 0 [pid 6245] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6248] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6245] <... openat resumed>) = 3 [pid 6245] chdir("./file0" [pid 6248] <... openat resumed>) = 4 [pid 6245] <... chdir resumed>) = 0 [pid 6248] ioctl(4, LOOP_SET_FD, 3 [pid 6245] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6245] exit_group(0) = ? [ 244.364395][ T6247] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 244.391523][ T6246] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6249] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6245] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6245, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5079] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5079] umount2("./230", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./230", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./230/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6248] <... ioctl resumed>) = 0 [pid 6247] <... mount resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./230/binderfs", [pid 6247] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6247] <... openat resumed>) = 3 [pid 5079] unlink("./230/binderfs" [pid 6248] close(3) = 0 [pid 6247] chdir("./file0" [pid 5079] <... unlink resumed>) = 0 [ 244.429291][ T6248] loop2: detected capacity change from 0 to 4096 [pid 6247] <... chdir resumed>) = 0 [pid 6248] close(4 [pid 6247] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] umount2("./230/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6248] <... close resumed>) = 0 [pid 6248] mkdir("./file0", 0777 [pid 6247] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6249] <... write resumed>) = 2097152 [pid 6248] <... mkdir resumed>) = 0 [pid 6248] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6247] exit_group(0 [pid 6249] munmap(0x7f3feae00000, 138412032 [pid 6247] <... exit_group resumed>) = ? [pid 6246] <... mount resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 6247] +++ exited with 0 +++ [pid 6246] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] umount2("./230/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6246] <... openat resumed>) = 3 [pid 5079] newfstatat(AT_FDCWD, "./230/file0", [pid 6246] chdir("./file0" [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6246] <... chdir resumed>) = 0 [pid 6249] <... munmap resumed>) = 0 [pid 6246] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] umount2("./230/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6249] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6246] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6249] <... openat resumed>) = 4 [pid 6246] exit_group(0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6247, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 6249] ioctl(4, LOOP_SET_FD, 3 [pid 6246] <... exit_group resumed>) = ? [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] umount2("./229", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./229", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./229/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./229/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./229/binderfs") = 0 [pid 6246] +++ exited with 0 +++ [pid 5080] umount2("./229/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] openat(AT_FDCWD, "./230/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... umount2 resumed>) = 0 [pid 5079] <... openat resumed>) = 4 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6246, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5079] newfstatat(4, "", [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... restart_syscall resumed>) = 0 [pid 5079] getdents64(4, [pid 6248] <... mount resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6249] <... ioctl resumed>) = 0 [pid 5080] umount2("./229/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6249] close(3 [pid 5079] getdents64(4, [pid 5076] umount2("./228", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6249] <... close resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6249] close(4 [pid 6248] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] newfstatat(AT_FDCWD, "./229/file0", [pid 5079] close(4 [pid 5076] openat(AT_FDCWD, "./228", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6249] <... close resumed>) = 0 [pid 6248] <... openat resumed>) = 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... close resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 6249] mkdir("./file0", 0777 [pid 6248] chdir("./file0" [pid 5080] umount2("./229/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] rmdir("./230/file0" [pid 5076] newfstatat(3, "", [pid 6249] <... mkdir resumed>) = 0 [pid 6248] <... chdir resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... rmdir resumed>) = 0 [pid 6248] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] openat(AT_FDCWD, "./229/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6248] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... openat resumed>) = 4 [pid 5079] getdents64(3, [pid 6248] exit_group(0 [pid 5080] newfstatat(4, "", [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] getdents64(3, [pid 6248] <... exit_group resumed>) = ? [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] close(3 [ 244.512247][ T6248] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 244.537683][ T6249] loop1: detected capacity change from 0 to 4096 [pid 6249] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6248] +++ exited with 0 +++ [pid 5080] getdents64(4, [pid 5079] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] rmdir("./230" [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6248, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=12 /* 0.12 s */} --- [pid 5080] getdents64(4, [pid 5079] <... rmdir resumed>) = 0 [pid 5078] restart_syscall(<... resuming interrupted clone ...> [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] mkdir("./231", 0777 [pid 5078] <... restart_syscall resumed>) = 0 [pid 5080] close(4 [pid 5079] <... mkdir resumed>) = 0 [pid 5076] umount2("./228/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./229/file0" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./228/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./228/binderfs" [pid 5078] umount2("./233", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... unlink resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./228/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] openat(AT_FDCWD, "./233", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] <... rmdir resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] newfstatat(3, "", [pid 5080] getdents64(3, [pid 5079] <... openat resumed>) = 3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] getdents64(3, [pid 5080] close(3 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./228/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./229" [pid 5078] umount2("./233/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./233/binderfs", [pid 5080] <... rmdir resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 244.589724][ T6249] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5080] mkdir("./230", 0777 [pid 5078] unlink("./233/binderfs" [pid 5076] newfstatat(AT_FDCWD, "./228/file0", [pid 5080] <... mkdir resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] umount2("./233/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] umount2("./228/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... openat resumed>) = 3 [pid 5078] <... umount2 resumed>) = 0 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./228/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", [pid 5078] umount2("./233/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 5078] newfstatat(AT_FDCWD, "./233/file0", [pid 5076] <... close resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] rmdir("./228/file0") = 0 [pid 5078] umount2("./233/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] close(3 [pid 6249] <... mount resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./233/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... close resumed>) = 0 [pid 6249] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... ioctl resumed>) = 0 [pid 5076] rmdir("./228" [pid 5078] <... openat resumed>) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 6249] <... openat resumed>) = 3 [pid 5078] getdents64(4, [pid 5076] mkdir("./229", 0777 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./233/file0" [pid 6249] chdir("./file0" [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 6249] <... chdir resumed>) = 0 [pid 5078] getdents64(3, [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6249] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] <... openat resumed>) = 3 [pid 6249] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5078] close(3) = 0 [pid 5078] rmdir("./233" [pid 6249] exit_group(0 [pid 5078] <... rmdir resumed>) = 0 [pid 5078] mkdir("./234", 0777 [pid 6249] <... exit_group resumed>) = ? [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6252 attached [pid 6249] +++ exited with 0 +++ [pid 5078] <... mkdir resumed>) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6249, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6252 [pid 6252] set_robust_list(0x555556d3f660, 24 [pid 5078] <... openat resumed>) = 3 [pid 5077] umount2("./231", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./231", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5077] <... openat resumed>) = 3 [pid 5076] <... ioctl resumed>) = 0 [pid 6252] <... set_robust_list resumed>) = 0 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./231/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6252] chdir("./231" [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./231/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./231/binderfs" [pid 6252] <... chdir resumed>) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 6252] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] umount2("./231/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6252] <... prctl resumed>) = 0 [pid 6252] setpgid(0, 0) = 0 [pid 6252] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5080] <... ioctl resumed>) = 0 [pid 6252] write(3, "1000", 4) = 4 [pid 6252] close(3) = 0 [pid 6252] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6252] memfd_create("syzkaller", 0) = 3 [pid 5080] close(3 [pid 5077] <... umount2 resumed>) = 0 [pid 5076] close(3 [pid 5077] umount2("./231/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6252] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... close resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 6252] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] newfstatat(AT_FDCWD, "./231/file0", [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./231/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./231/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6254 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6253 ./strace-static-x86_64: Process 6253 attached [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 ./strace-static-x86_64: Process 6254 attached [pid 5077] rmdir("./231/file0" [pid 6254] set_robust_list(0x555556d3f660, 24 [pid 5077] <... rmdir resumed>) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6254] <... set_robust_list resumed>) = 0 [pid 6253] set_robust_list(0x555556d3f660, 24 [pid 5077] close(3 [pid 6254] chdir("./230" [pid 6253] <... set_robust_list resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./231" [pid 6253] chdir("./229" [pid 5078] close(3 [pid 5077] <... rmdir resumed>) = 0 [pid 6253] <... chdir resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 6253] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6254] <... chdir resumed>) = 0 [pid 6253] <... prctl resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6253] setpgid(0, 0 [pid 6254] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] mkdir("./232", 0777./strace-static-x86_64: Process 6255 attached [pid 6253] <... setpgid resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 6253] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6255 [pid 6254] <... prctl resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6255] set_robust_list(0x555556d3f660, 24) = 0 [pid 6254] setpgid(0, 0 [pid 5077] <... openat resumed>) = 3 [pid 6253] <... openat resumed>) = 3 [pid 6254] <... setpgid resumed>) = 0 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6254] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6253] write(3, "1000", 4) = 4 [pid 6253] close(3 [pid 6255] chdir("./234" [pid 6254] <... openat resumed>) = 3 [pid 6253] <... close resumed>) = 0 [pid 6254] write(3, "1000", 4) = 4 [pid 6254] close(3 [pid 6255] <... chdir resumed>) = 0 [pid 6254] <... close resumed>) = 0 [pid 6253] symlink("/dev/binderfs", "./binderfs" [pid 6255] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6254] symlink("/dev/binderfs", "./binderfs" [pid 6255] <... prctl resumed>) = 0 [pid 6254] <... symlink resumed>) = 0 [pid 6253] <... symlink resumed>) = 0 [pid 6255] setpgid(0, 0) = 0 [pid 6255] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6254] memfd_create("syzkaller", 0 [pid 6253] memfd_create("syzkaller", 0 [pid 6254] <... memfd_create resumed>) = 3 [pid 6254] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6255] <... openat resumed>) = 3 [pid 6254] <... mmap resumed>) = 0x7f3feae00000 [pid 6253] <... memfd_create resumed>) = 3 [pid 6252] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6255] write(3, "1000", 4 [pid 6253] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6255] <... write resumed>) = 4 [pid 6255] close(3 [pid 6253] <... mmap resumed>) = 0x7f3feae00000 [pid 6255] <... close resumed>) = 0 [pid 6255] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6255] memfd_create("syzkaller", 0) = 3 [pid 6255] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5077] <... ioctl resumed>) = 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6256 ./strace-static-x86_64: Process 6256 attached [pid 6256] set_robust_list(0x555556d3f660, 24) = 0 [pid 6256] chdir("./232" [pid 6254] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6252] <... write resumed>) = 2097152 [pid 6256] <... chdir resumed>) = 0 [pid 6256] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6252] munmap(0x7f3feae00000, 138412032 [pid 6256] <... prctl resumed>) = 0 [pid 6252] <... munmap resumed>) = 0 [pid 6256] setpgid(0, 0) = 0 [pid 6256] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6256] write(3, "1000", 4) = 4 [pid 6256] close(3) = 0 [pid 6253] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6252] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6256] symlink("/dev/binderfs", "./binderfs" [pid 6252] <... openat resumed>) = 4 [pid 6256] <... symlink resumed>) = 0 [pid 6252] ioctl(4, LOOP_SET_FD, 3 [pid 6256] memfd_create("syzkaller", 0 [pid 6252] <... ioctl resumed>) = 0 [pid 6256] <... memfd_create resumed>) = 3 [pid 6256] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6255] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6252] close(3) = 0 [pid 6252] close(4) = 0 [pid 6252] mkdir("./file0", 0777) = 0 [pid 6252] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6253] <... write resumed>) = 2097152 [pid 6254] <... write resumed>) = 2097152 [pid 6254] munmap(0x7f3feae00000, 138412032 [ 245.002332][ T6252] loop3: detected capacity change from 0 to 4096 [ 245.040241][ T6252] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6253] munmap(0x7f3feae00000, 138412032 [pid 6254] <... munmap resumed>) = 0 [pid 6253] <... munmap resumed>) = 0 [pid 6255] <... write resumed>) = 2097152 [pid 6255] munmap(0x7f3feae00000, 138412032 [pid 6253] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6254] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6253] ioctl(4, LOOP_SET_FD, 3 [pid 6254] <... openat resumed>) = 4 [pid 6252] <... mount resumed>) = 0 [pid 6254] ioctl(4, LOOP_SET_FD, 3 [pid 6255] <... munmap resumed>) = 0 [pid 6253] <... ioctl resumed>) = 0 [pid 6255] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6253] close(3) = 0 [pid 6253] close(4 [pid 6256] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6253] <... close resumed>) = 0 [pid 6252] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6252] chdir("./file0") = 0 [pid 6252] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6252] exit_group(0) = ? [pid 6252] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6252, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 6253] mkdir("./file0", 0777 [pid 6255] <... openat resumed>) = 4 [pid 6255] ioctl(4, LOOP_SET_FD, 3 [pid 5079] umount2("./231", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./231", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6253] <... mkdir resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./231/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./231/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./231/binderfs") = 0 [pid 5079] umount2("./231/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6254] <... ioctl resumed>) = 0 [pid 6254] close(3) = 0 [pid 6254] close(4) = 0 [pid 6254] mkdir("./file0", 0777) = 0 [ 245.114908][ T6253] loop0: detected capacity change from 0 to 4096 [ 245.117899][ T6254] loop4: detected capacity change from 0 to 4096 [ 245.152355][ T6255] loop2: detected capacity change from 0 to 4096 [pid 6253] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6254] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6255] <... ioctl resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 6255] close(3) = 0 [pid 6255] close(4) = 0 [pid 6255] mkdir("./file0", 0777) = 0 [pid 6255] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5079] umount2("./231/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./231/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./231/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./231/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 6256] <... write resumed>) = 2097152 [ 245.166199][ T6253] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 245.180822][ T6254] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 245.197341][ T6255] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5079] rmdir("./231/file0" [pid 6256] munmap(0x7f3feae00000, 138412032) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./231" [pid 6256] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6254] <... mount resumed>) = 0 [pid 6253] <... mount resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 6256] <... openat resumed>) = 4 [pid 6254] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6256] ioctl(4, LOOP_SET_FD, 3 [pid 6254] <... openat resumed>) = 3 [pid 6253] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6254] chdir("./file0" [pid 5079] mkdir("./232", 0777 [pid 6255] <... mount resumed>) = 0 [pid 6253] <... openat resumed>) = 3 [pid 6255] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6253] chdir("./file0" [pid 5079] <... mkdir resumed>) = 0 [pid 6255] <... openat resumed>) = 3 [pid 6253] <... chdir resumed>) = 0 [pid 6256] <... ioctl resumed>) = 0 [pid 6254] <... chdir resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6256] close(3 [pid 6255] chdir("./file0" [pid 6254] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6253] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... openat resumed>) = 3 [pid 6256] <... close resumed>) = 0 [pid 6255] <... chdir resumed>) = 0 [pid 6254] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6256] close(4 [pid 6255] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6254] exit_group(0 [pid 6253] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6256] <... close resumed>) = 0 [pid 6255] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6254] <... exit_group resumed>) = ? [pid 6256] mkdir("./file0", 0777 [pid 6255] exit_group(0 [pid 6254] +++ exited with 0 +++ [pid 6253] exit_group(0 [pid 6256] <... mkdir resumed>) = 0 [pid 6253] <... exit_group resumed>) = ? [pid 6256] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6255] <... exit_group resumed>) = ? [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6254, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 6255] +++ exited with 0 +++ [pid 6253] +++ exited with 0 +++ [pid 5080] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6255, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6253, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5080] umount2("./230", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./230", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, [pid 5078] umount2("./234", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] umount2("./230/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] openat(AT_FDCWD, "./234", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... openat resumed>) = 3 [pid 5076] umount2("./229", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./229", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] newfstatat(AT_FDCWD, "./230/binderfs", [pid 5076] <... openat resumed>) = 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] newfstatat(3, "", [pid 5078] newfstatat(3, "", [pid 5080] unlink("./230/binderfs" [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... unlink resumed>) = 0 [pid 5076] getdents64(3, [pid 5080] umount2("./230/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] getdents64(3, [pid 5076] umount2("./229/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... umount2 resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] umount2("./234/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] newfstatat(AT_FDCWD, "./229/binderfs", [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] umount2("./230/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] unlink("./229/binderfs" [pid 5080] newfstatat(AT_FDCWD, "./230/file0", [pid 5078] newfstatat(AT_FDCWD, "./234/binderfs", [pid 5076] <... unlink resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./229/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] umount2("./230/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] unlink("./234/binderfs" [pid 5076] <... umount2 resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./230/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] <... unlink resumed>) = 0 [pid 5076] umount2("./229/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] umount2("./234/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] newfstatat(4, "", [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 245.269744][ T6256] loop1: detected capacity change from 0 to 4096 [ 245.304411][ T6256] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5076] newfstatat(AT_FDCWD, "./229/file0", [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] getdents64(4, [pid 5076] umount2("./229/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] getdents64(4, [pid 5076] openat(AT_FDCWD, "./229/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] close(4 [pid 5076] getdents64(4, [pid 5080] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] rmdir("./230/file0" [pid 5076] getdents64(4, [pid 5080] <... rmdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./229/file0") = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5080] getdents64(3, [pid 5076] close(3) = 0 [pid 5076] rmdir("./229" [pid 5078] umount2("./234/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... rmdir resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] mkdir("./230", 0777 [pid 5080] close(3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./230" [pid 5079] <... ioctl resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./234/file0", [pid 5079] close(3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5078] umount2("./234/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] mkdir("./231", 0777 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] <... mkdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./234/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] <... openat resumed>) = 4 [pid 5076] <... openat resumed>) = 3 [pid 5080] <... openat resumed>) = 3 [pid 5078] newfstatat(4, "", [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6258 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./234/file0") = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./234") = 0 ./strace-static-x86_64: Process 6258 attached [pid 6258] set_robust_list(0x555556d3f660, 24 [pid 6256] <... mount resumed>) = 0 [pid 6258] <... set_robust_list resumed>) = 0 [pid 6256] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] mkdir("./235", 0777 [pid 6258] chdir("./232") = 0 [pid 6258] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6258] setpgid(0, 0 [pid 6256] <... openat resumed>) = 3 [pid 5078] <... mkdir resumed>) = 0 [pid 6258] <... setpgid resumed>) = 0 [pid 6256] chdir("./file0" [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6258] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6256] <... chdir resumed>) = 0 [pid 6256] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] <... openat resumed>) = 3 [pid 6256] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6258] <... openat resumed>) = 3 [pid 6256] exit_group(0 [pid 5080] <... ioctl resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 6256] <... exit_group resumed>) = ? [pid 6258] write(3, "1000", 4) = 4 [pid 6258] close(3) = 0 [pid 6258] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6258] memfd_create("syzkaller", 0) = 3 [pid 6256] +++ exited with 0 +++ [pid 5080] close(3 [pid 5076] close(3 [pid 5080] <... close resumed>) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6256, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... close resumed>) = 0 [pid 6258] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] umount2("./232", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6259 attached [pid 6258] <... mmap resumed>) = 0x7f3feae00000 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./232", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6259] set_robust_list(0x555556d3f660, 24 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6259 [pid 5077] <... openat resumed>) = 3 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6260 [pid 5077] newfstatat(3, "", ./strace-static-x86_64: Process 6260 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6260] set_robust_list(0x555556d3f660, 24) = 0 [pid 5077] getdents64(3, [pid 6260] chdir("./230" [pid 6259] <... set_robust_list resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 6260] <... chdir resumed>) = 0 [pid 6259] chdir("./231" [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6260] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] umount2("./232/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6260] <... prctl resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6260] setpgid(0, 0 [pid 5077] newfstatat(AT_FDCWD, "./232/binderfs", [pid 6260] <... setpgid resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6260] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6259] <... chdir resumed>) = 0 [pid 5078] close(3 [pid 5077] unlink("./232/binderfs" [pid 6259] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] <... close resumed>) = 0 [pid 6259] <... prctl resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6260] <... openat resumed>) = 3 [pid 6259] setpgid(0, 0 [pid 6260] write(3, "1000", 4) = 4 [pid 6260] close(3) = 0 [pid 6259] <... setpgid resumed>) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6261 [pid 6260] symlink("/dev/binderfs", "./binderfs" [pid 6259] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 6261 attached ) = 3 [pid 6261] set_robust_list(0x555556d3f660, 24) = 0 [pid 6261] chdir("./235" [pid 6259] write(3, "1000", 4 [pid 6261] <... chdir resumed>) = 0 [pid 6261] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6259] <... write resumed>) = 4 [pid 6260] <... symlink resumed>) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 6260] memfd_create("syzkaller", 0 [pid 5077] umount2("./232/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6261] <... prctl resumed>) = 0 [pid 6259] close(3 [pid 5077] <... umount2 resumed>) = 0 [pid 6259] <... close resumed>) = 0 [pid 6261] setpgid(0, 0 [pid 6259] symlink("/dev/binderfs", "./binderfs" [pid 5077] umount2("./232/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6261] <... setpgid resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6261] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6260] <... memfd_create resumed>) = 3 [pid 6259] <... symlink resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./232/file0", [pid 6261] <... openat resumed>) = 3 [pid 6260] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6259] memfd_create("syzkaller", 0 [pid 6258] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6261] write(3, "1000", 4) = 4 [pid 5077] umount2("./232/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6261] close(3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6261] <... close resumed>) = 0 [pid 5077] openat(AT_FDCWD, "./232/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6261] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... openat resumed>) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6260] <... mmap resumed>) = 0x7f3feae00000 [pid 6261] <... symlink resumed>) = 0 [pid 6259] <... memfd_create resumed>) = 3 [pid 5077] getdents64(4, [pid 6261] memfd_create("syzkaller", 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6259] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] getdents64(4, [pid 6259] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./232/file0" [pid 6261] <... memfd_create resumed>) = 3 [pid 5077] <... rmdir resumed>) = 0 [pid 6261] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] getdents64(3, [pid 6261] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./232") = 0 [pid 5077] mkdir("./233", 0777) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6258] <... write resumed>) = 2097152 [pid 6258] munmap(0x7f3feae00000, 138412032) = 0 [pid 6260] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6258] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6258] ioctl(4, LOOP_SET_FD, 3 [pid 6261] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6259] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6258] <... ioctl resumed>) = 0 [pid 6258] close(3) = 0 [pid 6258] close(4 [pid 5077] <... ioctl resumed>) = 0 [pid 6258] <... close resumed>) = 0 [pid 6258] mkdir("./file0", 0777 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6258] <... mkdir resumed>) = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6262 [ 245.651701][ T6258] loop3: detected capacity change from 0 to 4096 ./strace-static-x86_64: Process 6262 attached [pid 6262] set_robust_list(0x555556d3f660, 24) = 0 [pid 6262] chdir("./233") = 0 [pid 6262] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6262] setpgid(0, 0) = 0 [pid 6262] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6258] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6262] <... openat resumed>) = 3 [pid 6262] write(3, "1000", 4) = 4 [pid 6262] close(3) = 0 [pid 6262] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6262] memfd_create("syzkaller", 0) = 3 [pid 6262] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6261] <... write resumed>) = 2097152 [pid 6260] <... write resumed>) = 2097152 [pid 6259] <... write resumed>) = 2097152 [pid 6260] munmap(0x7f3feae00000, 138412032) = 0 [ 245.731399][ T6258] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6260] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6261] munmap(0x7f3feae00000, 138412032 [pid 6260] <... openat resumed>) = 4 [pid 6259] munmap(0x7f3feae00000, 138412032 [pid 6260] ioctl(4, LOOP_SET_FD, 3 [pid 6259] <... munmap resumed>) = 0 [pid 6261] <... munmap resumed>) = 0 [pid 6260] <... ioctl resumed>) = 0 [pid 6261] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6260] close(3) = 0 [pid 6260] close(4) = 0 [pid 6261] <... openat resumed>) = 4 [pid 6260] mkdir("./file0", 0777 [pid 6259] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6261] ioctl(4, LOOP_SET_FD, 3 [pid 6260] <... mkdir resumed>) = 0 [pid 6259] <... openat resumed>) = 4 [pid 6259] ioctl(4, LOOP_SET_FD, 3 [ 245.792736][ T6260] loop0: detected capacity change from 0 to 4096 [ 245.823716][ T6261] loop2: detected capacity change from 0 to 4096 [ 245.824883][ T6259] loop4: detected capacity change from 0 to 4096 [pid 6260] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6262] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6261] <... ioctl resumed>) = 0 [pid 6258] <... mount resumed>) = 0 [pid 6259] <... ioctl resumed>) = 0 [pid 6261] close(3 [pid 6259] close(3 [pid 6258] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6261] <... close resumed>) = 0 [pid 6258] <... openat resumed>) = 3 [pid 6259] <... close resumed>) = 0 [pid 6261] close(4 [pid 6259] close(4 [pid 6258] chdir("./file0" [pid 6261] <... close resumed>) = 0 [pid 6259] <... close resumed>) = 0 [pid 6261] mkdir("./file0", 0777 [pid 6259] mkdir("./file0", 0777 [pid 6261] <... mkdir resumed>) = 0 [pid 6259] <... mkdir resumed>) = 0 [pid 6258] <... chdir resumed>) = 0 [pid 6258] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6258] exit_group(0) = ? [pid 6259] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [ 245.849150][ T6260] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6261] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6258] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6258, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5079] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5079] umount2("./232", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./232", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./232/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./232/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./232/binderfs") = 0 [pid 5079] umount2("./232/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 6260] <... mount resumed>) = 0 [pid 5079] umount2("./232/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 245.900443][ T6259] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 245.919281][ T6261] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5079] newfstatat(AT_FDCWD, "./232/file0", [pid 6260] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./232/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6260] <... openat resumed>) = 3 [pid 5079] openat(AT_FDCWD, "./232/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6260] chdir("./file0") = 0 [pid 5079] <... openat resumed>) = 4 [pid 6260] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] newfstatat(4, "", [pid 6260] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, [pid 6260] exit_group(0) = ? [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./232/file0") = 0 [pid 6260] +++ exited with 0 +++ [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6260, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5079] close(3) = 0 [pid 6262] <... write resumed>) = 2097152 [pid 5079] rmdir("./232") = 0 [pid 6262] munmap(0x7f3feae00000, 138412032 [pid 6259] <... mount resumed>) = 0 [pid 5079] mkdir("./233", 0777 [pid 6259] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] umount2("./230", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] <... mkdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./230", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6259] <... openat resumed>) = 3 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6259] chdir("./file0" [pid 5076] <... openat resumed>) = 3 [pid 6259] <... chdir resumed>) = 0 [pid 5076] newfstatat(3, "", [pid 6259] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5079] <... openat resumed>) = 3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6259] exit_group(0) = ? [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./230/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6259] +++ exited with 0 +++ [pid 6261] <... mount resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6261] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6259, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 6262] <... munmap resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./230/binderfs", [pid 6261] <... openat resumed>) = 3 [pid 5080] umount2("./231", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6261] chdir("./file0" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6261] <... chdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./231", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] unlink("./230/binderfs" [pid 6262] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6261] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] <... openat resumed>) = 3 [pid 5076] <... unlink resumed>) = 0 [pid 5080] newfstatat(3, "", [pid 6261] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] umount2("./230/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6262] <... openat resumed>) = 4 [pid 6262] ioctl(4, LOOP_SET_FD, 3 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./231/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./231/binderfs", [pid 5076] <... umount2 resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./231/binderfs") = 0 [pid 5080] umount2("./231/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6261] exit_group(0 [pid 6262] <... ioctl resumed>) = 0 [pid 6261] <... exit_group resumed>) = ? [pid 5076] umount2("./230/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6262] close(3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6262] <... close resumed>) = 0 [pid 5080] <... umount2 resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./230/file0", [pid 6262] close(4) = 0 [pid 5080] umount2("./231/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6262] mkdir("./file0", 0777 [pid 5076] umount2("./230/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6261] +++ exited with 0 +++ [pid 5080] newfstatat(AT_FDCWD, "./231/file0", [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./230/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 246.059109][ T6262] loop1: detected capacity change from 0 to 4096 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6261, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5076] getdents64(4, [pid 6262] <... mkdir resumed>) = 0 [pid 5080] umount2("./231/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6262] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] getdents64(4, [pid 5080] openat(AT_FDCWD, "./231/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] umount2("./235", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] <... openat resumed>) = 4 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] close(4 [pid 5080] newfstatat(4, "", [pid 5078] openat(AT_FDCWD, "./235", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... close resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5080] getdents64(4, [pid 5078] newfstatat(3, "", [pid 5076] rmdir("./230/file0" [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5080] getdents64(4, [pid 5078] getdents64(3, [pid 5076] getdents64(3, [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(4 [pid 5078] umount2("./235/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] close(3 [pid 5080] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] rmdir("./231/file0" [pid 5078] newfstatat(AT_FDCWD, "./235/binderfs", [pid 5076] <... close resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] rmdir("./230" [pid 5080] getdents64(3, [pid 5078] unlink("./235/binderfs" [pid 5076] <... rmdir resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5080] close(3 [pid 5079] <... ioctl resumed>) = 0 [pid 5076] mkdir("./231", 0777 [pid 5080] <... close resumed>) = 0 [pid 5078] umount2("./235/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... mkdir resumed>) = 0 [pid 5080] rmdir("./231") = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5080] mkdir("./232", 0777) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5078] <... umount2 resumed>) = 0 [pid 5080] ioctl(3, LOOP_CLR_FD) = 0 [pid 5079] close(3 [pid 5080] close(3) = 0 [ 246.103262][ T6262] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] umount2("./235/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6262] <... mount resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6263 attached [pid 6262] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6263 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6264 [pid 5078] newfstatat(AT_FDCWD, "./235/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./235/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./235/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 ./strace-static-x86_64: Process 6264 attached [pid 6262] <... openat resumed>) = 3 [pid 5078] newfstatat(4, "", [pid 6264] set_robust_list(0x555556d3f660, 24 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6264] <... set_robust_list resumed>) = 0 [pid 5078] getdents64(4, [pid 6263] set_robust_list(0x555556d3f660, 24 [pid 6262] chdir("./file0" [pid 6264] chdir("./233" [pid 6263] <... set_robust_list resumed>) = 0 [pid 6262] <... chdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6264] <... chdir resumed>) = 0 [pid 5078] getdents64(4, [pid 6264] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6264] <... prctl resumed>) = 0 [pid 5078] close(4 [pid 6264] setpgid(0, 0 [pid 5078] <... close resumed>) = 0 [pid 6264] <... setpgid resumed>) = 0 [pid 6263] chdir("./232" [pid 6262] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] rmdir("./235/file0" [pid 6264] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6263] <... chdir resumed>) = 0 [pid 6262] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... rmdir resumed>) = 0 [pid 6264] <... openat resumed>) = 3 [pid 6263] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6262] exit_group(0 [pid 5078] getdents64(3, [pid 6264] write(3, "1000", 4 [pid 6263] <... prctl resumed>) = 0 [pid 6262] <... exit_group resumed>) = ? [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6264] <... write resumed>) = 4 [pid 5078] close(3 [pid 6264] close(3 [pid 6263] setpgid(0, 0 [pid 6262] +++ exited with 0 +++ [pid 5078] <... close resumed>) = 0 [pid 6263] <... setpgid resumed>) = 0 [pid 6264] <... close resumed>) = 0 [pid 5078] rmdir("./235" [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6262, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=8 /* 0.08 s */} --- [pid 6264] symlink("/dev/binderfs", "./binderfs" [pid 6263] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] <... rmdir resumed>) = 0 [pid 6264] <... symlink resumed>) = 0 [pid 6264] memfd_create("syzkaller", 0 [pid 6263] <... openat resumed>) = 3 [pid 5077] umount2("./233", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6263] write(3, "1000", 4 [pid 5078] mkdir("./236", 0777 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6263] <... write resumed>) = 4 [pid 5078] <... mkdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "./233", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6263] close(3 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] <... openat resumed>) = 3 [pid 6263] <... close resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5077] newfstatat(3, "", [pid 6264] <... memfd_create resumed>) = 3 [pid 6264] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6264] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6263] symlink("/dev/binderfs", "./binderfs" [pid 5077] umount2("./233/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6263] <... symlink resumed>) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./233/binderfs", [pid 6263] memfd_create("syzkaller", 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6263] <... memfd_create resumed>) = 3 [pid 5076] <... ioctl resumed>) = 0 [pid 6263] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] close(3 [pid 5077] unlink("./233/binderfs" [pid 5076] <... close resumed>) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] umount2("./233/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6265 attached [pid 6263] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] umount2("./233/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6265 [pid 6265] set_robust_list(0x555556d3f660, 24 [pid 5077] newfstatat(AT_FDCWD, "./233/file0", [pid 6265] <... set_robust_list resumed>) = 0 [pid 6265] chdir("./231" [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./233/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6265] <... chdir resumed>) = 0 [pid 6265] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./233/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6265] <... prctl resumed>) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5077] newfstatat(4, "", [pid 6265] setpgid(0, 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6265] <... setpgid resumed>) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, [pid 6265] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4 [pid 6265] <... openat resumed>) = 3 [pid 5077] <... close resumed>) = 0 [pid 6265] write(3, "1000", 4 [pid 5077] rmdir("./233/file0" [pid 6265] <... write resumed>) = 4 [pid 6265] close(3 [pid 5077] <... rmdir resumed>) = 0 [pid 6265] <... close resumed>) = 0 [pid 5077] getdents64(3, [pid 6265] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./233" [pid 6265] <... symlink resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5077] mkdir("./234", 0777 [pid 6265] memfd_create("syzkaller", 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 6265] <... memfd_create resumed>) = 3 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6265] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6264] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... openat resumed>) = 3 [pid 6265] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5078] close(3) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6267 attached , child_tidptr=0x555556d3f650) = 6267 [pid 6267] set_robust_list(0x555556d3f660, 24) = 0 [pid 6267] chdir("./236") = 0 [pid 6267] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6267] setpgid(0, 0) = 0 [pid 6267] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6263] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6267] <... openat resumed>) = 3 [pid 6267] write(3, "1000", 4) = 4 [pid 6267] close(3 [pid 6265] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... ioctl resumed>) = 0 [pid 6267] <... close resumed>) = 0 [pid 6267] symlink("/dev/binderfs", "./binderfs" [pid 5077] close(3 [pid 6267] <... symlink resumed>) = 0 [pid 6264] <... write resumed>) = 2097152 [pid 6267] memfd_create("syzkaller", 0 [pid 5077] <... close resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6264] munmap(0x7f3feae00000, 138412032) = 0 ./strace-static-x86_64: Process 6268 attached [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6268 [pid 6268] set_robust_list(0x555556d3f660, 24 [pid 6267] <... memfd_create resumed>) = 3 [pid 6267] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6268] <... set_robust_list resumed>) = 0 [pid 6267] <... mmap resumed>) = 0x7f3feae00000 [pid 6268] chdir("./234") = 0 [pid 6268] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6264] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6268] <... prctl resumed>) = 0 [pid 6264] ioctl(4, LOOP_SET_FD, 3 [pid 6268] setpgid(0, 0) = 0 [pid 6268] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6268] write(3, "1000", 4 [pid 6264] <... ioctl resumed>) = 0 [pid 6263] <... write resumed>) = 2097152 [pid 6268] <... write resumed>) = 4 [pid 6268] close(3) = 0 [pid 6264] close(3 [pid 6268] symlink("/dev/binderfs", "./binderfs" [pid 6265] <... write resumed>) = 2097152 [pid 6264] <... close resumed>) = 0 [pid 6268] <... symlink resumed>) = 0 [pid 6268] memfd_create("syzkaller", 0 [pid 6264] close(4) = 0 [pid 6263] munmap(0x7f3feae00000, 138412032 [pid 6264] mkdir("./file0", 0777) = 0 [pid 6265] munmap(0x7f3feae00000, 138412032 [pid 6264] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6268] <... memfd_create resumed>) = 3 [ 246.472776][ T6264] loop3: detected capacity change from 0 to 4096 [pid 6265] <... munmap resumed>) = 0 [pid 6268] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6267] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6263] <... munmap resumed>) = 0 [pid 6263] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6263] ioctl(4, LOOP_SET_FD, 3 [pid 6268] <... mmap resumed>) = 0x7f3feae00000 [pid 6265] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6265] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6265] close(3 [pid 6263] <... ioctl resumed>) = 0 [pid 6265] <... close resumed>) = 0 [ 246.528916][ T6264] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 246.545247][ T6263] loop4: detected capacity change from 0 to 4096 [ 246.561739][ T6265] loop0: detected capacity change from 0 to 4096 [pid 6263] close(3 [pid 6265] close(4 [pid 6263] <... close resumed>) = 0 [pid 6265] <... close resumed>) = 0 [pid 6263] close(4 [pid 6265] mkdir("./file0", 0777 [pid 6263] <... close resumed>) = 0 [pid 6265] <... mkdir resumed>) = 0 [pid 6263] mkdir("./file0", 0777 [pid 6265] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6263] <... mkdir resumed>) = 0 [pid 6263] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6267] <... write resumed>) = 2097152 [pid 6268] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6267] munmap(0x7f3feae00000, 138412032 [pid 6264] <... mount resumed>) = 0 [pid 6264] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6267] <... munmap resumed>) = 0 [pid 6264] <... openat resumed>) = 3 [pid 6264] chdir("./file0") = 0 [pid 6264] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6264] exit_group(0) = ? [pid 6267] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 246.599778][ T6265] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 246.609995][ T6263] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6267] ioctl(4, LOOP_SET_FD, 3 [pid 6264] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6264, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 6267] <... ioctl resumed>) = 0 [pid 5079] umount2("./233", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6267] close(3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6267] <... close resumed>) = 0 [pid 6267] close(4 [pid 6268] <... write resumed>) = 2097152 [pid 6267] <... close resumed>) = 0 [pid 6267] mkdir("./file0", 0777 [pid 5079] openat(AT_FDCWD, "./233", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, [pid 6267] <... mkdir resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./233/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6267] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6268] munmap(0x7f3feae00000, 138412032 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6268] <... munmap resumed>) = 0 [pid 6268] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 246.661014][ T6267] loop2: detected capacity change from 0 to 4096 [ 246.696449][ T6267] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6268] ioctl(4, LOOP_SET_FD, 3 [pid 5079] newfstatat(AT_FDCWD, "./233/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./233/binderfs") = 0 [pid 5079] umount2("./233/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6268] <... ioctl resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 6268] close(3) = 0 [pid 6268] close(4) = 0 [pid 6268] mkdir("./file0", 0777 [pid 5079] umount2("./233/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6268] <... mkdir resumed>) = 0 [pid 6265] <... mount resumed>) = 0 [pid 6263] <... mount resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6268] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5079] newfstatat(AT_FDCWD, "./233/file0", [pid 6265] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [ 246.704517][ T6268] loop1: detected capacity change from 0 to 4096 [pid 6263] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6265] <... openat resumed>) = 3 [pid 6263] <... openat resumed>) = 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6267] <... mount resumed>) = 0 [pid 5079] umount2("./233/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6265] chdir("./file0" [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6263] chdir("./file0" [pid 5079] openat(AT_FDCWD, "./233/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6265] <... chdir resumed>) = 0 [pid 6263] <... chdir resumed>) = 0 [pid 5079] <... openat resumed>) = 4 [pid 6267] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] newfstatat(4, "", [pid 6265] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, [pid 6263] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6265] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6267] <... openat resumed>) = 3 [pid 6267] chdir("./file0" [pid 6265] exit_group(0 [pid 6263] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6265] <... exit_group resumed>) = ? [pid 6263] exit_group(0 [pid 6267] <... chdir resumed>) = 0 [pid 6263] <... exit_group resumed>) = ? [pid 5079] getdents64(4, [pid 6267] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6263] +++ exited with 0 +++ [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6267] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6265] +++ exited with 0 +++ [pid 5079] close(4 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6263, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=9 /* 0.09 s */} --- [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6265, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./233/file0") = 0 [pid 5076] umount2("./231", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6267] exit_group(0 [pid 5079] getdents64(3, [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] openat(AT_FDCWD, "./231", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] close(3 [pid 5076] newfstatat(3, "", [pid 5079] <... close resumed>) = 0 [pid 5080] umount2("./232", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] rmdir("./233" [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 246.770132][ T6268] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6267] <... exit_group resumed>) = ? [pid 5080] openat(AT_FDCWD, "./232", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, [pid 6267] +++ exited with 0 +++ [pid 5080] <... openat resumed>) = 3 [pid 5079] mkdir("./234", 0777 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] newfstatat(3, "", [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6267, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] umount2("./231/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... mkdir resumed>) = 0 [pid 5080] getdents64(3, [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./231/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] <... openat resumed>) = 3 [pid 5078] umount2("./236", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] unlink("./231/binderfs" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] umount2("./232/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] openat(AT_FDCWD, "./236", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... unlink resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... openat resumed>) = 3 [pid 5076] umount2("./231/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] newfstatat(AT_FDCWD, "./232/binderfs", [pid 5078] newfstatat(3, "", [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./232/binderfs" [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5078] getdents64(3, [pid 5076] umount2("./231/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... unlink resumed>) = 0 [pid 6268] <... mount resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6268] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] umount2("./232/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] umount2("./236/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] newfstatat(AT_FDCWD, "./231/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./231/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] newfstatat(AT_FDCWD, "./236/binderfs", [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] openat(AT_FDCWD, "./231/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6268] <... openat resumed>) = 3 [pid 5080] <... umount2 resumed>) = 0 [pid 5078] unlink("./236/binderfs" [pid 5076] <... openat resumed>) = 4 [pid 6268] chdir("./file0" [pid 5080] umount2("./232/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6268] <... chdir resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... unlink resumed>) = 0 [pid 5076] newfstatat(4, "", [pid 6268] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6268] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] getdents64(4, [pid 6268] exit_group(0 [pid 5078] umount2("./236/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] newfstatat(AT_FDCWD, "./232/file0", [pid 6268] <... exit_group resumed>) = ? [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] getdents64(4, [pid 5080] umount2("./232/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6268] +++ exited with 0 +++ [pid 5080] openat(AT_FDCWD, "./232/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... close resumed>) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6268, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5076] rmdir("./231/file0" [pid 5078] <... umount2 resumed>) = 0 [pid 5080] <... openat resumed>) = 4 [pid 5076] <... rmdir resumed>) = 0 [pid 5080] newfstatat(4, "", [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] close(3 [pid 5080] getdents64(4, [pid 5077] umount2("./234", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... close resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] umount2("./236/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] rmdir("./231" [pid 5080] getdents64(4, [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./234", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... rmdir resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5078] newfstatat(AT_FDCWD, "./236/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] newfstatat(3, "", [pid 5078] umount2("./236/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] getdents64(3, [pid 5076] mkdir("./232", 0777 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] openat(AT_FDCWD, "./236/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] close(4 [pid 5078] <... openat resumed>) = 4 [pid 5080] <... close resumed>) = 0 [pid 5078] newfstatat(4, "", [pid 5077] umount2("./234/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... mkdir resumed>) = 0 [pid 5080] rmdir("./232/file0" [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./234/binderfs", [pid 5080] <... rmdir resumed>) = 0 [pid 5078] getdents64(4, [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] unlink("./234/binderfs" [pid 5076] <... openat resumed>) = 3 [pid 5080] close(3 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5078] close(4) = 0 [pid 5078] rmdir("./236/file0" [pid 5079] <... ioctl resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5077] umount2("./234/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] rmdir("./232") = 0 [pid 5079] close(3 [pid 5080] mkdir("./233", 0777 [pid 5079] <... close resumed>) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... umount2 resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./236" [pid 5077] umount2("./234/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] <... rmdir resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./234/file0", [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] mkdir("./237", 0777 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6269 [pid 5080] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 6269 attached [pid 5078] <... mkdir resumed>) = 0 [pid 5077] umount2("./234/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6269] set_robust_list(0x555556d3f660, 24) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... openat resumed>) = 3 [pid 5077] openat(AT_FDCWD, "./234/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6269] chdir("./234") = 0 [pid 5077] <... openat resumed>) = 4 [pid 6269] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6269] setpgid(0, 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5077] newfstatat(4, "", [pid 6269] <... setpgid resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6269] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./234/file0") = 0 [pid 6269] <... openat resumed>) = 3 [pid 6269] write(3, "1000", 4 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./234") = 0 [pid 5077] mkdir("./235", 0777) = 0 [pid 6269] <... write resumed>) = 4 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6269] close(3) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6269] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6269] memfd_create("syzkaller", 0 [pid 5076] <... ioctl resumed>) = 0 [pid 6269] <... memfd_create resumed>) = 3 [pid 5080] <... ioctl resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 6269] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] close(3 [pid 6269] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] close(3 [pid 5076] close(3 [pid 5078] <... close resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6270 attached [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6270 ./strace-static-x86_64: Process 6271 attached [pid 6270] set_robust_list(0x555556d3f660, 24 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6271 [pid 6270] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 6272 attached [pid 6271] set_robust_list(0x555556d3f660, 24 [pid 6270] chdir("./237" [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6272 [pid 6271] <... set_robust_list resumed>) = 0 [pid 6272] set_robust_list(0x555556d3f660, 24 [pid 6270] <... chdir resumed>) = 0 [pid 6272] <... set_robust_list resumed>) = 0 [pid 6270] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6271] chdir("./232" [pid 6272] chdir("./233" [pid 6270] <... prctl resumed>) = 0 [pid 6271] <... chdir resumed>) = 0 [pid 6272] <... chdir resumed>) = 0 [pid 6270] setpgid(0, 0 [pid 6271] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6270] <... setpgid resumed>) = 0 [pid 6271] <... prctl resumed>) = 0 [pid 6270] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6271] setpgid(0, 0 [pid 6272] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6270] <... openat resumed>) = 3 [pid 6271] <... setpgid resumed>) = 0 [pid 6272] <... prctl resumed>) = 0 [pid 6270] write(3, "1000", 4 [pid 6271] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6272] setpgid(0, 0 [pid 6270] <... write resumed>) = 4 [pid 6271] <... openat resumed>) = 3 [pid 6272] <... setpgid resumed>) = 0 [pid 6270] close(3 [pid 6271] write(3, "1000", 4 [pid 6270] <... close resumed>) = 0 [pid 6271] <... write resumed>) = 4 [pid 6272] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6270] symlink("/dev/binderfs", "./binderfs" [pid 6271] close(3 [pid 6272] <... openat resumed>) = 3 [pid 6270] <... symlink resumed>) = 0 [pid 6271] <... close resumed>) = 0 [pid 6272] write(3, "1000", 4 [pid 6270] memfd_create("syzkaller", 0 [pid 6271] symlink("/dev/binderfs", "./binderfs" [pid 6272] <... write resumed>) = 4 [pid 6271] <... symlink resumed>) = 0 [pid 6272] close(3 [pid 5077] <... ioctl resumed>) = 0 [pid 6271] memfd_create("syzkaller", 0 [pid 6270] <... memfd_create resumed>) = 3 [pid 6270] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6272] <... close resumed>) = 0 [pid 6269] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6271] <... memfd_create resumed>) = 3 [pid 6271] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6272] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6272] memfd_create("syzkaller", 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6272] <... memfd_create resumed>) = 3 [pid 6272] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 6273 attached [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6273 [pid 6273] set_robust_list(0x555556d3f660, 24 [pid 6272] <... mmap resumed>) = 0x7f3feae00000 [pid 6273] <... set_robust_list resumed>) = 0 [pid 6273] chdir("./235") = 0 [pid 6273] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6273] setpgid(0, 0) = 0 [pid 6273] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6270] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6273] <... openat resumed>) = 3 [pid 6273] write(3, "1000", 4) = 4 [pid 6271] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6273] close(3 [pid 6269] <... write resumed>) = 2097152 [pid 6269] munmap(0x7f3feae00000, 138412032 [pid 6273] <... close resumed>) = 0 [pid 6273] symlink("/dev/binderfs", "./binderfs" [pid 6269] <... munmap resumed>) = 0 [pid 6273] <... symlink resumed>) = 0 [pid 6273] memfd_create("syzkaller", 0) = 3 [pid 6273] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6269] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6273] <... mmap resumed>) = 0x7f3feae00000 [pid 6272] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6269] <... openat resumed>) = 4 [pid 6269] ioctl(4, LOOP_SET_FD, 3 [pid 6270] <... write resumed>) = 2097152 [pid 6270] munmap(0x7f3feae00000, 138412032 [pid 6271] <... write resumed>) = 2097152 [pid 6271] munmap(0x7f3feae00000, 138412032 [pid 6270] <... munmap resumed>) = 0 [pid 6269] <... ioctl resumed>) = 0 [pid 6269] close(3 [pid 6271] <... munmap resumed>) = 0 [pid 6269] <... close resumed>) = 0 [pid 6269] close(4 [pid 6271] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6269] <... close resumed>) = 0 [pid 6269] mkdir("./file0", 0777 [pid 6270] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6271] <... openat resumed>) = 4 [pid 6271] ioctl(4, LOOP_SET_FD, 3 [pid 6270] <... openat resumed>) = 4 [pid 6270] ioctl(4, LOOP_SET_FD, 3 [pid 6269] <... mkdir resumed>) = 0 [pid 6270] <... ioctl resumed>) = 0 [pid 6270] close(3) = 0 [pid 6270] close(4) = 0 [pid 6270] mkdir("./file0", 0777) = 0 [pid 6271] <... ioctl resumed>) = 0 [pid 6272] <... write resumed>) = 2097152 [pid 6269] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [ 247.268829][ T6269] loop3: detected capacity change from 0 to 4096 [ 247.305005][ T6270] loop2: detected capacity change from 0 to 4096 [ 247.305038][ T6271] loop0: detected capacity change from 0 to 4096 [pid 6271] close(3 [pid 6270] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6271] <... close resumed>) = 0 [pid 6273] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6271] close(4 [pid 6272] munmap(0x7f3feae00000, 138412032 [pid 6271] <... close resumed>) = 0 [pid 6271] mkdir("./file0", 0777 [pid 6272] <... munmap resumed>) = 0 [pid 6271] <... mkdir resumed>) = 0 [ 247.341186][ T6269] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 247.358583][ T6270] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6271] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6272] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6272] ioctl(4, LOOP_SET_FD, 3 [pid 6269] <... mount resumed>) = 0 [ 247.383880][ T6271] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6269] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6269] chdir("./file0") = 0 [pid 6269] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6272] <... ioctl resumed>) = 0 [pid 6269] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6272] close(3 [pid 6269] exit_group(0) = ? [pid 6269] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6269, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5079] umount2("./234", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./234", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", [pid 6272] <... close resumed>) = 0 [pid 6272] close(4 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6273] <... write resumed>) = 2097152 [pid 6271] <... mount resumed>) = 0 [pid 6272] <... close resumed>) = 0 [pid 5079] getdents64(3, [pid 6272] mkdir("./file0", 0777 [pid 6271] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6272] <... mkdir resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6271] <... openat resumed>) = 3 [pid 5079] umount2("./234/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6271] chdir("./file0" [pid 6272] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./234/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 247.417815][ T6272] loop4: detected capacity change from 0 to 4096 [pid 5079] unlink("./234/binderfs") = 0 [pid 6273] munmap(0x7f3feae00000, 138412032) = 0 [pid 6273] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6271] <... chdir resumed>) = 0 [pid 6271] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] umount2("./234/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6271] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6271] exit_group(0 [pid 6273] ioctl(4, LOOP_SET_FD, 3 [pid 6271] <... exit_group resumed>) = ? [pid 5079] <... umount2 resumed>) = 0 [pid 6271] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6271, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5076] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5079] umount2("./234/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] umount2("./232", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./232", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] newfstatat(AT_FDCWD, "./234/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5079] umount2("./234/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] newfstatat(3, "", [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, [pid 5079] openat(AT_FDCWD, "./234/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] <... openat resumed>) = 4 [pid 5076] umount2("./232/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./232/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./232/binderfs" [pid 5079] newfstatat(4, "", [pid 5076] <... unlink resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] umount2("./232/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6270] <... mount resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 6270] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6270] chdir("./file0" [pid 5076] umount2("./232/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6273] <... ioctl resumed>) = 0 [pid 6270] <... chdir resumed>) = 0 [pid 6273] close(3 [pid 6270] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6273] <... close resumed>) = 0 [pid 6270] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] newfstatat(AT_FDCWD, "./232/file0", [pid 6273] close(4 [pid 5079] getdents64(4, [pid 6273] <... close resumed>) = 0 [pid 6270] exit_group(0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [ 247.484065][ T6272] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 247.498228][ T6273] loop1: detected capacity change from 0 to 4096 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6273] mkdir("./file0", 0777 [pid 6270] <... exit_group resumed>) = ? [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4 [pid 6273] <... mkdir resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./234/file0") = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3 [pid 6273] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5079] <... close resumed>) = 0 [pid 5076] umount2("./232/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] rmdir("./234" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./232/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... rmdir resumed>) = 0 [pid 5076] <... openat resumed>) = 4 [pid 6270] +++ exited with 0 +++ [pid 5076] newfstatat(4, "", [pid 5079] mkdir("./235", 0777 [pid 6272] <... mount resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6272] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6272] <... openat resumed>) = 3 [pid 5079] <... openat resumed>) = 3 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6270, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5076] getdents64(4, [pid 6272] chdir("./file0" [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6272] <... chdir resumed>) = 0 [pid 5078] restart_syscall(<... resuming interrupted clone ...> [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6272] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] <... restart_syscall resumed>) = 0 [pid 5076] getdents64(4, [pid 6272] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6272] exit_group(0) = ? [pid 5076] close(4 [pid 5078] umount2("./237", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] rmdir("./232/file0" [pid 5078] openat(AT_FDCWD, "./237", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... rmdir resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5078] newfstatat(3, "", [pid 5076] getdents64(3, [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] getdents64(3, [pid 5076] close(3 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... close resumed>) = 0 [pid 5078] umount2("./237/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] rmdir("./232" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6272] +++ exited with 0 +++ [pid 5076] <... rmdir resumed>) = 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6272, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5078] newfstatat(AT_FDCWD, "./237/binderfs", [pid 5076] mkdir("./233", 0777 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5078] unlink("./237/binderfs" [pid 5080] umount2("./233", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... unlink resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] umount2("./237/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 3 [pid 5080] openat(AT_FDCWD, "./233", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5080] <... openat resumed>) = 3 [pid 5078] <... umount2 resumed>) = 0 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./233/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] umount2("./237/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] newfstatat(AT_FDCWD, "./233/binderfs", [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] newfstatat(AT_FDCWD, "./237/file0", [pid 5080] unlink("./233/binderfs") = 0 [ 247.562969][ T6273] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./237/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] umount2("./233/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./237/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, [pid 5080] <... umount2 resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5080] umount2("./233/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... ioctl resumed>) = 0 [pid 5078] rmdir("./237/file0" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... rmdir resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./233/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./233/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] openat(AT_FDCWD, "./233/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] close(3 [pid 5080] <... openat resumed>) = 4 [pid 5078] <... close resumed>) = 0 [pid 5080] newfstatat(4, "", [pid 5078] rmdir("./237" [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5080] getdents64(4, [pid 5078] mkdir("./238", 0777 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] close(3 [pid 5078] <... mkdir resumed>) = 0 [pid 5080] getdents64(4, [pid 5079] <... close resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5080] close(4 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./233/file0") = 0 ./strace-static-x86_64: Process 6274 attached [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6274 [pid 6274] set_robust_list(0x555556d3f660, 24) = 0 [pid 5080] getdents64(3, [pid 6274] chdir("./235") = 0 [pid 6274] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6274] <... prctl resumed>) = 0 [pid 5080] close(3 [pid 6274] setpgid(0, 0 [pid 5080] <... close resumed>) = 0 [pid 6274] <... setpgid resumed>) = 0 [pid 5080] rmdir("./233" [pid 6274] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... rmdir resumed>) = 0 [pid 6274] <... openat resumed>) = 3 [pid 6274] write(3, "1000", 4) = 4 [pid 6273] <... mount resumed>) = 0 [pid 5080] mkdir("./234", 0777 [pid 5076] <... ioctl resumed>) = 0 [pid 6274] close(3 [pid 5080] <... mkdir resumed>) = 0 [pid 5076] close(3 [pid 6274] <... close resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 6273] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6273] chdir("./file0" [pid 5080] <... openat resumed>) = 3 [pid 6273] <... chdir resumed>) = 0 [pid 6273] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6274] symlink("/dev/binderfs", "./binderfs" [pid 6273] <... openat resumed>) = -1 EBUSY (Device or resource busy) ./strace-static-x86_64: Process 6275 attached [pid 6274] <... symlink resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6275 [pid 6273] exit_group(0 [pid 6275] set_robust_list(0x555556d3f660, 24) = 0 [pid 6275] chdir("./233" [pid 6274] memfd_create("syzkaller", 0 [pid 6273] <... exit_group resumed>) = ? [pid 6273] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6273, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 6275] <... chdir resumed>) = 0 [pid 6275] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6274] <... memfd_create resumed>) = 3 [pid 5077] umount2("./235", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6274] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6275] <... prctl resumed>) = 0 [pid 6274] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] openat(AT_FDCWD, "./235", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6275] setpgid(0, 0 [pid 5077] <... openat resumed>) = 3 [pid 5077] newfstatat(3, "", [pid 6275] <... setpgid resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6275] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] getdents64(3, [pid 6275] <... openat resumed>) = 3 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6275] write(3, "1000", 4 [pid 5077] umount2("./235/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6275] <... write resumed>) = 4 [pid 5078] <... ioctl resumed>) = 0 [pid 6275] close(3) = 0 [pid 5078] close(3 [pid 6275] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... close resumed>) = 0 [pid 6275] <... symlink resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./235/binderfs", [pid 6275] memfd_create("syzkaller", 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./235/binderfs" [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... unlink resumed>) = 0 [pid 5077] umount2("./235/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6276 [pid 6275] <... memfd_create resumed>) = 3 [pid 6275] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 ./strace-static-x86_64: Process 6276 attached [pid 6276] set_robust_list(0x555556d3f660, 24) = 0 [pid 6276] chdir("./238") = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 6276] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6276] setpgid(0, 0) = 0 [pid 6276] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6276] write(3, "1000", 4) = 4 [pid 6276] close(3) = 0 [pid 6276] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6276] memfd_create("syzkaller", 0 [pid 5077] umount2("./235/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6276] <... memfd_create resumed>) = 3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6276] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] newfstatat(AT_FDCWD, "./235/file0", [pid 6276] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./235/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./235/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... ioctl resumed>) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, [pid 6274] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] close(3 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 ./strace-static-x86_64: Process 6277 attached [pid 6275] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] rmdir("./235/file0" [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6277 [pid 5077] <... rmdir resumed>) = 0 [pid 6277] set_robust_list(0x555556d3f660, 24) = 0 [pid 5077] getdents64(3, [pid 6277] chdir("./234" [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3 [pid 6277] <... chdir resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 6277] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5077] rmdir("./235" [pid 6277] setpgid(0, 0) = 0 [pid 6277] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] <... rmdir resumed>) = 0 [pid 6277] <... openat resumed>) = 3 [pid 6277] write(3, "1000", 4) = 4 [pid 5077] mkdir("./236", 0777 [pid 6277] close(3) = 0 [pid 6277] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... mkdir resumed>) = 0 [pid 6277] <... symlink resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 6277] memfd_create("syzkaller", 0 [pid 6274] <... write resumed>) = 2097152 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6276] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6274] munmap(0x7f3feae00000, 138412032 [pid 6277] <... memfd_create resumed>) = 3 [pid 6277] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6275] <... write resumed>) = 2097152 [pid 6275] munmap(0x7f3feae00000, 138412032) = 0 [pid 6274] <... munmap resumed>) = 0 [pid 6274] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6275] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6274] ioctl(4, LOOP_SET_FD, 3 [pid 6275] <... openat resumed>) = 4 [pid 6275] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6275] close(3 [pid 6276] <... write resumed>) = 2097152 [pid 6275] <... close resumed>) = 0 [pid 6275] close(4 [pid 6274] <... ioctl resumed>) = 0 [pid 6275] <... close resumed>) = 0 [pid 6275] mkdir("./file0", 0777 [pid 6274] close(3) = 0 [pid 6274] close(4 [pid 6275] <... mkdir resumed>) = 0 [pid 6274] <... close resumed>) = 0 [ 247.956410][ T6274] loop3: detected capacity change from 0 to 4096 [ 247.971626][ T6275] loop0: detected capacity change from 0 to 4096 [pid 6277] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6275] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6274] mkdir("./file0", 0777) = 0 [pid 6276] munmap(0x7f3feae00000, 138412032) = 0 [pid 6274] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5077] <... ioctl resumed>) = 0 [pid 6276] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5077] close(3 [pid 6276] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... close resumed>) = 0 [pid 6276] <... ioctl resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6278 ./strace-static-x86_64: Process 6278 attached [pid 6278] set_robust_list(0x555556d3f660, 24 [pid 6276] close(3 [pid 6278] <... set_robust_list resumed>) = 0 [pid 6278] chdir("./236") = 0 [pid 6278] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6276] <... close resumed>) = 0 [pid 6278] setpgid(0, 0 [pid 6276] close(4 [pid 6278] <... setpgid resumed>) = 0 [pid 6276] <... close resumed>) = 0 [pid 6275] <... mount resumed>) = 0 [pid 6278] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6276] mkdir("./file0", 0777 [pid 6275] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6278] <... openat resumed>) = 3 [pid 6275] <... openat resumed>) = 3 [ 248.014675][ T6275] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 248.028895][ T6274] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 248.040411][ T6276] loop2: detected capacity change from 0 to 4096 [pid 6275] chdir("./file0" [pid 6278] write(3, "1000", 4 [pid 6277] <... write resumed>) = 2097152 [pid 6276] <... mkdir resumed>) = 0 [pid 6275] <... chdir resumed>) = 0 [pid 6278] <... write resumed>) = 4 [pid 6276] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6278] close(3 [pid 6277] munmap(0x7f3feae00000, 138412032 [pid 6275] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6278] <... close resumed>) = 0 [pid 6278] symlink("/dev/binderfs", "./binderfs" [pid 6275] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6274] <... mount resumed>) = 0 [pid 6278] <... symlink resumed>) = 0 [pid 6275] exit_group(0 [pid 6274] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6274] chdir("./file0") = 0 [pid 6274] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6274] exit_group(0) = ? [pid 6278] memfd_create("syzkaller", 0 [pid 6277] <... munmap resumed>) = 0 [pid 6275] <... exit_group resumed>) = ? [pid 6277] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6278] <... memfd_create resumed>) = 3 [pid 6277] ioctl(4, LOOP_SET_FD, 3 [pid 6275] +++ exited with 0 +++ [pid 6274] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6274, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6275, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5079] umount2("./235", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./235", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6278] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] <... openat resumed>) = 3 [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 6278] <... mmap resumed>) = 0x7f3feae00000 [pid 5079] newfstatat(3, "", [pid 5076] <... restart_syscall resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./235/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6277] <... ioctl resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./233", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6277] close(3 [pid 5079] newfstatat(AT_FDCWD, "./235/binderfs", [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] openat(AT_FDCWD, "./233", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6277] <... close resumed>) = 0 [pid 5079] unlink("./235/binderfs" [pid 5076] <... openat resumed>) = 3 [pid 6277] close(4 [pid 5076] newfstatat(3, "", [pid 6277] <... close resumed>) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] umount2("./235/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, [pid 6277] mkdir("./file0", 0777 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6277] <... mkdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5076] umount2("./233/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] umount2("./235/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] newfstatat(AT_FDCWD, "./233/binderfs", [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./235/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6277] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./235/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 248.112120][ T6276] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 248.140585][ T6277] loop4: detected capacity change from 0 to 4096 [pid 5076] unlink("./233/binderfs" [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... unlink resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./235/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] umount2("./233/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... openat resumed>) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./235/file0") = 0 [pid 5079] getdents64(3, [pid 5076] <... umount2 resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./235") = 0 [pid 5076] umount2("./233/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] mkdir("./236", 0777 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... mkdir resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./233/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./233/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5076] openat(AT_FDCWD, "./233/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6276] <... mount resumed>) = 0 [pid 6276] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... ioctl resumed>) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5079] close(3 [pid 5076] newfstatat(4, "", [pid 6276] <... openat resumed>) = 3 [pid 5079] <... close resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6276] chdir("./file0") = 0 [pid 5076] getdents64(4, [pid 6276] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 6279 attached [pid 6276] exit_group(0 [pid 5076] getdents64(4, [pid 6276] <... exit_group resumed>) = ? [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6279 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [ 248.193454][ T6277] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6279] set_robust_list(0x555556d3f660, 24 [pid 6276] +++ exited with 0 +++ [pid 5076] <... close resumed>) = 0 [pid 6279] <... set_robust_list resumed>) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6276, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=7 /* 0.07 s */} --- [pid 6279] chdir("./236" [pid 5076] rmdir("./233/file0" [pid 6279] <... chdir resumed>) = 0 [pid 6279] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] umount2("./238", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... rmdir resumed>) = 0 [pid 6279] <... prctl resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] getdents64(3, [pid 6279] setpgid(0, 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6279] <... setpgid resumed>) = 0 [pid 5076] close(3 [pid 6279] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] openat(AT_FDCWD, "./238", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] <... close resumed>) = 0 [pid 6279] <... openat resumed>) = 3 [pid 5076] rmdir("./233" [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... rmdir resumed>) = 0 [pid 6279] write(3, "1000", 4 [pid 5078] umount2("./238/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6279] <... write resumed>) = 4 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] mkdir("./234", 0777 [pid 6279] close(3 [pid 5078] newfstatat(AT_FDCWD, "./238/binderfs", [pid 6279] <... close resumed>) = 0 [pid 6279] symlink("/dev/binderfs", "./binderfs" [pid 6277] <... mount resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6279] <... symlink resumed>) = 0 [pid 5078] unlink("./238/binderfs") = 0 [pid 6277] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] umount2("./238/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... mkdir resumed>) = 0 [pid 6277] <... openat resumed>) = 3 [pid 6279] memfd_create("syzkaller", 0 [pid 6278] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6277] chdir("./file0" [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6279] <... memfd_create resumed>) = 3 [pid 6277] <... chdir resumed>) = 0 [pid 6277] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6279] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... openat resumed>) = 3 [pid 6279] <... mmap resumed>) = 0x7f3feae00000 [pid 6277] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6277] exit_group(0) = ? [pid 5078] <... umount2 resumed>) = 0 [pid 6277] +++ exited with 0 +++ [pid 5078] umount2("./238/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6277, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5080] umount2("./234", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./238/file0", [pid 5080] openat(AT_FDCWD, "./234", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] umount2("./238/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] getdents64(3, [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./238/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] <... openat resumed>) = 4 [pid 5080] umount2("./234/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] newfstatat(4, "", [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./234/binderfs", [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./234/binderfs") = 0 [pid 5080] umount2("./234/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] getdents64(4, [pid 5080] <... umount2 resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] umount2("./234/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6278] <... write resumed>) = 2097152 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] getdents64(4, [pid 5080] newfstatat(AT_FDCWD, "./234/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./234/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6278] munmap(0x7f3feae00000, 138412032 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5080] openat(AT_FDCWD, "./234/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] rmdir("./238/file0" [pid 5080] <... openat resumed>) = 4 [pid 5078] <... rmdir resumed>) = 0 [pid 5080] newfstatat(4, "", [pid 5078] getdents64(3, [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5078] close(3 [pid 5080] rmdir("./234/file0") = 0 [pid 5080] getdents64(3, [pid 5078] <... close resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3 [pid 5078] rmdir("./238" [pid 5080] <... close resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 6278] <... munmap resumed>) = 0 [pid 5080] rmdir("./234" [pid 6278] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5080] <... rmdir resumed>) = 0 [pid 6278] ioctl(4, LOOP_SET_FD, 3 [pid 5078] mkdir("./239", 0777 [pid 5080] mkdir("./235", 0777) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6279] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] close(3 [pid 5078] <... openat resumed>) = 3 [pid 5076] <... close resumed>) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6280 ./strace-static-x86_64: Process 6280 attached [pid 6280] set_robust_list(0x555556d3f660, 24) = 0 [pid 6280] chdir("./234" [pid 6278] <... ioctl resumed>) = 0 [pid 6278] close(3 [pid 6280] <... chdir resumed>) = 0 [pid 6278] <... close resumed>) = 0 [pid 6280] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6278] close(4 [pid 6280] setpgid(0, 0 [pid 6278] <... close resumed>) = 0 [pid 6280] <... setpgid resumed>) = 0 [pid 6278] mkdir("./file0", 0777 [pid 6280] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6278] <... mkdir resumed>) = 0 [ 248.393016][ T6278] loop1: detected capacity change from 0 to 4096 [pid 6278] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6280] write(3, "1000", 4) = 4 [pid 6280] close(3) = 0 [pid 6280] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6279] <... write resumed>) = 2097152 [pid 6280] memfd_create("syzkaller", 0) = 3 [pid 6280] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6279] munmap(0x7f3feae00000, 138412032 [pid 5080] <... ioctl resumed>) = 0 [pid 5080] close(3) = 0 [ 248.439275][ T6278] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6279] <... munmap resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6281 [pid 5078] close(3./strace-static-x86_64: Process 6281 attached [pid 6281] set_robust_list(0x555556d3f660, 24) = 0 [pid 6281] chdir("./235" [pid 5078] <... close resumed>) = 0 [pid 6281] <... chdir resumed>) = 0 [pid 6281] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6281] setpgid(0, 0) = 0 [pid 6281] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6279] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6278] <... mount resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6281] <... openat resumed>) = 3 [pid 6281] write(3, "1000", 4) = 4 [pid 6281] close(3) = 0 [pid 6281] symlink("/dev/binderfs", "./binderfs") = 0 ./strace-static-x86_64: Process 6282 attached [pid 6281] memfd_create("syzkaller", 0 [pid 6279] <... openat resumed>) = 4 [pid 6278] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6282] set_robust_list(0x555556d3f660, 24 [pid 6279] ioctl(4, LOOP_SET_FD, 3 [pid 6282] <... set_robust_list resumed>) = 0 [pid 6278] <... openat resumed>) = 3 [pid 6282] chdir("./239" [pid 6278] chdir("./file0" [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6282 [pid 6282] <... chdir resumed>) = 0 [pid 6278] <... chdir resumed>) = 0 [pid 6282] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6279] <... ioctl resumed>) = 0 [pid 6278] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6279] close(3 [pid 6282] <... prctl resumed>) = 0 [pid 6281] <... memfd_create resumed>) = 3 [pid 6279] <... close resumed>) = 0 [pid 6278] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6282] setpgid(0, 0 [pid 6281] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6280] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6279] close(4 [pid 6278] exit_group(0 [pid 6282] <... setpgid resumed>) = 0 [pid 6281] <... mmap resumed>) = 0x7f3feae00000 [pid 6278] <... exit_group resumed>) = ? [pid 6282] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6279] <... close resumed>) = 0 [pid 6278] +++ exited with 0 +++ [pid 6279] mkdir("./file0", 0777 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6278, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=8 /* 0.08 s */} --- [pid 6282] <... openat resumed>) = 3 [pid 6279] <... mkdir resumed>) = 0 [pid 5077] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6282] write(3, "1000", 4) = 4 [pid 5077] umount2("./236", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6282] close(3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6282] <... close resumed>) = 0 [pid 5077] openat(AT_FDCWD, "./236", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6282] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... openat resumed>) = 3 [pid 6282] <... symlink resumed>) = 0 [ 248.542813][ T6279] loop3: detected capacity change from 0 to 4096 [pid 6279] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5077] newfstatat(3, "", [pid 6282] memfd_create("syzkaller", 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6282] <... memfd_create resumed>) = 3 [pid 5077] umount2("./236/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6282] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6282] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] newfstatat(AT_FDCWD, "./236/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./236/binderfs") = 0 [pid 5077] umount2("./236/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5077] umount2("./236/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./236/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./236/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./236/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6280] <... write resumed>) = 2097152 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [ 248.593232][ T6279] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5077] close(4 [pid 6280] munmap(0x7f3feae00000, 138412032 [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./236/file0") = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3 [pid 6281] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6280] <... munmap resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./236") = 0 [pid 6280] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5077] mkdir("./237", 0777 [pid 6280] <... openat resumed>) = 4 [pid 6280] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... mkdir resumed>) = 0 [pid 6282] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6279] <... mount resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6280] <... ioctl resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6280] close(3 [pid 6281] <... write resumed>) = 2097152 [pid 6280] <... close resumed>) = 0 [pid 6279] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6280] close(4 [pid 6279] <... openat resumed>) = 3 [pid 6281] munmap(0x7f3feae00000, 138412032 [pid 6280] <... close resumed>) = 0 [pid 6280] mkdir("./file0", 0777 [pid 6279] chdir("./file0") = 0 [pid 6279] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6280] <... mkdir resumed>) = 0 [pid 6279] exit_group(0) = ? [pid 6280] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6279] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6279, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [ 248.684513][ T6280] loop0: detected capacity change from 0 to 4096 [pid 6281] <... munmap resumed>) = 0 [pid 6281] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] umount2("./236", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./236", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6281] <... openat resumed>) = 4 [pid 6281] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... openat resumed>) = 3 [pid 6282] <... write resumed>) = 2097152 [pid 6281] <... ioctl resumed>) = 0 [pid 6282] munmap(0x7f3feae00000, 138412032 [pid 6281] close(3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6281] <... close resumed>) = 0 [pid 6281] close(4 [pid 5079] umount2("./236/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6281] <... close resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6281] mkdir("./file0", 0777 [pid 5079] newfstatat(AT_FDCWD, "./236/binderfs", [pid 6281] <... mkdir resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 248.729368][ T6280] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 248.750341][ T6281] loop4: detected capacity change from 0 to 4096 [pid 6281] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5079] unlink("./236/binderfs" [pid 6280] <... mount resumed>) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 6282] <... munmap resumed>) = 0 [pid 6280] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6282] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6280] <... openat resumed>) = 3 [pid 6282] <... openat resumed>) = 4 [pid 6280] chdir("./file0") = 0 [pid 6282] ioctl(4, LOOP_SET_FD, 3 [pid 6280] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] umount2("./236/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6280] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6280] exit_group(0) = ? [pid 6280] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6280, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=7 /* 0.07 s */} --- [pid 5076] umount2("./234", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./234", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", [pid 5079] <... umount2 resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] umount2("./236/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./234/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./234/binderfs", [pid 5079] newfstatat(AT_FDCWD, "./236/file0", [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./234/binderfs" [pid 5079] umount2("./236/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] <... unlink resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./236/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... ioctl resumed>) = 0 [pid 5076] umount2("./234/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... openat resumed>) = 4 [pid 5077] close(3 [pid 5079] newfstatat(4, "", [pid 5077] <... close resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6283 attached [pid 5079] getdents64(4, [pid 5076] <... umount2 resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6283 [pid 5076] umount2("./234/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6283] set_robust_list(0x555556d3f660, 24 [pid 5079] getdents64(4, [pid 6283] <... set_robust_list resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6283] chdir("./237" [pid 6282] <... ioctl resumed>) = 0 [pid 5079] close(4 [pid 5076] newfstatat(AT_FDCWD, "./234/file0", [pid 6282] close(3 [pid 5079] <... close resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6282] <... close resumed>) = 0 [pid 5079] rmdir("./236/file0" [pid 6282] close(4 [pid 5076] umount2("./234/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6282] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6283] <... chdir resumed>) = 0 [ 248.793426][ T6281] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 248.802486][ T6282] loop2: detected capacity change from 0 to 4096 [pid 6282] mkdir("./file0", 0777 [pid 5079] <... rmdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./234/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6283] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6282] <... mkdir resumed>) = 0 [pid 5076] <... openat resumed>) = 4 [pid 6283] <... prctl resumed>) = 0 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6282] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5076] getdents64(4, [pid 6283] setpgid(0, 0 [pid 5079] getdents64(3, [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6283] <... setpgid resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6283] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] close(3 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5079] <... close resumed>) = 0 [pid 6283] <... openat resumed>) = 3 [pid 5079] rmdir("./236" [pid 6283] write(3, "1000", 4 [pid 5076] rmdir("./234/file0" [pid 6283] <... write resumed>) = 4 [pid 5079] <... rmdir resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 6283] close(3) = 0 [pid 5079] mkdir("./237", 0777 [pid 5076] getdents64(3, [pid 6283] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6283] memfd_create("syzkaller", 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./234" [pid 5079] <... mkdir resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5076] mkdir("./235", 0777 [pid 6283] <... memfd_create resumed>) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6283] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... mkdir resumed>) = 0 [pid 6283] <... mmap resumed>) = 0x7f3feae00000 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 248.859787][ T6282] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6281] <... mount resumed>) = 0 [pid 6281] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6281] chdir("./file0") = 0 [pid 6281] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5079] <... ioctl resumed>) = 0 [pid 6281] exit_group(0 [pid 6282] <... mount resumed>) = 0 [pid 6281] <... exit_group resumed>) = ? [pid 6282] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6282] chdir("./file0") = 0 [pid 6282] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6282] exit_group(0) = ? [pid 6282] +++ exited with 0 +++ [pid 6281] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6281, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6282, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5078] umount2("./239", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] umount2("./235", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./235", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] openat(AT_FDCWD, "./239", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... openat resumed>) = 3 [pid 5078] <... openat resumed>) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] newfstatat(3, "", [pid 5080] getdents64(3, [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./239/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] umount2("./235/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./239/binderfs", [pid 5080] newfstatat(AT_FDCWD, "./235/binderfs", [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./239/binderfs" [pid 6283] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 5080] unlink("./235/binderfs" [pid 5079] close(3 [pid 5078] umount2("./239/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... unlink resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... umount2 resumed>) = 0 [pid 5078] umount2("./239/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./239/file0", ./strace-static-x86_64: Process 6284 attached [pid 5080] umount2("./235/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6284] set_robust_list(0x555556d3f660, 24 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6284 [pid 5078] umount2("./239/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6284] <... set_robust_list resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./239/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", [pid 6284] chdir("./237" [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] close(3 [pid 6284] <... chdir resumed>) = 0 [pid 5078] getdents64(4, [pid 5076] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6284] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] <... umount2 resumed>) = 0 [pid 6284] <... prctl resumed>) = 0 [pid 5078] getdents64(4, [pid 6284] setpgid(0, 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6284] <... setpgid resumed>) = 0 [pid 5080] umount2("./235/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] close(4./strace-static-x86_64: Process 6285 attached [pid 6284] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... close resumed>) = 0 [pid 6285] set_robust_list(0x555556d3f660, 24 [pid 5078] rmdir("./239/file0" [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6285 [pid 6285] <... set_robust_list resumed>) = 0 [pid 6284] <... openat resumed>) = 3 [pid 5080] newfstatat(AT_FDCWD, "./235/file0", [pid 5078] <... rmdir resumed>) = 0 [pid 6285] chdir("./235" [pid 6284] write(3, "1000", 4 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6284] <... write resumed>) = 4 [pid 5080] umount2("./235/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6285] <... chdir resumed>) = 0 [pid 6284] close(3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6285] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] openat(AT_FDCWD, "./235/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] getdents64(3, [pid 6285] <... prctl resumed>) = 0 [pid 6284] <... close resumed>) = 0 [pid 5080] <... openat resumed>) = 4 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] newfstatat(4, "", [pid 6285] setpgid(0, 0 [pid 6284] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] close(3 [pid 6285] <... setpgid resumed>) = 0 [pid 5080] getdents64(4, [pid 5078] <... close resumed>) = 0 [pid 6285] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6284] <... symlink resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] rmdir("./239" [pid 5080] getdents64(4, [pid 6285] <... openat resumed>) = 3 [pid 6284] memfd_create("syzkaller", 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6285] write(3, "1000", 4 [pid 5078] mkdir("./240", 0777 [pid 6285] <... write resumed>) = 4 [pid 5078] <... mkdir resumed>) = 0 [pid 6285] close(3 [pid 5080] close(4) = 0 [pid 5080] rmdir("./235/file0" [pid 6285] <... close resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6285] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... rmdir resumed>) = 0 [pid 6285] <... symlink resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5080] getdents64(3, [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6285] memfd_create("syzkaller", 0 [pid 6284] <... memfd_create resumed>) = 3 [pid 5080] close(3) = 0 [pid 5080] rmdir("./235") = 0 [pid 6285] <... memfd_create resumed>) = 3 [pid 6284] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6285] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6284] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] mkdir("./236", 0777) = 0 [pid 6283] <... write resumed>) = 2097152 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6284] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6283] munmap(0x7f3feae00000, 138412032 [pid 6285] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6283] <... munmap resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 6283] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] close(3) = 0 [pid 6283] <... openat resumed>) = 4 [pid 6283] ioctl(4, LOOP_SET_FD, 3 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6286 attached , child_tidptr=0x555556d3f650) = 6286 [pid 6286] set_robust_list(0x555556d3f660, 24 [pid 6283] <... ioctl resumed>) = 0 [pid 6286] <... set_robust_list resumed>) = 0 [pid 6284] <... write resumed>) = 2097152 [pid 6283] close(3 [pid 6286] chdir("./240" [pid 6284] munmap(0x7f3feae00000, 138412032 [pid 6283] <... close resumed>) = 0 [pid 6286] <... chdir resumed>) = 0 [pid 6286] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6285] <... write resumed>) = 2097152 [pid 6284] <... munmap resumed>) = 0 [pid 6283] close(4 [pid 5080] <... ioctl resumed>) = 0 [pid 6286] setpgid(0, 0 [pid 6283] <... close resumed>) = 0 [pid 6286] <... setpgid resumed>) = 0 [pid 6284] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] close(3 [pid 6286] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6284] <... openat resumed>) = 4 [pid 5080] <... close resumed>) = 0 [ 249.179026][ T6283] loop1: detected capacity change from 0 to 4096 [pid 6284] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6286] <... openat resumed>) = 3 [pid 6285] munmap(0x7f3feae00000, 138412032 [pid 6284] close(3 [pid 6283] mkdir("./file0", 0777 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6286] write(3, "1000", 4 [pid 6284] <... close resumed>) = 0 [pid 6284] close(4 [pid 6286] <... write resumed>) = 4 [pid 6284] <... close resumed>) = 0 [pid 6284] mkdir("./file0", 0777 [pid 6286] close(3) = 0 [pid 6283] <... mkdir resumed>) = 0 [pid 6286] symlink("/dev/binderfs", "./binderfs") = 0 ./strace-static-x86_64: Process 6287 attached [pid 6286] memfd_create("syzkaller", 0 [pid 6285] <... munmap resumed>) = 0 [pid 6284] <... mkdir resumed>) = 0 [pid 6283] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6286] <... memfd_create resumed>) = 3 [pid 6284] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6287] set_robust_list(0x555556d3f660, 24 [pid 6286] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [ 249.222549][ T6284] loop3: detected capacity change from 0 to 4096 [ 249.260163][ T6283] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6285] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6287 [pid 6287] <... set_robust_list resumed>) = 0 [pid 6286] <... mmap resumed>) = 0x7f3feae00000 [pid 6285] <... openat resumed>) = 4 [pid 6287] chdir("./236" [pid 6285] ioctl(4, LOOP_SET_FD, 3 [pid 6287] <... chdir resumed>) = 0 [pid 6285] <... ioctl resumed>) = 0 [pid 6287] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6287] setpgid(0, 0) = 0 [pid 6287] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6287] write(3, "1000", 4) = 4 [pid 6287] close(3) = 0 [pid 6287] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6285] close(3) = 0 [pid 6285] close(4) = 0 [pid 6285] mkdir("./file0", 0777) = 0 [pid 6287] memfd_create("syzkaller", 0) = 3 [pid 6287] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [ 249.261349][ T6284] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 249.280657][ T6285] loop0: detected capacity change from 0 to 4096 [pid 6285] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6287] <... mmap resumed>) = 0x7f3feae00000 [pid 6283] <... mount resumed>) = 0 [pid 6283] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6284] <... mount resumed>) = 0 [pid 6283] chdir("./file0") = 0 [pid 6283] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6284] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6284] chdir("./file0") = 0 [pid 6284] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6284] exit_group(0 [pid 6283] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 249.330799][ T6285] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6284] <... exit_group resumed>) = ? [pid 6283] exit_group(0) = ? [pid 6284] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6284, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5079] umount2("./237", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./237", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", [pid 6283] +++ exited with 0 +++ [pid 6286] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6283, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5077] umount2("./237", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6285] <... mount resumed>) = 0 [pid 5079] getdents64(3, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] openat(AT_FDCWD, "./237", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6285] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] umount2("./237/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... openat resumed>) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] getdents64(3, [pid 5079] newfstatat(AT_FDCWD, "./237/binderfs", [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./237/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6285] <... openat resumed>) = 3 [pid 5079] unlink("./237/binderfs" [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./237/binderfs", [pid 5079] <... unlink resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6285] chdir("./file0" [pid 5079] umount2("./237/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6285] <... chdir resumed>) = 0 [pid 5077] unlink("./237/binderfs") = 0 [pid 6285] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... umount2 resumed>) = 0 [pid 5077] umount2("./237/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6285] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] umount2("./237/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6287] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6285] exit_group(0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6285] <... exit_group resumed>) = ? [pid 5079] newfstatat(AT_FDCWD, "./237/file0", [pid 5077] <... umount2 resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./237/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] umount2("./237/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./237/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./237/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./237/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6286] <... write resumed>) = 2097152 [pid 6285] +++ exited with 0 +++ [pid 5079] <... openat resumed>) = 4 [pid 5077] openat(AT_FDCWD, "./237/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] newfstatat(4, "", [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6285, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=4 /* 0.04 s */} --- [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5079] getdents64(4, [pid 5077] newfstatat(4, "", [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, [pid 5077] getdents64(4, [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, [pid 5079] <... close resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] rmdir("./237/file0" [pid 5077] close(4 [pid 5076] umount2("./235", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... close resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5077] rmdir("./237/file0" [pid 6286] munmap(0x7f3feae00000, 138412032 [pid 5079] getdents64(3, [pid 5077] <... rmdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] getdents64(3, [pid 5076] openat(AT_FDCWD, "./235", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] close(3 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6286] <... munmap resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5077] close(3 [pid 5076] <... openat resumed>) = 3 [pid 5079] rmdir("./237" [pid 5076] newfstatat(3, "", [pid 5077] <... close resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] rmdir("./237" [pid 5076] getdents64(3, [pid 5079] <... rmdir resumed>) = 0 [pid 5079] mkdir("./238", 0777 [pid 5077] <... rmdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] mkdir("./238", 0777 [pid 5079] <... mkdir resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5076] umount2("./235/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... openat resumed>) = 3 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] newfstatat(AT_FDCWD, "./235/binderfs", [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5077] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6286] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] unlink("./235/binderfs" [pid 6286] <... openat resumed>) = 4 [pid 6286] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... unlink resumed>) = 0 [pid 6287] <... write resumed>) = 2097152 [pid 6287] munmap(0x7f3feae00000, 138412032 [pid 5076] umount2("./235/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6287] <... munmap resumed>) = 0 [pid 6287] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6286] <... ioctl resumed>) = 0 [pid 6287] <... openat resumed>) = 4 [pid 6286] close(3 [pid 6287] ioctl(4, LOOP_SET_FD, 3 [pid 6286] <... close resumed>) = 0 [pid 6286] close(4) = 0 [pid 6286] mkdir("./file0", 0777) = 0 [pid 6287] <... ioctl resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 6287] close(3) = 0 [pid 6286] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6287] close(4 [pid 5076] umount2("./235/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6287] <... close resumed>) = 0 [pid 6287] mkdir("./file0", 0777) = 0 [pid 5076] newfstatat(AT_FDCWD, "./235/file0", [pid 6287] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 249.517842][ T6286] loop2: detected capacity change from 0 to 4096 [ 249.527415][ T6287] loop4: detected capacity change from 0 to 4096 [pid 5079] <... ioctl resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5076] umount2("./235/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] close(3) = 0 [pid 5077] close(3 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] openat(AT_FDCWD, "./235/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] getdents64(4, [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./235/file0") = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6288 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 6288 attached [pid 6288] set_robust_list(0x555556d3f660, 24 [pid 5076] close(3 [pid 6288] <... set_robust_list resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./235"./strace-static-x86_64: Process 6289 attached [pid 6289] set_robust_list(0x555556d3f660, 24 [pid 5076] <... rmdir resumed>) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6289 [pid 6288] chdir("./238" [pid 6289] <... set_robust_list resumed>) = 0 [pid 6288] <... chdir resumed>) = 0 [pid 6289] chdir("./238" [pid 6288] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5076] mkdir("./236", 0777 [ 249.558316][ T6286] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 249.567679][ T6287] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6288] setpgid(0, 0) = 0 [pid 6289] <... chdir resumed>) = 0 [pid 6289] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6289] setpgid(0, 0) = 0 [pid 6289] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6289] write(3, "1000", 4 [pid 6288] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] <... mkdir resumed>) = 0 [pid 6289] <... write resumed>) = 4 [pid 6289] close(3 [pid 6288] <... openat resumed>) = 3 [pid 6288] write(3, "1000", 4 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6289] <... close resumed>) = 0 [pid 6289] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5076] <... openat resumed>) = 3 [pid 6288] <... write resumed>) = 4 [pid 6288] close(3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6289] memfd_create("syzkaller", 0 [pid 6288] <... close resumed>) = 0 [pid 6288] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6286] <... mount resumed>) = 0 [pid 6288] memfd_create("syzkaller", 0 [pid 6286] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6288] <... memfd_create resumed>) = 3 [pid 6289] <... memfd_create resumed>) = 3 [pid 6286] <... openat resumed>) = 3 [pid 6289] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6286] chdir("./file0" [pid 6289] <... mmap resumed>) = 0x7f3feae00000 [pid 6286] <... chdir resumed>) = 0 [pid 6288] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6286] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6288] <... mmap resumed>) = 0x7f3feae00000 [pid 6286] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6286] exit_group(0 [pid 6287] <... mount resumed>) = 0 [pid 6286] <... exit_group resumed>) = ? [pid 6287] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6286] +++ exited with 0 +++ [pid 5076] <... ioctl resumed>) = 0 [pid 6287] chdir("./file0" [pid 5076] close(3 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6286, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5078] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5076] <... close resumed>) = 0 [pid 6287] <... chdir resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] umount2("./240", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./240", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6287] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] newfstatat(3, "", [pid 6287] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6290 ./strace-static-x86_64: Process 6290 attached [pid 6287] exit_group(0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6287] <... exit_group resumed>) = ? [pid 5078] umount2("./240/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6290] set_robust_list(0x555556d3f660, 24 [pid 6287] +++ exited with 0 +++ [pid 6290] <... set_robust_list resumed>) = 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6287, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=8 /* 0.08 s */} --- [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./240/binderfs", [pid 6290] chdir("./236") = 0 [pid 5080] umount2("./236", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6290] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6288] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] unlink("./240/binderfs" [pid 6290] <... prctl resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./236", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] umount2("./240/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... openat resumed>) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, [pid 5078] <... umount2 resumed>) = 0 [pid 6290] setpgid(0, 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6290] <... setpgid resumed>) = 0 [pid 6290] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] umount2("./236/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./236/binderfs", [pid 6290] <... openat resumed>) = 3 [pid 5078] umount2("./240/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6290] write(3, "1000", 4 [pid 5078] newfstatat(AT_FDCWD, "./240/file0", [pid 6290] <... write resumed>) = 4 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6290] close(3 [pid 5078] umount2("./240/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6290] <... close resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6290] symlink("/dev/binderfs", "./binderfs" [pid 5078] openat(AT_FDCWD, "./240/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6290] <... symlink resumed>) = 0 [pid 6289] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] unlink("./236/binderfs" [pid 5078] <... openat resumed>) = 4 [pid 6290] memfd_create("syzkaller", 0 [pid 5078] newfstatat(4, "", [pid 5080] <... unlink resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6290] <... memfd_create resumed>) = 3 [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6290] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5080] umount2("./236/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./240/file0") = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3 [pid 5080] <... umount2 resumed>) = 0 [pid 5080] umount2("./236/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] <... close resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./236/file0", [pid 5078] rmdir("./240" [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./236/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... rmdir resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6288] <... write resumed>) = 2097152 [pid 5080] openat(AT_FDCWD, "./236/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] mkdir("./241", 0777) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5080] <... openat resumed>) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6288] munmap(0x7f3feae00000, 138412032 [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 6290] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6289] <... write resumed>) = 2097152 [pid 6288] <... munmap resumed>) = 0 [pid 5080] rmdir("./236/file0" [pid 6289] munmap(0x7f3feae00000, 138412032 [pid 6288] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... rmdir resumed>) = 0 [pid 6288] <... openat resumed>) = 4 [pid 6288] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5080] getdents64(3, [pid 6289] <... munmap resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./236") = 0 [pid 6289] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 249.861727][ T6288] loop1: detected capacity change from 0 to 4096 [pid 6289] ioctl(4, LOOP_SET_FD, 3 [pid 6290] <... write resumed>) = 2097152 [pid 6288] close(3 [pid 5080] mkdir("./237", 0777 [pid 5078] <... ioctl resumed>) = 0 [pid 5078] close(3) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6291 attached [pid 6290] munmap(0x7f3feae00000, 138412032 [pid 6289] <... ioctl resumed>) = 0 [pid 6288] <... close resumed>) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 6288] close(4 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6289] close(3 [pid 6288] <... close resumed>) = 0 [pid 6291] set_robust_list(0x555556d3f660, 24 [pid 6289] <... close resumed>) = 0 [pid 6288] mkdir("./file0", 0777 [pid 5080] <... openat resumed>) = 3 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6291 [pid 6291] <... set_robust_list resumed>) = 0 [pid 6291] chdir("./241" [pid 6288] <... mkdir resumed>) = 0 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6291] <... chdir resumed>) = 0 [pid 6289] close(4 [pid 6288] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6291] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6289] <... close resumed>) = 0 [pid 6289] mkdir("./file0", 0777 [pid 6291] <... prctl resumed>) = 0 [pid 6291] setpgid(0, 0) = 0 [ 249.906144][ T6289] loop3: detected capacity change from 0 to 4096 [ 249.935270][ T6288] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6291] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6289] <... mkdir resumed>) = 0 [pid 6291] <... openat resumed>) = 3 [pid 6290] <... munmap resumed>) = 0 [pid 6291] write(3, "1000", 4 [pid 6290] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6291] <... write resumed>) = 4 [pid 6290] <... openat resumed>) = 4 [pid 6291] close(3) = 0 [pid 6290] ioctl(4, LOOP_SET_FD, 3 [pid 6291] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6291] memfd_create("syzkaller", 0 [pid 6290] <... ioctl resumed>) = 0 [pid 6289] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6291] <... memfd_create resumed>) = 3 [pid 6291] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6290] close(3) = 0 [pid 6290] close(4) = 0 [pid 6290] mkdir("./file0", 0777) = 0 [ 249.949935][ T6290] loop0: detected capacity change from 0 to 4096 [ 249.970739][ T6289] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6290] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6288] <... mount resumed>) = 0 [pid 6288] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6288] chdir("./file0") = 0 [pid 6288] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6288] exit_group(0) = ? [pid 6288] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6288, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5077] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5077] umount2("./238", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./238", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, [pid 5080] close(3 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] <... close resumed>) = 0 [pid 5077] umount2("./238/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./238/binderfs", [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6292 attached [pid 6292] set_robust_list(0x555556d3f660, 24 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6292 [pid 5077] unlink("./238/binderfs" [pid 6292] <... set_robust_list resumed>) = 0 [ 250.013310][ T6290] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6292] chdir("./237" [pid 5077] <... unlink resumed>) = 0 [pid 6292] <... chdir resumed>) = 0 [pid 5077] umount2("./238/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6292] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] <... umount2 resumed>) = 0 [pid 6292] <... prctl resumed>) = 0 [pid 6292] setpgid(0, 0 [pid 6291] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] umount2("./238/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6292] <... setpgid resumed>) = 0 [pid 6292] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./238/file0", [pid 6292] <... openat resumed>) = 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./238/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./238/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6292] write(3, "1000", 4 [pid 5077] <... openat resumed>) = 4 [pid 6292] <... write resumed>) = 4 [pid 5077] newfstatat(4, "", [pid 6289] <... mount resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6292] close(3 [pid 6289] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6292] <... close resumed>) = 0 [pid 5077] getdents64(4, [pid 6292] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6292] <... symlink resumed>) = 0 [pid 6289] <... openat resumed>) = 3 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6289] chdir("./file0") = 0 [pid 5077] close(4 [pid 6289] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... close resumed>) = 0 [pid 6292] memfd_create("syzkaller", 0 [pid 6289] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] rmdir("./238/file0" [pid 6292] <... memfd_create resumed>) = 3 [pid 6289] exit_group(0 [pid 5077] <... rmdir resumed>) = 0 [pid 5077] getdents64(3, [pid 6289] <... exit_group resumed>) = ? [pid 6292] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./238" [pid 6292] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] <... rmdir resumed>) = 0 [pid 5077] mkdir("./239", 0777) = 0 [pid 6289] +++ exited with 0 +++ [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6291] <... write resumed>) = 2097152 [pid 5077] <... openat resumed>) = 3 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6289, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5079] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5079] umount2("./238", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./238", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6291] munmap(0x7f3feae00000, 138412032 [pid 5079] getdents64(3, [pid 6291] <... munmap resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./238/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./238/binderfs", [pid 6291] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./238/binderfs" [pid 6291] <... openat resumed>) = 4 [pid 6291] ioctl(4, LOOP_SET_FD, 3 [pid 6290] <... mount resumed>) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 6290] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6290] chdir("./file0" [pid 6292] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6291] <... ioctl resumed>) = 0 [pid 5079] umount2("./238/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6291] close(3 [pid 6290] <... chdir resumed>) = 0 [pid 6291] <... close resumed>) = 0 [pid 6291] close(4) = 0 [pid 6290] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... umount2 resumed>) = 0 [pid 6291] mkdir("./file0", 0777) = 0 [pid 6291] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6290] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6290] exit_group(0 [pid 5079] umount2("./238/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./238/file0", [pid 6290] <... exit_group resumed>) = ? [pid 6290] +++ exited with 0 +++ [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5079] umount2("./238/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] close(3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... close resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6290, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 5076] umount2("./236", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./236", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6293 ./strace-static-x86_64: Process 6293 attached [pid 6293] set_robust_list(0x555556d3f660, 24 [pid 5076] getdents64(3, [pid 5079] openat(AT_FDCWD, "./238/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6293] <... set_robust_list resumed>) = 0 [pid 6293] chdir("./239" [pid 5079] <... openat resumed>) = 4 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6293] <... chdir resumed>) = 0 [pid 5079] newfstatat(4, "", [pid 6293] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] umount2("./236/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] getdents64(4, [pid 6293] <... prctl resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./236/binderfs", [pid 5079] getdents64(4, [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6293] setpgid(0, 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] unlink("./236/binderfs" [pid 6293] <... setpgid resumed>) = 0 [pid 5079] close(4 [pid 5076] <... unlink resumed>) = 0 [pid 6293] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6292] <... write resumed>) = 2097152 [pid 5076] umount2("./236/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6293] <... openat resumed>) = 3 [pid 6292] munmap(0x7f3feae00000, 138412032 [pid 5079] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [ 250.190036][ T6291] loop2: detected capacity change from 0 to 4096 [ 250.225765][ T6291] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6293] write(3, "1000", 4 [pid 5076] umount2("./236/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6293] <... write resumed>) = 4 [pid 6293] close(3) = 0 [pid 6293] symlink("/dev/binderfs", "./binderfs" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6293] <... symlink resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./236/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6293] memfd_create("syzkaller", 0 [pid 5076] umount2("./236/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./236/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", [pid 5079] rmdir("./238/file0" [pid 6293] <... memfd_create resumed>) = 3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, [pid 6293] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6292] <... munmap resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6293] <... mmap resumed>) = 0x7f3feae00000 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 6292] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] <... close resumed>) = 0 [pid 6292] <... openat resumed>) = 4 [pid 5079] getdents64(3, [pid 5076] rmdir("./236/file0" [pid 6292] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, [pid 5079] close(3 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./236") = 0 [pid 5076] mkdir("./237", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./238" [pid 5076] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5079] <... rmdir resumed>) = 0 [pid 5079] mkdir("./239", 0777) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6292] <... ioctl resumed>) = 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6292] close(3) = 0 [pid 6292] close(4) = 0 [ 250.295263][ T6292] loop4: detected capacity change from 0 to 4096 [pid 6292] mkdir("./file0", 0777) = 0 [pid 6291] <... mount resumed>) = 0 [pid 6292] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6293] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6291] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6291] chdir("./file0") = 0 [pid 6291] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6291] exit_group(0) = ? [pid 6291] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6291, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5078] umount2("./241", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./241", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./241/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 250.365303][ T6292] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5076] <... ioctl resumed>) = 0 [pid 5076] close(3) = 0 [pid 5078] newfstatat(AT_FDCWD, "./241/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6294 ./strace-static-x86_64: Process 6294 attached [pid 6294] set_robust_list(0x555556d3f660, 24) = 0 [pid 6294] chdir("./237" [pid 5078] unlink("./241/binderfs") = 0 [pid 6294] <... chdir resumed>) = 0 [pid 6294] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] umount2("./241/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6294] <... prctl resumed>) = 0 [pid 6294] setpgid(0, 0) = 0 [pid 6294] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... ioctl resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 6294] <... openat resumed>) = 3 [pid 6294] write(3, "1000", 4 [pid 6292] <... mount resumed>) = 0 [pid 6294] <... write resumed>) = 4 [pid 5079] close(3) = 0 [pid 6292] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6294] close(3 [pid 6292] <... openat resumed>) = 3 [pid 6292] chdir("./file0" [pid 6294] <... close resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6294] symlink("/dev/binderfs", "./binderfs" [pid 5078] umount2("./241/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6294] <... symlink resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6294] memfd_create("syzkaller", 0 [pid 6292] <... chdir resumed>) = 0 [pid 6292] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6295 [pid 5078] newfstatat(AT_FDCWD, "./241/file0", ./strace-static-x86_64: Process 6295 attached [pid 6292] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6295] set_robust_list(0x555556d3f660, 24 [pid 5078] umount2("./241/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6295] <... set_robust_list resumed>) = 0 [pid 6294] <... memfd_create resumed>) = 3 [pid 6293] <... write resumed>) = 2097152 [pid 6292] exit_group(0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6295] chdir("./239" [pid 6294] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6293] munmap(0x7f3feae00000, 138412032 [pid 6292] <... exit_group resumed>) = ? [pid 5078] openat(AT_FDCWD, "./241/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6294] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] <... openat resumed>) = 4 [pid 5078] newfstatat(4, "", [pid 6293] <... munmap resumed>) = 0 [pid 6295] <... chdir resumed>) = 0 [pid 6295] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6295] setpgid(0, 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6295] <... setpgid resumed>) = 0 [pid 6292] +++ exited with 0 +++ [pid 5078] getdents64(4, [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6292, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6295] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] restart_syscall(<... resuming interrupted clone ...> [pid 6293] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] getdents64(4, [pid 6295] <... openat resumed>) = 3 [pid 5080] <... restart_syscall resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6295] write(3, "1000", 4 [pid 5078] close(4 [pid 6295] <... write resumed>) = 4 [pid 5078] <... close resumed>) = 0 [pid 6295] close(3 [pid 5078] rmdir("./241/file0" [pid 6295] <... close resumed>) = 0 [pid 6295] symlink("/dev/binderfs", "./binderfs" [pid 6293] <... openat resumed>) = 4 [pid 5078] <... rmdir resumed>) = 0 [pid 6293] ioctl(4, LOOP_SET_FD, 3 [pid 6295] <... symlink resumed>) = 0 [pid 5080] umount2("./237", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./237", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, [pid 5078] getdents64(3, [pid 6293] <... ioctl resumed>) = 0 [pid 6295] memfd_create("syzkaller", 0 [pid 6294] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6293] close(3 [pid 6295] <... memfd_create resumed>) = 3 [pid 6295] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6293] <... close resumed>) = 0 [pid 6295] <... mmap resumed>) = 0x7f3feae00000 [pid 6293] close(4) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3 [pid 5080] umount2("./237/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... close resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] rmdir("./241" [pid 6293] mkdir("./file0", 0777 [pid 5080] newfstatat(AT_FDCWD, "./237/binderfs", [pid 6293] <... mkdir resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./237/binderfs") = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5080] umount2("./237/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6293] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5078] mkdir("./242", 0777) = 0 [ 250.530294][ T6293] loop1: detected capacity change from 0 to 4096 [pid 5080] <... umount2 resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5080] umount2("./237/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6294] <... write resumed>) = 2097152 [pid 5080] newfstatat(AT_FDCWD, "./237/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6294] munmap(0x7f3feae00000, 138412032 [pid 5080] umount2("./237/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./237/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6294] <... munmap resumed>) = 0 [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./237/file0") = 0 [pid 5080] getdents64(3, [pid 6294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [ 250.580154][ T6293] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5080] close(3) = 0 [pid 5080] rmdir("./237") = 0 [pid 5080] mkdir("./238", 0777) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6294] ioctl(4, LOOP_SET_FD, 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6294] <... ioctl resumed>) = 0 [pid 6295] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6294] close(3) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5078] close(3) = 0 [pid 6294] close(4 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6294] <... close resumed>) = 0 ./strace-static-x86_64: Process 6296 attached [pid 6295] <... write resumed>) = 2097152 [pid 6294] mkdir("./file0", 0777 [pid 6296] set_robust_list(0x555556d3f660, 24 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6296 [pid 6296] <... set_robust_list resumed>) = 0 [pid 6296] chdir("./242") = 0 [pid 6296] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6295] munmap(0x7f3feae00000, 138412032 [pid 6294] <... mkdir resumed>) = 0 [pid 6296] <... prctl resumed>) = 0 [ 250.650174][ T6294] loop0: detected capacity change from 0 to 4096 [pid 6296] setpgid(0, 0) = 0 [pid 6295] <... munmap resumed>) = 0 [pid 6294] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6296] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6295] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6296] <... openat resumed>) = 3 [pid 6295] <... openat resumed>) = 4 [pid 6295] ioctl(4, LOOP_SET_FD, 3 [pid 6296] write(3, "1000", 4) = 4 [pid 6296] close(3 [pid 6293] <... mount resumed>) = 0 [pid 6296] <... close resumed>) = 0 [pid 6293] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6296] symlink("/dev/binderfs", "./binderfs" [pid 6293] chdir("./file0" [pid 6296] <... symlink resumed>) = 0 [pid 6293] <... chdir resumed>) = 0 [pid 6295] <... ioctl resumed>) = 0 [pid 6293] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... ioctl resumed>) = 0 [pid 6296] memfd_create("syzkaller", 0) = 3 [pid 6295] close(3 [pid 6293] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] close(3 [pid 6296] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6295] <... close resumed>) = 0 [pid 6293] exit_group(0 [pid 5080] <... close resumed>) = 0 [pid 6296] <... mmap resumed>) = 0x7f3feae00000 [pid 6295] close(4 [pid 6293] <... exit_group resumed>) = ? [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6295] <... close resumed>) = 0 [pid 6295] mkdir("./file0", 0777 [pid 6293] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6293, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5077] umount2("./239", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./239", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6295] <... mkdir resumed>) = 0 [ 250.722358][ T6294] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 250.737257][ T6295] loop3: detected capacity change from 0 to 4096 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 6297 attached [pid 6295] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6297 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./239/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./239/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./239/binderfs") = 0 [pid 5077] umount2("./239/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6297] set_robust_list(0x555556d3f660, 24 [pid 5077] <... umount2 resumed>) = 0 [pid 5077] umount2("./239/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./239/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./239/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6297] <... set_robust_list resumed>) = 0 [pid 5077] openat(AT_FDCWD, "./239/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, [pid 6297] chdir("./238" [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./239/file0") = 0 [pid 6297] <... chdir resumed>) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./239") = 0 [pid 5077] mkdir("./240", 0777) = 0 [pid 6297] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6297] <... prctl resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6297] setpgid(0, 0) = 0 [pid 6297] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6294] <... mount resumed>) = 0 [pid 6297] <... openat resumed>) = 3 [pid 6294] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6294] chdir("./file0" [pid 6297] write(3, "1000", 4 [pid 6294] <... chdir resumed>) = 0 [pid 6297] <... write resumed>) = 4 [pid 6294] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6297] close(3) = 0 [pid 6297] symlink("/dev/binderfs", "./binderfs" [pid 6294] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6297] <... symlink resumed>) = 0 [pid 6297] memfd_create("syzkaller", 0 [pid 6294] exit_group(0) = ? [pid 6297] <... memfd_create resumed>) = 3 [pid 6297] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6294] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6294, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5076] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5076] umount2("./237", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./237", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./237/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 250.807237][ T6295] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5076] newfstatat(AT_FDCWD, "./237/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./237/binderfs" [pid 6296] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] <... unlink resumed>) = 0 [pid 5076] umount2("./237/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... ioctl resumed>) = 0 [pid 5077] close(3 [pid 5076] <... umount2 resumed>) = 0 [pid 6295] <... mount resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] umount2("./237/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6296] <... write resumed>) = 2097152 [pid 6295] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./237/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./237/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./237/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", [pid 6295] <... openat resumed>) = 3 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6298 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 6298 attached [pid 6295] chdir("./file0") = 0 [pid 6298] set_robust_list(0x555556d3f660, 24 [pid 5076] getdents64(4, [pid 6298] <... set_robust_list resumed>) = 0 [pid 6295] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6295] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] getdents64(4, [pid 6298] chdir("./240" [pid 6295] exit_group(0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6298] <... chdir resumed>) = 0 [pid 5076] close(4 [pid 6298] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6297] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6296] munmap(0x7f3feae00000, 138412032 [pid 6295] <... exit_group resumed>) = ? [pid 6298] <... prctl resumed>) = 0 [pid 6296] <... munmap resumed>) = 0 [pid 6295] +++ exited with 0 +++ [pid 5076] <... close resumed>) = 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6295, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- [pid 6298] setpgid(0, 0) = 0 [pid 6298] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] rmdir("./237/file0" [pid 6298] <... openat resumed>) = 3 [pid 5079] umount2("./239", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... rmdir resumed>) = 0 [pid 6298] write(3, "1000", 4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] getdents64(3, [pid 6298] <... write resumed>) = 4 [pid 5079] openat(AT_FDCWD, "./239", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6298] close(3 [pid 5079] <... openat resumed>) = 3 [pid 5076] close(3) = 0 [pid 5079] newfstatat(3, "", [pid 5076] rmdir("./237" [pid 6298] <... close resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 6298] symlink("/dev/binderfs", "./binderfs" [pid 6296] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] getdents64(3, [pid 5076] mkdir("./238", 0777 [pid 6298] <... symlink resumed>) = 0 [pid 6296] <... openat resumed>) = 4 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... mkdir resumed>) = 0 [pid 6296] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5079] umount2("./239/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6298] memfd_create("syzkaller", 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./239/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./239/binderfs" [pid 6298] <... memfd_create resumed>) = 3 [pid 5079] <... unlink resumed>) = 0 [pid 6298] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] umount2("./239/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6296] close(3 [pid 6298] <... mmap resumed>) = 0x7f3feae00000 [pid 6297] <... write resumed>) = 2097152 [pid 5079] <... umount2 resumed>) = 0 [pid 6296] <... close resumed>) = 0 [pid 6296] close(4 [pid 6297] munmap(0x7f3feae00000, 138412032 [pid 6296] <... close resumed>) = 0 [pid 5079] umount2("./239/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6296] mkdir("./file0", 0777 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6296] <... mkdir resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./239/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./239/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./239/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6296] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5079] getdents64(4, [pid 6297] <... munmap resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./239/file0") = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [ 250.980740][ T6296] loop2: detected capacity change from 0 to 4096 [pid 5079] rmdir("./239" [pid 6297] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] <... rmdir resumed>) = 0 [pid 5079] mkdir("./240", 0777 [pid 6297] <... openat resumed>) = 4 [pid 6297] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... mkdir resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6298] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6297] <... ioctl resumed>) = 0 [pid 6297] close(3) = 0 [pid 6297] close(4) = 0 [pid 6297] mkdir("./file0", 0777) = 0 [ 251.031646][ T6296] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 251.046436][ T6297] loop4: detected capacity change from 0 to 4096 [pid 6297] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6298] <... write resumed>) = 2097152 [pid 6296] <... mount resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 6298] munmap(0x7f3feae00000, 138412032 [pid 6296] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... ioctl resumed>) = 0 [pid 6296] <... openat resumed>) = 3 [pid 5076] close(3 [pid 6296] chdir("./file0" [pid 5079] close(3 [pid 5076] <... close resumed>) = 0 [ 251.100801][ T6297] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6296] <... chdir resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6299 attached [pid 6296] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] <... close resumed>) = 0 [pid 6299] set_robust_list(0x555556d3f660, 24 [pid 6296] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6299 [pid 6299] <... set_robust_list resumed>) = 0 [pid 6296] exit_group(0) = ? [pid 6299] chdir("./238" [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6300 ./strace-static-x86_64: Process 6300 attached [pid 6298] <... munmap resumed>) = 0 [pid 6300] set_robust_list(0x555556d3f660, 24 [pid 6298] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6300] <... set_robust_list resumed>) = 0 [pid 6299] <... chdir resumed>) = 0 [pid 6298] <... openat resumed>) = 4 [pid 6299] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6299] setpgid(0, 0 [pid 6300] chdir("./240" [pid 6298] ioctl(4, LOOP_SET_FD, 3 [pid 6296] +++ exited with 0 +++ [pid 6299] <... setpgid resumed>) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6296, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 6299] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6299] write(3, "1000", 4) = 4 [pid 5078] umount2("./242", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6300] <... chdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./242", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6299] close(3 [pid 5078] <... openat resumed>) = 3 [pid 6299] <... close resumed>) = 0 [pid 5078] newfstatat(3, "", [pid 6299] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6300] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6299] <... symlink resumed>) = 0 [pid 6298] <... ioctl resumed>) = 0 [pid 5078] getdents64(3, [pid 6300] <... prctl resumed>) = 0 [pid 6300] setpgid(0, 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6300] <... setpgid resumed>) = 0 [pid 5078] umount2("./242/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6298] close(3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6300] <... openat resumed>) = 3 [pid 6298] <... close resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./242/binderfs", [pid 6300] write(3, "1000", 4 [pid 6299] memfd_create("syzkaller", 0 [pid 6298] close(4 [pid 6297] <... mount resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6300] <... write resumed>) = 4 [pid 6299] <... memfd_create resumed>) = 3 [pid 6298] <... close resumed>) = 0 [pid 6297] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] unlink("./242/binderfs" [pid 6300] close(3 [pid 6299] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6298] mkdir("./file0", 0777 [pid 6297] <... openat resumed>) = 3 [pid 5078] <... unlink resumed>) = 0 [pid 6300] <... close resumed>) = 0 [pid 6299] <... mmap resumed>) = 0x7f3feae00000 [pid 6298] <... mkdir resumed>) = 0 [pid 6297] chdir("./file0" [pid 5078] umount2("./242/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6300] symlink("/dev/binderfs", "./binderfs" [pid 6298] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6297] <... chdir resumed>) = 0 [pid 6300] <... symlink resumed>) = 0 [pid 6297] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6300] memfd_create("syzkaller", 0 [ 251.188778][ T6298] loop1: detected capacity change from 0 to 4096 [pid 6297] exit_group(0) = ? [pid 6300] <... memfd_create resumed>) = 3 [pid 6297] +++ exited with 0 +++ [pid 5078] <... umount2 resumed>) = 0 [pid 6300] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] umount2("./242/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6300] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6297, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] umount2("./238", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] newfstatat(AT_FDCWD, "./242/file0", [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] openat(AT_FDCWD, "./238", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] umount2("./242/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... openat resumed>) = 3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(3, "", [pid 5078] openat(AT_FDCWD, "./242/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... openat resumed>) = 4 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] newfstatat(4, "", [pid 5080] umount2("./238/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] getdents64(4, [pid 5080] newfstatat(AT_FDCWD, "./238/binderfs", [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6299] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] getdents64(4, [pid 5080] unlink("./238/binderfs") = 0 [pid 5080] umount2("./238/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5080] umount2("./238/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./238/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] rmdir("./242/file0" [pid 5080] umount2("./238/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... rmdir resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 251.246836][ T6298] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5078] getdents64(3, [pid 5080] openat(AT_FDCWD, "./238/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] <... openat resumed>) = 4 [pid 5080] newfstatat(4, "", [pid 5078] close(3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... close resumed>) = 0 [pid 5080] getdents64(4, [pid 5078] rmdir("./242" [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] <... rmdir resumed>) = 0 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./238/file0") = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./238" [pid 5078] mkdir("./243", 0777 [pid 5080] <... rmdir resumed>) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5080] mkdir("./239", 0777 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6300] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... mkdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6299] <... write resumed>) = 2097152 [pid 6298] <... mount resumed>) = 0 [pid 6299] munmap(0x7f3feae00000, 138412032 [pid 6298] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... openat resumed>) = 3 [pid 6298] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6298] chdir("./file0") = 0 [pid 6298] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6300] <... write resumed>) = 2097152 [pid 6299] <... munmap resumed>) = 0 [pid 6298] exit_group(0 [pid 6299] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6298] <... exit_group resumed>) = ? [pid 6300] munmap(0x7f3feae00000, 138412032 [pid 6299] <... openat resumed>) = 4 [pid 6299] ioctl(4, LOOP_SET_FD, 3 [pid 6300] <... munmap resumed>) = 0 [pid 6299] <... ioctl resumed>) = 0 [pid 6298] +++ exited with 0 +++ [pid 6299] close(3) = 0 [pid 6300] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] <... ioctl resumed>) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6298, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5077] umount2("./240", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 251.376796][ T6299] loop0: detected capacity change from 0 to 4096 [pid 5077] openat(AT_FDCWD, "./240", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6299] close(4 [pid 5078] close(3 [pid 6299] <... close resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 6300] <... openat resumed>) = 4 [pid 5077] <... openat resumed>) = 3 [pid 5077] newfstatat(3, "", [pid 6300] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, [pid 6299] mkdir("./file0", 0777 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./240/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./240/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./240/binderfs") = 0 [pid 5077] umount2("./240/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6300] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 6301 attached [pid 6300] close(3 [pid 6299] <... mkdir resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 6299] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6301 [pid 6301] set_robust_list(0x555556d3f660, 24 [pid 6300] <... close resumed>) = 0 [pid 6301] <... set_robust_list resumed>) = 0 [pid 6300] close(4 [pid 5077] umount2("./240/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6301] chdir("./243" [pid 6300] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6301] <... chdir resumed>) = 0 [pid 6300] mkdir("./file0", 0777 [pid 5080] close(3 [pid 5077] newfstatat(AT_FDCWD, "./240/file0", [pid 6301] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6300] <... mkdir resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6301] <... prctl resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 6301] setpgid(0, 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] umount2("./240/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6301] <... setpgid resumed>) = 0 [pid 6300] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [ 251.421925][ T6300] loop3: detected capacity change from 0 to 4096 [ 251.451665][ T6299] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5077] openat(AT_FDCWD, "./240/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6301] <... openat resumed>) = 3 [pid 5077] newfstatat(4, "", ./strace-static-x86_64: Process 6302 attached [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6302 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, [pid 6301] write(3, "1000", 4 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6301] <... write resumed>) = 4 [pid 5077] getdents64(4, [pid 6302] set_robust_list(0x555556d3f660, 24 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6301] close(3 [pid 5077] close(4 [pid 6302] <... set_robust_list resumed>) = 0 [pid 6301] <... close resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 6301] symlink("/dev/binderfs", "./binderfs" [pid 5077] rmdir("./240/file0" [pid 6302] chdir("./239" [pid 6301] <... symlink resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 6302] <... chdir resumed>) = 0 [pid 6302] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6301] memfd_create("syzkaller", 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6302] <... prctl resumed>) = 0 [ 251.468092][ T6300] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5077] close(3 [pid 6302] setpgid(0, 0 [pid 6301] <... memfd_create resumed>) = 3 [pid 5077] <... close resumed>) = 0 [pid 6302] <... setpgid resumed>) = 0 [pid 6301] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] rmdir("./240" [pid 6302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6301] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] <... rmdir resumed>) = 0 [pid 6302] <... openat resumed>) = 3 [pid 5077] mkdir("./241", 0777 [pid 6302] write(3, "1000", 4) = 4 [pid 6302] close(3) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 6302] symlink("/dev/binderfs", "./binderfs" [pid 6300] <... mount resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 6302] <... symlink resumed>) = 0 [pid 6300] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6300] <... openat resumed>) = 3 [pid 6300] chdir("./file0") = 0 [pid 6302] memfd_create("syzkaller", 0 [pid 6300] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6300] exit_group(0) = ? [pid 6302] <... memfd_create resumed>) = 3 [pid 6300] +++ exited with 0 +++ [pid 6302] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6300, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5079] umount2("./240", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./240", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6299] <... mount resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 6299] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] newfstatat(3, "", [pid 6299] <... openat resumed>) = 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, [pid 6299] chdir("./file0") = 0 [pid 6301] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6299] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./240/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6299] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6299] exit_group(0) = ? [pid 5079] newfstatat(AT_FDCWD, "./240/binderfs", [pid 6302] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 6299] +++ exited with 0 +++ [pid 5079] unlink("./240/binderfs" [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6299, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5079] <... unlink resumed>) = 0 [pid 5076] umount2("./238", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./238", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", [pid 5079] umount2("./240/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./238/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./238/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./238/binderfs") = 0 [pid 5077] close(3) = 0 [pid 5076] umount2("./238/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... umount2 resumed>) = 0 [pid 5079] umount2("./240/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] newfstatat(AT_FDCWD, "./240/file0", ./strace-static-x86_64: Process 6303 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 6303] set_robust_list(0x555556d3f660, 24 [pid 5079] umount2("./240/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6303 [pid 6303] <... set_robust_list resumed>) = 0 [pid 6303] chdir("./241" [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./238/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6303] <... chdir resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./240/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6303] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6302] <... write resumed>) = 2097152 [pid 5079] <... openat resumed>) = 4 [pid 5076] newfstatat(AT_FDCWD, "./238/file0", [pid 6303] <... prctl resumed>) = 0 [pid 6302] munmap(0x7f3feae00000, 138412032 [pid 5079] newfstatat(4, "", [pid 6303] setpgid(0, 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6303] <... setpgid resumed>) = 0 [pid 6302] <... munmap resumed>) = 0 [pid 5079] getdents64(4, [pid 5076] umount2("./238/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6303] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./238/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6303] <... openat resumed>) = 3 [pid 5076] <... openat resumed>) = 4 [pid 6303] write(3, "1000", 4 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] newfstatat(4, "", [pid 5079] getdents64(4, [pid 6303] <... write resumed>) = 4 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6303] close(3 [pid 5079] close(4 [pid 6303] <... close resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 6303] symlink("/dev/binderfs", "./binderfs" [pid 5079] rmdir("./240/file0" [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6303] <... symlink resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5076] getdents64(4, [pid 6302] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6301] <... write resumed>) = 2097152 [pid 5079] getdents64(3, [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6303] memfd_create("syzkaller", 0 [pid 6302] <... openat resumed>) = 4 [pid 6301] munmap(0x7f3feae00000, 138412032 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] getdents64(4, [pid 6303] <... memfd_create resumed>) = 3 [pid 5079] close(3 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6303] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] <... close resumed>) = 0 [pid 6303] <... mmap resumed>) = 0x7f3feae00000 [pid 5079] rmdir("./240" [pid 6302] ioctl(4, LOOP_SET_FD, 3 [pid 5076] close(4 [pid 5079] <... rmdir resumed>) = 0 [pid 5079] mkdir("./241", 0777) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6301] <... munmap resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5076] <... close resumed>) = 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] rmdir("./238/file0") = 0 [pid 6301] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] getdents64(3, [pid 6301] <... openat resumed>) = 4 [pid 6301] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6302] <... ioctl resumed>) = 0 [pid 5076] close(3 [pid 6302] close(3 [pid 6301] <... ioctl resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 6302] <... close resumed>) = 0 [pid 6302] close(4 [pid 6301] close(3 [pid 5076] rmdir("./238" [pid 6302] <... close resumed>) = 0 [pid 6301] <... close resumed>) = 0 [pid 6301] close(4) = 0 [pid 6302] mkdir("./file0", 0777 [pid 6301] mkdir("./file0", 0777 [pid 5076] <... rmdir resumed>) = 0 [pid 6302] <... mkdir resumed>) = 0 [pid 6301] <... mkdir resumed>) = 0 [pid 5076] mkdir("./239", 0777 [pid 6301] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5076] <... mkdir resumed>) = 0 [pid 6302] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [ 251.711284][ T6302] loop4: detected capacity change from 0 to 4096 [ 251.728075][ T6301] loop2: detected capacity change from 0 to 4096 [ 251.751435][ T6301] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6303] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] <... openat resumed>) = 3 [ 251.764928][ T6302] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6303] <... write resumed>) = 2097152 [pid 6301] <... mount resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 6301] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6301] chdir("./file0") = 0 [pid 6301] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6301] exit_group(0) = ? [pid 6303] munmap(0x7f3feae00000, 138412032 [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6301] +++ exited with 0 +++ [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6304 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6301, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5078] umount2("./243", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./243", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 ./strace-static-x86_64: Process 6304 attached [pid 5078] newfstatat(3, "", [pid 6304] set_robust_list(0x555556d3f660, 24 [pid 6303] <... munmap resumed>) = 0 [pid 6302] <... mount resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6304] <... set_robust_list resumed>) = 0 [pid 6303] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6302] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] getdents64(3, [pid 5076] <... ioctl resumed>) = 0 [pid 6304] chdir("./241" [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6302] <... openat resumed>) = 3 [pid 6302] chdir("./file0" [pid 5078] umount2("./243/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6304] <... chdir resumed>) = 0 [pid 6303] <... openat resumed>) = 4 [pid 6302] <... chdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6304] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6302] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] newfstatat(AT_FDCWD, "./243/binderfs", [pid 6304] <... prctl resumed>) = 0 [pid 6303] ioctl(4, LOOP_SET_FD, 3 [pid 6302] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] close(3 [pid 6304] setpgid(0, 0 [pid 5078] unlink("./243/binderfs" [pid 6304] <... setpgid resumed>) = 0 [pid 6302] exit_group(0 [pid 5078] <... unlink resumed>) = 0 [pid 5078] umount2("./243/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 6304] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6303] <... ioctl resumed>) = 0 [pid 6302] <... exit_group resumed>) = ? [pid 5076] <... close resumed>) = 0 [pid 6304] <... openat resumed>) = 3 [pid 6304] write(3, "1000", 4) = 4 [pid 6304] close(3) = 0 [pid 6304] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5078] umount2("./243/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6304] memfd_create("syzkaller", 0 [pid 6303] close(3 [pid 6302] +++ exited with 0 +++ [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6302, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5078] newfstatat(AT_FDCWD, "./243/file0", [pid 5080] umount2("./239", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] umount2("./243/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] openat(AT_FDCWD, "./239", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6304] <... memfd_create resumed>) = 3 [pid 5080] <... openat resumed>) = 3 [pid 5078] openat(AT_FDCWD, "./243/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6304] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6303] <... close resumed>) = 0 [pid 5080] newfstatat(3, "", [pid 5078] <... openat resumed>) = 4 ./strace-static-x86_64: Process 6305 attached [pid 6304] <... mmap resumed>) = 0x7f3feae00000 [pid 6303] close(4 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] newfstatat(4, "", [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6305 [pid 6305] set_robust_list(0x555556d3f660, 24 [pid 6303] <... close resumed>) = 0 [pid 5080] getdents64(3, [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6303] mkdir("./file0", 0777 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6305] <... set_robust_list resumed>) = 0 [ 251.893425][ T6303] loop1: detected capacity change from 0 to 4096 [pid 6305] chdir("./239") = 0 [pid 6303] <... mkdir resumed>) = 0 [pid 5080] umount2("./239/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6305] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] getdents64(4, [pid 6303] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6305] <... prctl resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./239/binderfs", [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6305] setpgid(0, 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] unlink("./239/binderfs" [pid 5078] close(4 [pid 6305] <... setpgid resumed>) = 0 [pid 5080] <... unlink resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 6305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] rmdir("./243/file0" [pid 6305] <... openat resumed>) = 3 [pid 5078] <... rmdir resumed>) = 0 [pid 6305] write(3, "1000", 4 [pid 5080] umount2("./239/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6305] <... write resumed>) = 4 [pid 5080] <... umount2 resumed>) = 0 [pid 5078] getdents64(3, [pid 6305] close(3 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6305] <... close resumed>) = 0 [pid 5080] umount2("./239/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] close(3 [pid 6305] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... close resumed>) = 0 [pid 6305] <... symlink resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./239/file0", [pid 5078] rmdir("./243" [pid 6305] memfd_create("syzkaller", 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] mkdir("./244", 0777 [pid 5080] umount2("./239/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... mkdir resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./239/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] <... openat resumed>) = 4 [pid 5078] <... openat resumed>) = 3 [pid 6305] <... memfd_create resumed>) = 3 [pid 6305] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6305] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./239/file0") = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [ 251.958270][ T6303] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5080] rmdir("./239") = 0 [pid 6303] <... mount resumed>) = 0 [pid 5080] mkdir("./240", 0777 [pid 6303] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... mkdir resumed>) = 0 [pid 6303] <... openat resumed>) = 3 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6303] chdir("./file0" [pid 5080] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6303] <... chdir resumed>) = 0 [pid 6303] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6304] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6303] exit_group(0) = ? [pid 6303] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6303, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5077] umount2("./241", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./241", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./241/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./241/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./241/binderfs") = 0 [pid 5077] umount2("./241/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 6305] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] umount2("./241/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] close(3) = 0 [pid 5077] newfstatat(AT_FDCWD, "./241/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./241/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./241/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6306 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6304] <... write resumed>) = 2097152 [pid 5077] getdents64(4, ./strace-static-x86_64: Process 6306 attached [pid 6304] munmap(0x7f3feae00000, 138412032 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, [pid 6306] set_robust_list(0x555556d3f660, 24 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6304] <... munmap resumed>) = 0 [pid 6306] <... set_robust_list resumed>) = 0 [pid 5077] close(4) = 0 [pid 6306] chdir("./244" [pid 5077] rmdir("./241/file0") = 0 [pid 5077] getdents64(3, [pid 6306] <... chdir resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6306] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] close(3) = 0 [pid 6306] <... prctl resumed>) = 0 [pid 5077] rmdir("./241") = 0 [pid 6306] setpgid(0, 0 [pid 5077] mkdir("./242", 0777) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6306] <... setpgid resumed>) = 0 [pid 6304] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6306] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6305] <... write resumed>) = 2097152 [pid 6304] <... openat resumed>) = 4 [pid 6306] <... openat resumed>) = 3 [pid 6305] munmap(0x7f3feae00000, 138412032 [pid 6304] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... ioctl resumed>) = 0 [pid 6306] write(3, "1000", 4) = 4 [pid 5080] close(3 [pid 6306] close(3 [pid 5080] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6306] <... close resumed>) = 0 [pid 6306] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6306] memfd_create("syzkaller", 0 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6307 ./strace-static-x86_64: Process 6307 attached [pid 6307] set_robust_list(0x555556d3f660, 24) = 0 [pid 6306] <... memfd_create resumed>) = 3 [pid 6307] chdir("./240" [pid 6306] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6307] <... chdir resumed>) = 0 [pid 6304] <... ioctl resumed>) = 0 [pid 6307] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6305] <... munmap resumed>) = 0 [pid 6307] <... prctl resumed>) = 0 [pid 6307] setpgid(0, 0 [pid 6305] openat(AT_FDCWD, "/dev/loop0", O_RDWR [ 252.157089][ T6304] loop3: detected capacity change from 0 to 4096 [pid 6304] close(3 [pid 6307] <... setpgid resumed>) = 0 [pid 6305] <... openat resumed>) = 4 [pid 6304] <... close resumed>) = 0 [pid 6304] close(4 [pid 6307] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6305] ioctl(4, LOOP_SET_FD, 3 [pid 6304] <... close resumed>) = 0 [pid 6304] mkdir("./file0", 0777 [pid 6307] <... openat resumed>) = 3 [pid 6305] <... ioctl resumed>) = 0 [pid 6304] <... mkdir resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 6304] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6307] write(3, "1000", 4 [pid 6305] close(3 [pid 5077] close(3 [pid 6307] <... write resumed>) = 4 [pid 6305] <... close resumed>) = 0 [pid 6307] close(3 [pid 6305] close(4 [pid 6307] <... close resumed>) = 0 [pid 6305] <... close resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 6305] mkdir("./file0", 0777 [pid 6307] symlink("/dev/binderfs", "./binderfs" [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6305] <... mkdir resumed>) = 0 [pid 6307] <... symlink resumed>) = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6308 [pid 6307] memfd_create("syzkaller", 0./strace-static-x86_64: Process 6308 attached [ 252.203554][ T6305] loop0: detected capacity change from 0 to 4096 [ 252.228119][ T6304] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6305] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6306] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6308] set_robust_list(0x555556d3f660, 24 [pid 6307] <... memfd_create resumed>) = 3 [pid 6308] <... set_robust_list resumed>) = 0 [pid 6307] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6308] chdir("./242") = 0 [pid 6308] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6308] setpgid(0, 0) = 0 [pid 6308] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6308] write(3, "1000", 4) = 4 [pid 6305] <... mount resumed>) = 0 [pid 6308] close(3) = 0 [pid 6305] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6308] symlink("/dev/binderfs", "./binderfs" [ 252.254435][ T6305] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6305] chdir("./file0" [pid 6308] <... symlink resumed>) = 0 [pid 6305] <... chdir resumed>) = 0 [pid 6305] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6305] exit_group(0 [pid 6308] memfd_create("syzkaller", 0 [pid 6305] <... exit_group resumed>) = ? [pid 6305] +++ exited with 0 +++ [pid 6308] <... memfd_create resumed>) = 3 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6305, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 6308] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 6308] <... mmap resumed>) = 0x7f3feae00000 [pid 5076] <... restart_syscall resumed>) = 0 [pid 5076] umount2("./239", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./239", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6304] <... mount resumed>) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./239/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6304] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./239/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6304] <... openat resumed>) = 3 [pid 5076] unlink("./239/binderfs") = 0 [pid 6306] <... write resumed>) = 2097152 [pid 5076] umount2("./239/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6304] chdir("./file0" [pid 6307] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6304] <... chdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 6306] munmap(0x7f3feae00000, 138412032 [pid 6304] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6304] exit_group(0) = ? [pid 6306] <... munmap resumed>) = 0 [pid 6304] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6304, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5076] umount2("./239/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] restart_syscall(<... resuming interrupted clone ...> [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... restart_syscall resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./239/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./239/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] umount2("./241", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "./239/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... openat resumed>) = 4 [pid 5079] openat(AT_FDCWD, "./241", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(4, "", [pid 6308] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] newfstatat(3, "", [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6306] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5076] getdents64(4, [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(3, [pid 5076] getdents64(4, [pid 6306] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6307] <... write resumed>) = 2097152 [pid 5079] umount2("./241/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] close(4 [pid 6307] munmap(0x7f3feae00000, 138412032 [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./239/file0") = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./241/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6307] <... munmap resumed>) = 0 [pid 5079] unlink("./241/binderfs" [pid 5076] close(3 [pid 5079] <... unlink resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./239") = 0 [pid 5076] mkdir("./240", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6306] <... ioctl resumed>) = 0 [pid 6308] <... write resumed>) = 2097152 [pid 6307] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] umount2("./241/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 3 [pid 6308] munmap(0x7f3feae00000, 138412032 [pid 6307] <... openat resumed>) = 4 [pid 6306] close(3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5079] <... umount2 resumed>) = 0 [pid 5079] umount2("./241/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6307] ioctl(4, LOOP_SET_FD, 3 [pid 6306] <... close resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 252.425589][ T6306] loop2: detected capacity change from 0 to 4096 [pid 5079] newfstatat(AT_FDCWD, "./241/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./241/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./241/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./241/file0" [pid 6308] <... munmap resumed>) = 0 [pid 6307] <... ioctl resumed>) = 0 [pid 6306] close(4 [pid 5079] <... rmdir resumed>) = 0 [pid 6308] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6307] close(3 [pid 6306] <... close resumed>) = 0 [pid 5079] getdents64(3, [pid 6308] <... openat resumed>) = 4 [pid 6307] <... close resumed>) = 0 [pid 6306] mkdir("./file0", 0777 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6308] ioctl(4, LOOP_SET_FD, 3 [pid 6307] close(4 [pid 6306] <... mkdir resumed>) = 0 [pid 5079] close(3 [pid 6306] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./241" [pid 6307] <... close resumed>) = 0 [pid 6307] mkdir("./file0", 0777 [pid 5079] <... rmdir resumed>) = 0 [pid 6307] <... mkdir resumed>) = 0 [pid 5079] mkdir("./242", 0777 [pid 6307] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5079] <... mkdir resumed>) = 0 [ 252.467074][ T6307] loop4: detected capacity change from 0 to 4096 [ 252.479518][ T6308] loop1: detected capacity change from 0 to 4096 [pid 6308] <... ioctl resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6308] close(3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6308] <... close resumed>) = 0 [pid 6308] close(4) = 0 [pid 6308] mkdir("./file0", 0777) = 0 [pid 6308] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5076] <... ioctl resumed>) = 0 [pid 5076] close(3) = 0 [ 252.506467][ T6307] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 252.518564][ T6306] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 252.551658][ T6308] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6309 attached , child_tidptr=0x555556d3f650) = 6309 [pid 6309] set_robust_list(0x555556d3f660, 24) = 0 [pid 6309] chdir("./240") = 0 [pid 6309] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6309] setpgid(0, 0) = 0 [pid 6309] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6309] write(3, "1000", 4) = 4 [pid 6309] close(3) = 0 [pid 6309] symlink("/dev/binderfs", "./binderfs" [pid 6306] <... mount resumed>) = 0 [pid 6306] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6306] chdir("./file0") = 0 [pid 6306] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6306] exit_group(0 [pid 6309] <... symlink resumed>) = 0 [pid 6306] <... exit_group resumed>) = ? [pid 6309] memfd_create("syzkaller", 0 [pid 6306] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6306, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5078] restart_syscall(<... resuming interrupted clone ...> [pid 6309] <... memfd_create resumed>) = 3 [pid 5078] <... restart_syscall resumed>) = 0 [pid 6309] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5078] umount2("./244", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... ioctl resumed>) = 0 [pid 5079] close(3) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] openat(AT_FDCWD, "./244", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 ./strace-static-x86_64: Process 6310 attached [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6310 [pid 6310] set_robust_list(0x555556d3f660, 24) = 0 [pid 6310] chdir("./242" [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6310] <... chdir resumed>) = 0 [pid 5078] getdents64(3, [pid 6310] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6310] setpgid(0, 0) = 0 [pid 5078] umount2("./244/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6310] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./244/binderfs", [pid 6310] <... openat resumed>) = 3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./244/binderfs" [pid 6310] write(3, "1000", 4 [pid 6308] <... mount resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 6310] <... write resumed>) = 4 [pid 5078] umount2("./244/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6310] close(3 [pid 6307] <... mount resumed>) = 0 [pid 6310] <... close resumed>) = 0 [pid 6308] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6310] symlink("/dev/binderfs", "./binderfs" [pid 6308] <... openat resumed>) = 3 [pid 6307] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] <... umount2 resumed>) = 0 [pid 6308] chdir("./file0" [pid 5078] umount2("./244/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6308] <... chdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6310] <... symlink resumed>) = 0 [pid 6308] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] newfstatat(AT_FDCWD, "./244/file0", [pid 6308] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6308] exit_group(0 [pid 5078] umount2("./244/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6308] <... exit_group resumed>) = ? [pid 6307] <... openat resumed>) = 3 [pid 5078] openat(AT_FDCWD, "./244/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6307] chdir("./file0" [pid 5078] <... openat resumed>) = 4 [pid 6310] memfd_create("syzkaller", 0 [pid 6308] +++ exited with 0 +++ [pid 6307] <... chdir resumed>) = 0 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6310] <... memfd_create resumed>) = 3 [pid 6307] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] getdents64(4, [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6308, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 6310] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6307] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] umount2("./242", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] getdents64(4, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] openat(AT_FDCWD, "./242", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6310] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] close(4 [pid 5077] <... openat resumed>) = 3 [pid 6307] exit_group(0 [pid 5078] <... close resumed>) = 0 [pid 5077] newfstatat(3, "", [pid 5078] rmdir("./244/file0" [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6307] <... exit_group resumed>) = ? [pid 5078] <... rmdir resumed>) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./242/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] getdents64(3, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./242/binderfs", [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] close(3 [pid 5077] unlink("./242/binderfs" [pid 5078] <... close resumed>) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 5077] umount2("./242/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] rmdir("./244" [pid 6307] +++ exited with 0 +++ [pid 5077] <... umount2 resumed>) = 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6307, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5078] <... rmdir resumed>) = 0 [pid 5077] umount2("./242/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6309] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./242/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./242/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./242/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", [pid 5080] umount2("./240", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] mkdir("./245", 0777 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... mkdir resumed>) = 0 [pid 5077] getdents64(4, [pid 5080] openat(AT_FDCWD, "./240", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] <... openat resumed>) = 3 [pid 5077] getdents64(4, [pid 5080] newfstatat(3, "", [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5077] close(4 [pid 5080] getdents64(3, [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5077] <... close resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] rmdir("./242/file0" [pid 6310] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] umount2("./240/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... rmdir resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] getdents64(3, [pid 5080] newfstatat(AT_FDCWD, "./240/binderfs", [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] close(3 [pid 5080] unlink("./240/binderfs" [pid 5077] <... close resumed>) = 0 [pid 5080] <... unlink resumed>) = 0 [pid 5077] rmdir("./242" [pid 5080] umount2("./240/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5077] mkdir("./243", 0777 [pid 5080] umount2("./240/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... mkdir resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./240/file0", [pid 6309] <... write resumed>) = 2097152 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6309] munmap(0x7f3feae00000, 138412032) = 0 [pid 5080] umount2("./240/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... openat resumed>) = 3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5080] openat(AT_FDCWD, "./240/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6309] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6310] <... write resumed>) = 2097152 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, [pid 6310] munmap(0x7f3feae00000, 138412032 [pid 6309] <... openat resumed>) = 4 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, [pid 6310] <... munmap resumed>) = 0 [pid 6309] ioctl(4, LOOP_SET_FD, 3 [pid 6310] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 6310] <... openat resumed>) = 4 [pid 5080] close(4) = 0 [pid 5080] rmdir("./240/file0") = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./240") = 0 [pid 6310] ioctl(4, LOOP_SET_FD, 3 [pid 5080] mkdir("./241", 0777) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6310] <... ioctl resumed>) = 0 [pid 6309] <... ioctl resumed>) = 0 [pid 6310] close(3 [pid 6309] close(3 [pid 6310] <... close resumed>) = 0 [pid 6309] <... close resumed>) = 0 [pid 6310] close(4 [pid 6309] close(4 [pid 6310] <... close resumed>) = 0 [pid 5078] close(3) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6310] mkdir("./file0", 0777 [pid 6309] <... close resumed>) = 0 [pid 6309] mkdir("./file0", 0777 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6311 [pid 6309] <... mkdir resumed>) = 0 [ 252.848389][ T6309] loop0: detected capacity change from 0 to 4096 [ 252.860066][ T6310] loop3: detected capacity change from 0 to 4096 ./strace-static-x86_64: Process 6311 attached [pid 6310] <... mkdir resumed>) = 0 [pid 6309] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5077] <... ioctl resumed>) = 0 [pid 6311] set_robust_list(0x555556d3f660, 24) = 0 [pid 6311] chdir("./245") = 0 [pid 6311] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6311] setpgid(0, 0) = 0 [pid 6311] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6310] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6311] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6312 attached [pid 6312] set_robust_list(0x555556d3f660, 24) = 0 [pid 6311] write(3, "1000", 4) = 4 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6312 [pid 6312] chdir("./243" [pid 6311] close(3 [pid 6312] <... chdir resumed>) = 0 [pid 6312] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6311] <... close resumed>) = 0 [pid 6312] <... prctl resumed>) = 0 [pid 6312] setpgid(0, 0 [pid 6311] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... ioctl resumed>) = 0 [pid 6312] <... setpgid resumed>) = 0 [pid 6312] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6311] <... symlink resumed>) = 0 [pid 6312] <... openat resumed>) = 3 [pid 6312] write(3, "1000", 4) = 4 [pid 6312] close(3 [pid 6311] memfd_create("syzkaller", 0 [pid 6309] <... mount resumed>) = 0 [pid 6312] <... close resumed>) = 0 [pid 6312] symlink("/dev/binderfs", "./binderfs" [pid 6309] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6312] <... symlink resumed>) = 0 [pid 6309] <... openat resumed>) = 3 [pid 6312] memfd_create("syzkaller", 0 [pid 6309] chdir("./file0") = 0 [pid 6309] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6312] <... memfd_create resumed>) = 3 [pid 6309] exit_group(0) = ? [pid 6312] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6311] <... memfd_create resumed>) = 3 [ 252.891198][ T6309] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 252.916253][ T6310] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6310] <... mount resumed>) = 0 [pid 6312] <... mmap resumed>) = 0x7f3feae00000 [pid 6311] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6310] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6309] +++ exited with 0 +++ [pid 5080] close(3 [pid 6311] <... mmap resumed>) = 0x7f3feae00000 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6309, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 6310] <... openat resumed>) = 3 [pid 6310] chdir("./file0" [pid 5080] <... close resumed>) = 0 [pid 5076] umount2("./240", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6310] <... chdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./240", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6310] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5076] <... openat resumed>) = 3 [pid 5076] newfstatat(3, "", [pid 6310] exit_group(0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6310] <... exit_group resumed>) = ? [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./240/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./240/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./240/binderfs" [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6313 [pid 5076] <... unlink resumed>) = 0 [pid 5076] umount2("./240/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6313 attached [pid 6310] +++ exited with 0 +++ [pid 5076] <... umount2 resumed>) = 0 [pid 6313] set_robust_list(0x555556d3f660, 24 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6310, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 6313] <... set_robust_list resumed>) = 0 [pid 6313] chdir("./241") = 0 [pid 5076] umount2("./240/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] umount2("./242", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./242", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] newfstatat(AT_FDCWD, "./240/file0", [pid 6313] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... openat resumed>) = 3 [pid 6313] <... prctl resumed>) = 0 [pid 5079] newfstatat(3, "", [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6313] setpgid(0, 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] umount2("./240/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6313] <... setpgid resumed>) = 0 [pid 5079] getdents64(3, [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6313] <... openat resumed>) = 3 [pid 5076] openat(AT_FDCWD, "./240/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6313] write(3, "1000", 4 [pid 5079] umount2("./242/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6313] <... write resumed>) = 4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... openat resumed>) = 4 [pid 6313] close(3 [pid 5079] newfstatat(AT_FDCWD, "./242/binderfs", [pid 6313] <... close resumed>) = 0 [pid 5076] newfstatat(4, "", [pid 6313] symlink("/dev/binderfs", "./binderfs" [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6313] <... symlink resumed>) = 0 [pid 5079] unlink("./242/binderfs" [pid 5076] getdents64(4, [pid 6313] memfd_create("syzkaller", 0 [pid 5079] <... unlink resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./240/file0") = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5079] umount2("./242/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] rmdir("./240" [pid 6313] <... memfd_create resumed>) = 3 [pid 5076] <... rmdir resumed>) = 0 [pid 6313] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] mkdir("./241", 0777) = 0 [pid 6313] <... mmap resumed>) = 0x7f3feae00000 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6312] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6311] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] <... umount2 resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5079] umount2("./242/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./242/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5079] umount2("./242/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./242/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 6313] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] rmdir("./242/file0") = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./242") = 0 [pid 5079] mkdir("./243", 0777) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6312] <... write resumed>) = 2097152 [pid 6311] <... write resumed>) = 2097152 [pid 5076] <... ioctl resumed>) = 0 [pid 6311] munmap(0x7f3feae00000, 138412032 [pid 6312] munmap(0x7f3feae00000, 138412032 [pid 5076] close(3) = 0 [pid 6312] <... munmap resumed>) = 0 [pid 6311] <... munmap resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6311] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6311] ioctl(4, LOOP_SET_FD, 3 [pid 6312] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6314 [pid 6312] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 6314 attached [pid 6313] <... write resumed>) = 2097152 [pid 6311] <... ioctl resumed>) = 0 [pid 6314] set_robust_list(0x555556d3f660, 24 [pid 6313] munmap(0x7f3feae00000, 138412032 [pid 6314] <... set_robust_list resumed>) = 0 [pid 6311] close(3 [pid 6314] chdir("./241" [pid 6311] <... close resumed>) = 0 [pid 6311] close(4 [pid 6314] <... chdir resumed>) = 0 [pid 6313] <... munmap resumed>) = 0 [pid 6312] <... ioctl resumed>) = 0 [pid 6311] <... close resumed>) = 0 [pid 6314] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6311] mkdir("./file0", 0777 [pid 6313] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6312] close(3 [pid 6314] <... prctl resumed>) = 0 [pid 6313] <... openat resumed>) = 4 [pid 6312] <... close resumed>) = 0 [pid 6311] <... mkdir resumed>) = 0 [pid 6312] close(4) = 0 [pid 6314] setpgid(0, 0 [ 253.181045][ T6311] loop2: detected capacity change from 0 to 4096 [ 253.184998][ T6312] loop1: detected capacity change from 0 to 4096 [ 253.220800][ T6313] loop4: detected capacity change from 0 to 4096 [pid 6313] ioctl(4, LOOP_SET_FD, 3 [pid 6312] mkdir("./file0", 0777 [pid 6314] <... setpgid resumed>) = 0 [pid 6311] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6314] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6313] <... ioctl resumed>) = 0 [pid 6312] <... mkdir resumed>) = 0 [pid 6314] <... openat resumed>) = 3 [pid 6313] close(3 [pid 6312] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5079] <... ioctl resumed>) = 0 [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6314] write(3, "1000", 4 [pid 6313] <... close resumed>) = 0 [pid 6314] <... write resumed>) = 4 [pid 6313] close(4 [pid 6314] close(3 [pid 6313] <... close resumed>) = 0 [pid 6314] <... close resumed>) = 0 [pid 6313] mkdir("./file0", 0777 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6315 [pid 6313] <... mkdir resumed>) = 0 [pid 6314] symlink("/dev/binderfs", "./binderfs") = 0 ./strace-static-x86_64: Process 6315 attached [pid 6313] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [ 253.231080][ T6311] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 253.247272][ T6312] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6314] memfd_create("syzkaller", 0 [pid 6315] set_robust_list(0x555556d3f660, 24 [pid 6314] <... memfd_create resumed>) = 3 [pid 6315] <... set_robust_list resumed>) = 0 [pid 6314] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6315] chdir("./243") = 0 [pid 6315] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6315] setpgid(0, 0) = 0 [pid 6315] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6314] <... mmap resumed>) = 0x7f3feae00000 [pid 6315] write(3, "1000", 4) = 4 [pid 6315] close(3) = 0 [pid 6315] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6315] memfd_create("syzkaller", 0 [pid 6311] <... mount resumed>) = 0 [pid 6311] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6315] <... memfd_create resumed>) = 3 [pid 6311] <... openat resumed>) = 3 [pid 6315] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [ 253.272264][ T6313] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6311] chdir("./file0" [pid 6315] <... mmap resumed>) = 0x7f3feae00000 [pid 6311] <... chdir resumed>) = 0 [pid 6311] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6311] exit_group(0) = ? [pid 6311] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6311, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5078] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5078] umount2("./245", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./245", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./245/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6312] <... mount resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6312] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] newfstatat(AT_FDCWD, "./245/binderfs", [pid 6312] <... openat resumed>) = 3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6312] chdir("./file0" [pid 5078] unlink("./245/binderfs" [pid 6312] <... chdir resumed>) = 0 [pid 6312] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] <... unlink resumed>) = 0 [pid 5078] umount2("./245/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6312] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6312] exit_group(0) = ? [pid 5078] <... umount2 resumed>) = 0 [pid 5078] umount2("./245/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./245/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./245/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./245/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4 [pid 6312] +++ exited with 0 +++ [pid 5078] <... close resumed>) = 0 [pid 6314] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] rmdir("./245/file0" [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6312, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=7 /* 0.07 s */} --- [pid 5078] <... rmdir resumed>) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./245") = 0 [pid 5077] umount2("./243", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./243", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./243/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./243/binderfs", [pid 5078] mkdir("./246", 0777 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5077] unlink("./243/binderfs") = 0 [pid 5077] umount2("./243/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] <... umount2 resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6315] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] umount2("./243/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6313] <... mount resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./243/file0", [pid 6313] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6314] <... write resumed>) = 2097152 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./243/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6313] <... openat resumed>) = 3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6314] munmap(0x7f3feae00000, 138412032 [pid 6313] chdir("./file0" [pid 5077] openat(AT_FDCWD, "./243/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6314] <... munmap resumed>) = 0 [pid 6313] <... chdir resumed>) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6315] <... write resumed>) = 2097152 [pid 5077] getdents64(4, [pid 6315] munmap(0x7f3feae00000, 138412032 [pid 6314] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6313] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6315] <... munmap resumed>) = 0 [pid 6314] <... openat resumed>) = 4 [pid 6313] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./243/file0") = 0 [pid 6314] ioctl(4, LOOP_SET_FD, 3 [pid 6313] exit_group(0 [pid 5078] <... ioctl resumed>) = 0 [pid 6313] <... exit_group resumed>) = ? [pid 6313] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6313, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5077] getdents64(3, [pid 6315] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6315] <... openat resumed>) = 4 [pid 5077] close(3) = 0 [pid 5077] rmdir("./243") = 0 [pid 5077] mkdir("./244", 0777 [pid 5080] umount2("./241", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... mkdir resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./241", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6315] ioctl(4, LOOP_SET_FD, 3 [pid 5080] newfstatat(3, "", [ 253.480291][ T6314] loop0: detected capacity change from 0 to 4096 [ 253.500932][ T6315] loop3: detected capacity change from 0 to 4096 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] close(3 [pid 5077] <... openat resumed>) = 3 [pid 6314] <... ioctl resumed>) = 0 [pid 6314] close(3 [pid 5078] <... close resumed>) = 0 [pid 6314] <... close resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6314] close(4) = 0 [pid 6314] mkdir("./file0", 0777) = 0 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6314] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6316 ./strace-static-x86_64: Process 6316 attached [pid 6316] set_robust_list(0x555556d3f660, 24 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./241/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6316] <... set_robust_list resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./241/binderfs", [pid 6316] chdir("./246" [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./241/binderfs") = 0 [pid 6316] <... chdir resumed>) = 0 [pid 5080] umount2("./241/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 6316] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6315] <... ioctl resumed>) = 0 [pid 6316] <... prctl resumed>) = 0 [pid 6316] setpgid(0, 0 [pid 5080] umount2("./241/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6316] <... setpgid resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6316] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] newfstatat(AT_FDCWD, "./241/file0", [pid 6315] close(3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6316] <... openat resumed>) = 3 [pid 6315] <... close resumed>) = 0 [pid 5080] umount2("./241/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6316] write(3, "1000", 4 [pid 6315] close(4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6316] <... write resumed>) = 4 [pid 6315] <... close resumed>) = 0 [ 253.527132][ T6314] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5080] openat(AT_FDCWD, "./241/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6316] close(3 [pid 6315] mkdir("./file0", 0777 [pid 5080] <... openat resumed>) = 4 [pid 6315] <... mkdir resumed>) = 0 [pid 5080] newfstatat(4, "", [pid 6315] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6316] <... close resumed>) = 0 [pid 5080] getdents64(4, [pid 6316] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6316] <... symlink resumed>) = 0 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./241/file0" [pid 6316] memfd_create("syzkaller", 0 [pid 6314] <... mount resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./241" [pid 6316] <... memfd_create resumed>) = 3 [pid 6314] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... rmdir resumed>) = 0 [pid 6316] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6314] <... openat resumed>) = 3 [pid 6316] <... mmap resumed>) = 0x7f3feae00000 [pid 6314] chdir("./file0") = 0 [pid 6314] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6314] exit_group(0 [pid 5080] mkdir("./242", 0777 [pid 6314] <... exit_group resumed>) = ? [pid 5080] <... mkdir resumed>) = 0 [pid 6314] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6314, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] umount2("./241", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./241", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./241/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./241/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 253.574852][ T6315] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5076] unlink("./241/binderfs") = 0 [pid 5076] umount2("./241/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5076] umount2("./241/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] close(3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... close resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./241/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./241/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] openat(AT_FDCWD, "./241/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, ./strace-static-x86_64: Process 6317 attached [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6317 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6317] set_robust_list(0x555556d3f660, 24 [pid 5076] close(4 [pid 6317] <... set_robust_list resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./241/file0") = 0 [pid 6317] chdir("./244") = 0 [pid 5076] getdents64(3, [pid 6317] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6317] <... prctl resumed>) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./241") = 0 [pid 6317] setpgid(0, 0) = 0 [pid 6317] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] mkdir("./242", 0777 [pid 6317] <... openat resumed>) = 3 [pid 6317] write(3, "1000", 4 [pid 5076] <... mkdir resumed>) = 0 [pid 6317] <... write resumed>) = 4 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6317] close(3 [pid 5076] <... openat resumed>) = 3 [pid 6317] <... close resumed>) = 0 [pid 6317] symlink("/dev/binderfs", "./binderfs" [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6317] <... symlink resumed>) = 0 [pid 6317] memfd_create("syzkaller", 0) = 3 [pid 6317] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6316] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6315] <... mount resumed>) = 0 [pid 6315] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5080] <... ioctl resumed>) = 0 [pid 6315] chdir("./file0") = 0 [pid 6315] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6315] exit_group(0) = ? [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6315] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6315, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [pid 5079] umount2("./243", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./243", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 ./strace-static-x86_64: Process 6318 attached [pid 6316] <... write resumed>) = 2097152 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./243/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./243/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6318 [pid 5079] unlink("./243/binderfs") = 0 [pid 6318] set_robust_list(0x555556d3f660, 24) = 0 [pid 6318] chdir("./242" [pid 5076] <... ioctl resumed>) = 0 [pid 5079] umount2("./243/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6318] <... chdir resumed>) = 0 [pid 6318] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6317] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6318] <... prctl resumed>) = 0 [pid 6318] setpgid(0, 0 [pid 6316] munmap(0x7f3feae00000, 138412032 [pid 5079] <... umount2 resumed>) = 0 [pid 6318] <... setpgid resumed>) = 0 [pid 5079] umount2("./243/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6318] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./243/file0", [pid 6318] <... openat resumed>) = 3 [pid 6318] write(3, "1000", 4) = 4 [pid 6318] close(3) = 0 [pid 6318] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6318] memfd_create("syzkaller", 0 [pid 6316] <... munmap resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] close(3 [pid 6318] <... memfd_create resumed>) = 3 [pid 6318] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6316] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] umount2("./243/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... close resumed>) = 0 [pid 6316] <... openat resumed>) = 4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6316] ioctl(4, LOOP_SET_FD, 3 [pid 5079] openat(AT_FDCWD, "./243/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6319 attached ) = 4 [pid 5079] newfstatat(4, "", [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6319 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./243/file0") = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./243" [pid 6319] set_robust_list(0x555556d3f660, 24 [pid 5079] <... rmdir resumed>) = 0 [pid 6319] <... set_robust_list resumed>) = 0 [pid 6319] chdir("./242") = 0 [pid 5079] mkdir("./244", 0777 [pid 6319] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... mkdir resumed>) = 0 [pid 6319] <... prctl resumed>) = 0 [pid 6319] setpgid(0, 0 [pid 6316] <... ioctl resumed>) = 0 [pid 6319] <... setpgid resumed>) = 0 [pid 6316] close(3 [pid 6319] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6316] <... close resumed>) = 0 [pid 6316] close(4 [pid 6319] <... openat resumed>) = 3 [pid 6316] <... close resumed>) = 0 [pid 6319] write(3, "1000", 4 [pid 6318] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6317] <... write resumed>) = 2097152 [pid 6316] mkdir("./file0", 0777 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6319] <... write resumed>) = 4 [pid 5079] <... openat resumed>) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6319] close(3 [pid 6316] <... mkdir resumed>) = 0 [ 253.853430][ T6316] loop2: detected capacity change from 0 to 4096 [pid 6316] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6319] <... close resumed>) = 0 [pid 6319] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6317] munmap(0x7f3feae00000, 138412032) = 0 [pid 6319] memfd_create("syzkaller", 0 [pid 6317] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6317] ioctl(4, LOOP_SET_FD, 3 [pid 6319] <... memfd_create resumed>) = 3 [pid 6319] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6317] <... ioctl resumed>) = 0 [pid 6317] close(3) = 0 [pid 6317] close(4) = 0 [pid 6317] mkdir("./file0", 0777) = 0 [ 253.902815][ T6316] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 253.920328][ T6317] loop1: detected capacity change from 0 to 4096 [pid 6317] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6318] <... write resumed>) = 2097152 [pid 5079] <... ioctl resumed>) = 0 [pid 6318] munmap(0x7f3feae00000, 138412032) = 0 [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6320 ./strace-static-x86_64: Process 6320 attached [pid 6320] set_robust_list(0x555556d3f660, 24 [pid 6318] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6320] <... set_robust_list resumed>) = 0 [pid 6318] <... openat resumed>) = 4 [pid 6320] chdir("./244") = 0 [ 253.969280][ T6317] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6318] ioctl(4, LOOP_SET_FD, 3 [pid 6320] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6320] setpgid(0, 0) = 0 [pid 6320] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6320] write(3, "1000", 4) = 4 [pid 6320] close(3) = 0 [pid 6320] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6320] memfd_create("syzkaller", 0 [pid 6319] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6316] <... mount resumed>) = 0 [pid 6316] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6320] <... memfd_create resumed>) = 3 [pid 6320] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6318] <... ioctl resumed>) = 0 [pid 6317] <... mount resumed>) = 0 [pid 6316] <... openat resumed>) = 3 [pid 6316] chdir("./file0" [pid 6317] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6316] <... chdir resumed>) = 0 [pid 6317] chdir("./file0" [pid 6318] close(3 [pid 6317] <... chdir resumed>) = 0 [ 254.023311][ T6318] loop4: detected capacity change from 0 to 4096 [pid 6318] <... close resumed>) = 0 [pid 6317] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6316] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6318] close(4 [pid 6317] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6317] exit_group(0) = ? [pid 6317] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6317, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 6318] <... close resumed>) = 0 [pid 6316] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6318] mkdir("./file0", 0777 [pid 5077] umount2("./244", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6316] exit_group(0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./244", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", [pid 6318] <... mkdir resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, [pid 6318] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6316] <... exit_group resumed>) = ? [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6316] +++ exited with 0 +++ [pid 5077] umount2("./244/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6320] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./244/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./244/binderfs" [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6316, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5077] <... unlink resumed>) = 0 [pid 5077] umount2("./244/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] umount2("./246", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = 0 [pid 5077] umount2("./244/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./244/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./244/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./244/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] openat(AT_FDCWD, "./246", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] newfstatat(4, "", [pid 5078] <... openat resumed>) = 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] newfstatat(3, "", [pid 5077] getdents64(4, [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(3, [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] <... close resumed>) = 0 [pid 5078] umount2("./246/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./246/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./246/binderfs" [pid 6319] <... write resumed>) = 2097152 [pid 5077] rmdir("./244/file0" [pid 5078] <... unlink resumed>) = 0 [ 254.118295][ T6318] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5078] umount2("./246/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... rmdir resumed>) = 0 [pid 6320] <... write resumed>) = 2097152 [pid 6319] munmap(0x7f3feae00000, 138412032 [pid 5078] <... umount2 resumed>) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6320] munmap(0x7f3feae00000, 138412032 [pid 6319] <... munmap resumed>) = 0 [pid 6318] <... mount resumed>) = 0 [pid 5078] umount2("./246/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] close(3 [pid 6318] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5077] <... close resumed>) = 0 [pid 6318] <... openat resumed>) = 3 [pid 5077] rmdir("./244" [pid 6318] chdir("./file0" [pid 5077] <... rmdir resumed>) = 0 [pid 6319] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6318] <... chdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] mkdir("./245", 0777 [pid 6319] <... openat resumed>) = 4 [pid 6318] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] newfstatat(AT_FDCWD, "./246/file0", [pid 5077] <... mkdir resumed>) = 0 [pid 6319] ioctl(4, LOOP_SET_FD, 3 [pid 6318] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6318] exit_group(0) = ? [pid 5077] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6320] <... munmap resumed>) = 0 [pid 6319] <... ioctl resumed>) = 0 [pid 6318] +++ exited with 0 +++ [pid 5078] umount2("./246/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6319] close(3 [pid 6320] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6318, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6320] <... openat resumed>) = 4 [pid 5078] openat(AT_FDCWD, "./246/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6320] ioctl(4, LOOP_SET_FD, 3 [pid 6319] <... close resumed>) = 0 [pid 5078] <... openat resumed>) = 4 [pid 5078] newfstatat(4, "", [pid 6319] close(4) = 0 [pid 6319] mkdir("./file0", 0777 [pid 6320] <... ioctl resumed>) = 0 [pid 6319] <... mkdir resumed>) = 0 [pid 5080] umount2("./242", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6320] close(3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] getdents64(4, [pid 5080] openat(AT_FDCWD, "./242", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6320] <... close resumed>) = 0 [pid 6319] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [ 254.205782][ T6319] loop0: detected capacity change from 0 to 4096 [ 254.223278][ T6320] loop3: detected capacity change from 0 to 4096 [pid 5080] <... openat resumed>) = 3 [pid 5078] getdents64(4, [pid 6320] close(4 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6320] <... close resumed>) = 0 [pid 5078] close(4 [pid 6320] mkdir("./file0", 0777 [pid 5080] newfstatat(3, "", [pid 5078] <... close resumed>) = 0 [pid 5078] rmdir("./246/file0" [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6320] <... mkdir resumed>) = 0 [pid 5080] getdents64(3, [pid 5078] <... rmdir resumed>) = 0 [pid 6320] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./242/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./246" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... ioctl resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./242/binderfs", [pid 5078] <... rmdir resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] mkdir("./247", 0777 [pid 5077] close(3 [pid 5078] <... mkdir resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5080] unlink("./242/binderfs" [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] <... unlink resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5080] umount2("./242/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 6321 attached [pid 5080] <... umount2 resumed>) = 0 [pid 6321] set_robust_list(0x555556d3f660, 24 [pid 5080] umount2("./242/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6321 [pid 6321] <... set_robust_list resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6321] chdir("./245" [pid 5080] newfstatat(AT_FDCWD, "./242/file0", [pid 6321] <... chdir resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6321] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] umount2("./242/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6321] <... prctl resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 254.247893][ T6319] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 254.277228][ T6320] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6321] setpgid(0, 0 [pid 5080] openat(AT_FDCWD, "./242/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6321] <... setpgid resumed>) = 0 [pid 6321] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... openat resumed>) = 4 [pid 6321] <... openat resumed>) = 3 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, [pid 6321] write(3, "1000", 4 [pid 6319] <... mount resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6321] <... write resumed>) = 4 [pid 6321] close(3 [pid 5080] getdents64(4, [pid 6321] <... close resumed>) = 0 [pid 6319] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4 [pid 6321] symlink("/dev/binderfs", "./binderfs" [pid 6319] <... openat resumed>) = 3 [pid 5080] <... close resumed>) = 0 [pid 6321] <... symlink resumed>) = 0 [pid 6319] chdir("./file0" [pid 5080] rmdir("./242/file0" [pid 6319] <... chdir resumed>) = 0 [pid 6321] memfd_create("syzkaller", 0 [pid 6319] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] <... rmdir resumed>) = 0 [pid 6319] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6319] exit_group(0) = ? [pid 6319] +++ exited with 0 +++ [pid 6321] <... memfd_create resumed>) = 3 [pid 6321] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6319, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} --- [pid 5080] getdents64(3, [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 6321] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] <... restart_syscall resumed>) = 0 [pid 5080] close(3 [pid 5076] umount2("./242", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... close resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] rmdir("./242" [pid 5076] openat(AT_FDCWD, "./242", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6320] <... mount resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 6320] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6320] <... openat resumed>) = 3 [pid 5080] mkdir("./243", 0777 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6320] chdir("./file0" [pid 5078] close(3 [pid 5076] umount2("./242/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] newfstatat(AT_FDCWD, "./242/binderfs", [pid 6320] <... chdir resumed>) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6322 attached [pid 6320] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6322 [pid 5076] unlink("./242/binderfs" [pid 6322] set_robust_list(0x555556d3f660, 24) = 0 [pid 6322] chdir("./247") = 0 [pid 6322] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6322] setpgid(0, 0) = 0 [pid 6322] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] <... unlink resumed>) = 0 [pid 6322] <... openat resumed>) = 3 [pid 6320] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... openat resumed>) = 3 [pid 5076] umount2("./242/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6322] write(3, "1000", 4 [pid 6320] exit_group(0 [pid 6322] <... write resumed>) = 4 [pid 6320] <... exit_group resumed>) = ? [pid 5076] <... umount2 resumed>) = 0 [pid 6322] close(3) = 0 [pid 6322] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5076] umount2("./242/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6320] +++ exited with 0 +++ [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6320, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5076] newfstatat(AT_FDCWD, "./242/file0", [pid 6322] memfd_create("syzkaller", 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./242/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] umount2("./244", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./242/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] openat(AT_FDCWD, "./244", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] <... openat resumed>) = 4 [pid 5079] newfstatat(3, "", [pid 6322] <... memfd_create resumed>) = 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] newfstatat(4, "", [pid 6322] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, [pid 5076] getdents64(4, [pid 6322] <... mmap resumed>) = 0x7f3feae00000 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] umount2("./244/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(4, [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 5079] newfstatat(AT_FDCWD, "./244/binderfs", [pid 5076] <... close resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] rmdir("./242/file0" [pid 5079] unlink("./244/binderfs") = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, [pid 5079] umount2("./244/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./242" [pid 6321] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] <... rmdir resumed>) = 0 [pid 5076] mkdir("./243", 0777 [pid 5079] <... umount2 resumed>) = 0 [pid 5079] umount2("./244/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... mkdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5079] newfstatat(AT_FDCWD, "./244/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./244/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./244/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6322] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6321] <... write resumed>) = 2097152 [pid 6321] munmap(0x7f3feae00000, 138412032 [pid 5080] <... ioctl resumed>) = 0 [pid 5079] close(4 [pid 5080] close(3 [pid 5079] <... close resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5079] rmdir("./244/file0" [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... rmdir resumed>) = 0 [pid 6321] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 6323 attached [pid 5079] getdents64(3, [pid 6323] set_robust_list(0x555556d3f660, 24) = 0 [pid 6323] chdir("./243") = 0 [pid 6323] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6323] setpgid(0, 0) = 0 [pid 6323] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6323] write(3, "1000", 4) = 4 [pid 6323] close(3) = 0 [pid 6323] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6323] memfd_create("syzkaller", 0 [pid 6321] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6323 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6321] <... openat resumed>) = 4 [pid 5079] close(3 [pid 6323] <... memfd_create resumed>) = 3 [pid 6321] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... close resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 6323] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] rmdir("./244" [pid 6323] <... mmap resumed>) = 0x7f3feae00000 [pid 5079] <... rmdir resumed>) = 0 [pid 5079] mkdir("./245", 0777 [pid 5076] close(3) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6324 attached [pid 6321] <... ioctl resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6324] set_robust_list(0x555556d3f660, 24 [pid 6321] close(3 [pid 6324] <... set_robust_list resumed>) = 0 [pid 6321] <... close resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6324 [pid 6324] chdir("./243" [pid 6321] close(4 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6321] <... close resumed>) = 0 [pid 6324] <... chdir resumed>) = 0 [pid 6321] mkdir("./file0", 0777 [pid 6324] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6324] setpgid(0, 0 [pid 6321] <... mkdir resumed>) = 0 [pid 6324] <... setpgid resumed>) = 0 [pid 6321] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6324] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 254.567745][ T6321] loop1: detected capacity change from 0 to 4096 [pid 6322] <... write resumed>) = 2097152 [pid 6324] write(3, "1000", 4 [pid 6323] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6324] <... write resumed>) = 4 [pid 6324] close(3 [pid 6322] munmap(0x7f3feae00000, 138412032 [pid 6324] <... close resumed>) = 0 [pid 6322] <... munmap resumed>) = 0 [pid 6324] symlink("/dev/binderfs", "./binderfs") = 0 [ 254.616078][ T6321] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6322] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6324] memfd_create("syzkaller", 0 [pid 6322] <... openat resumed>) = 4 [pid 6322] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6324] <... memfd_create resumed>) = 3 [pid 6324] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6322] close(3) = 0 [pid 6322] close(4 [pid 6323] <... write resumed>) = 2097152 [pid 6322] <... close resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [ 254.671124][ T6322] loop2: detected capacity change from 0 to 4096 [pid 6322] mkdir("./file0", 0777) = 0 [pid 6322] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5079] close(3) = 0 [pid 6323] munmap(0x7f3feae00000, 138412032 [pid 6321] <... mount resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6325 ./strace-static-x86_64: Process 6325 attached [pid 6321] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6321] chdir("./file0" [pid 6325] set_robust_list(0x555556d3f660, 24 [pid 6321] <... chdir resumed>) = 0 [pid 6321] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6325] <... set_robust_list resumed>) = 0 [pid 6325] chdir("./245" [pid 6321] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6325] <... chdir resumed>) = 0 [pid 6323] <... munmap resumed>) = 0 [pid 6325] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6321] exit_group(0 [pid 6325] <... prctl resumed>) = 0 [pid 6321] <... exit_group resumed>) = ? [pid 6325] setpgid(0, 0) = 0 [pid 6323] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6321] +++ exited with 0 +++ [pid 6325] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6324] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6323] <... openat resumed>) = 4 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6321, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- [pid 6323] ioctl(4, LOOP_SET_FD, 3 [pid 5077] umount2("./245", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./245", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./245/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./245/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6325] <... openat resumed>) = 3 [pid 5077] unlink("./245/binderfs" [pid 6325] write(3, "1000", 4 [pid 5077] <... unlink resumed>) = 0 [pid 6325] <... write resumed>) = 4 [pid 5077] umount2("./245/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6325] close(3) = 0 [pid 6323] <... ioctl resumed>) = 0 [pid 6325] symlink("/dev/binderfs", "./binderfs" [pid 6323] close(3 [pid 5077] <... umount2 resumed>) = 0 [pid 6325] <... symlink resumed>) = 0 [pid 6323] <... close resumed>) = 0 [pid 6323] close(4 [pid 6325] memfd_create("syzkaller", 0 [pid 6323] <... close resumed>) = 0 [pid 6323] mkdir("./file0", 0777) = 0 [pid 5077] umount2("./245/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6325] <... memfd_create resumed>) = 3 [pid 6323] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6325] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [ 254.741202][ T6322] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 254.773144][ T6323] loop4: detected capacity change from 0 to 4096 [pid 5077] newfstatat(AT_FDCWD, "./245/file0", [pid 6325] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./245/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./245/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./245/file0") = 0 [pid 5077] getdents64(3, [pid 6324] <... write resumed>) = 2097152 [pid 6324] munmap(0x7f3feae00000, 138412032 [pid 6322] <... mount resumed>) = 0 [pid 6322] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6322] chdir("./file0") = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6322] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] close(3 [pid 6322] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] <... close resumed>) = 0 [pid 6324] <... munmap resumed>) = 0 [pid 6322] exit_group(0 [pid 5077] rmdir("./245" [pid 6324] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5077] <... rmdir resumed>) = 0 [ 254.822724][ T6323] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6324] ioctl(4, LOOP_SET_FD, 3 [pid 6322] <... exit_group resumed>) = ? [pid 5077] mkdir("./246", 0777 [pid 6322] +++ exited with 0 +++ [pid 5077] <... mkdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6322, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=4 /* 0.04 s */} --- [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6325] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6324] <... ioctl resumed>) = 0 [pid 5078] umount2("./247", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6323] <... mount resumed>) = 0 [pid 6324] close(3 [pid 6323] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6324] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6324] close(4 [pid 6323] <... openat resumed>) = 3 [pid 6324] <... close resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./247", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6323] chdir("./file0" [pid 6324] mkdir("./file0", 0777) = 0 [pid 6323] <... chdir resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 6324] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [ 254.883720][ T6324] loop0: detected capacity change from 0 to 4096 [pid 6323] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./247/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6323] exit_group(0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./247/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./247/binderfs" [pid 6323] <... exit_group resumed>) = ? [pid 5078] <... unlink resumed>) = 0 [pid 5078] umount2("./247/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5078] umount2("./247/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./247/file0", [pid 6323] +++ exited with 0 +++ [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6323, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5078] umount2("./247/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] restart_syscall(<... resuming interrupted clone ...> [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... restart_syscall resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./247/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", [pid 5080] umount2("./243", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./243", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6324] <... mount resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5078] getdents64(4, [pid 5077] close(3) = 0 [pid 6324] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6324] <... openat resumed>) = 3 [pid 5080] newfstatat(3, "", [pid 5078] getdents64(4, [pid 6324] chdir("./file0") = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6326 [pid 5078] close(4./strace-static-x86_64: Process 6326 attached [pid 6324] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] getdents64(3, [pid 5078] <... close resumed>) = 0 [pid 6326] set_robust_list(0x555556d3f660, 24) = 0 [pid 6326] chdir("./246" [pid 6324] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] rmdir("./247/file0" [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [ 254.932404][ T6324] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5078] <... rmdir resumed>) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./247") = 0 [pid 5078] mkdir("./248", 0777 [pid 6326] <... chdir resumed>) = 0 [pid 6325] <... write resumed>) = 2097152 [pid 6324] exit_group(0 [pid 5080] umount2("./243/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6326] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6324] <... exit_group resumed>) = ? [pid 6324] +++ exited with 0 +++ [pid 5078] <... mkdir resumed>) = 0 [pid 6326] <... prctl resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6324, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=5 /* 0.05 s */} --- [pid 6326] setpgid(0, 0) = 0 [pid 5080] newfstatat(AT_FDCWD, "./243/binderfs", [pid 6326] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./243/binderfs" [pid 6326] <... openat resumed>) = 3 [pid 5080] <... unlink resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6326] write(3, "1000", 4 [pid 5080] umount2("./243/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... openat resumed>) = 3 [pid 5076] umount2("./243", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6326] <... write resumed>) = 4 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6326] close(3 [pid 5076] openat(AT_FDCWD, "./243", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6326] <... close resumed>) = 0 [pid 6326] symlink("/dev/binderfs", "./binderfs" [pid 6325] munmap(0x7f3feae00000, 138412032 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] <... openat resumed>) = 3 [pid 6326] <... symlink resumed>) = 0 [pid 6325] <... munmap resumed>) = 0 [pid 5080] <... umount2 resumed>) = 0 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6325] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6326] memfd_create("syzkaller", 0 [pid 5080] umount2("./243/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, [pid 6326] <... memfd_create resumed>) = 3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6325] <... openat resumed>) = 4 [pid 6326] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] newfstatat(AT_FDCWD, "./243/file0", [pid 5076] umount2("./243/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6326] <... mmap resumed>) = 0x7f3feae00000 [pid 6325] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./243/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./243/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] unlink("./243/binderfs" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... unlink resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./243/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] umount2("./243/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... openat resumed>) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, [pid 5076] <... umount2 resumed>) = 0 [pid 6325] <... ioctl resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6325] close(3 [pid 5076] umount2("./243/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6325] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./243/file0", [pid 5080] getdents64(4, [pid 6325] close(4 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6325] <... close resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4 [pid 5076] umount2("./243/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./243/file0") = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./243/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] newfstatat(4, "", [pid 5080] close(3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./243" [pid 5076] getdents64(4, [pid 6325] mkdir("./file0", 0777 [pid 5080] <... rmdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, [pid 6325] <... mkdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 5080] mkdir("./244", 0777 [pid 5076] <... close resumed>) = 0 [pid 6325] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5080] <... mkdir resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [ 255.053747][ T6325] loop3: detected capacity change from 0 to 4096 [pid 5076] rmdir("./243/file0") = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] rmdir("./243") = 0 [pid 5080] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] mkdir("./244", 0777) = 0 [pid 5078] close(3 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5078] <... close resumed>) = 0 [pid 6326] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6327 ./strace-static-x86_64: Process 6327 attached [pid 6327] set_robust_list(0x555556d3f660, 24) = 0 [pid 6327] chdir("./248") = 0 [pid 6327] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6327] setpgid(0, 0) = 0 [pid 6327] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 255.102510][ T6325] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6327] write(3, "1000", 4) = 4 [pid 6327] close(3) = 0 [pid 6327] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6327] memfd_create("syzkaller", 0) = 3 [pid 6327] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6326] <... write resumed>) = 2097152 [pid 5080] <... ioctl resumed>) = 0 [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6326] munmap(0x7f3feae00000, 138412032./strace-static-x86_64: Process 6328 attached ) = 0 [pid 6328] set_robust_list(0x555556d3f660, 24 [pid 5076] <... ioctl resumed>) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6328 [pid 6328] <... set_robust_list resumed>) = 0 [pid 6328] chdir("./244" [pid 6326] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] close(3 [pid 6328] <... chdir resumed>) = 0 [pid 6328] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6326] <... openat resumed>) = 4 [pid 5076] <... close resumed>) = 0 [pid 6328] <... prctl resumed>) = 0 [pid 6328] setpgid(0, 0 [pid 6326] ioctl(4, LOOP_SET_FD, 3 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6328] <... setpgid resumed>) = 0 [pid 6328] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6325] <... mount resumed>) = 0 [pid 6328] write(3, "1000", 4 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6329 [pid 6328] <... write resumed>) = 4 [pid 6328] close(3) = 0 [pid 6328] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 6329 attached ) = 0 [pid 6329] set_robust_list(0x555556d3f660, 24) = 0 [pid 6325] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6325] chdir("./file0") = 0 [pid 6325] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6329] chdir("./244" [pid 6325] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6329] <... chdir resumed>) = 0 [pid 6328] memfd_create("syzkaller", 0 [pid 6325] exit_group(0 [pid 6326] <... ioctl resumed>) = 0 [pid 6329] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6328] <... memfd_create resumed>) = 3 [pid 6326] close(3 [pid 6325] <... exit_group resumed>) = ? [pid 6329] <... prctl resumed>) = 0 [pid 6326] <... close resumed>) = 0 [pid 6328] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6326] close(4 [pid 6329] setpgid(0, 0 [pid 6328] <... mmap resumed>) = 0x7f3feae00000 [pid 6326] <... close resumed>) = 0 [pid 6329] <... setpgid resumed>) = 0 [pid 6326] mkdir("./file0", 0777) = 0 [pid 6326] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6325] +++ exited with 0 +++ [ 255.255984][ T6326] loop1: detected capacity change from 0 to 4096 [pid 6329] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6327] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6325, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 6329] <... openat resumed>) = 3 [pid 5079] umount2("./245", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6329] write(3, "1000", 4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6329] <... write resumed>) = 4 [pid 5079] openat(AT_FDCWD, "./245", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6329] close(3 [pid 5079] <... openat resumed>) = 3 [pid 6329] <... close resumed>) = 0 [pid 5079] newfstatat(3, "", [pid 6329] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6329] memfd_create("syzkaller", 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6329] <... memfd_create resumed>) = 3 [pid 5079] umount2("./245/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6329] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6329] <... mmap resumed>) = 0x7f3feae00000 [pid 5079] newfstatat(AT_FDCWD, "./245/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./245/binderfs") = 0 [pid 5079] umount2("./245/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [ 255.300863][ T6326] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5079] umount2("./245/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./245/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./245/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6326] <... mount resumed>) = 0 [pid 6326] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6326] <... openat resumed>) = 3 [pid 6326] chdir("./file0" [pid 5079] openat(AT_FDCWD, "./245/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6326] <... chdir resumed>) = 0 [pid 6326] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] <... openat resumed>) = 4 [pid 6326] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] newfstatat(4, "", [pid 6326] exit_group(0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, [pid 6326] <... exit_group resumed>) = ? [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4 [pid 6327] <... write resumed>) = 2097152 [pid 6326] +++ exited with 0 +++ [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./245/file0" [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6326, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=7 /* 0.07 s */} --- [pid 5077] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] umount2("./246", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] close(3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./245" [pid 5077] openat(AT_FDCWD, "./246", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", [pid 5079] <... rmdir resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] mkdir("./246", 0777 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] <... mkdir resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] umount2("./246/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... openat resumed>) = 3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6327] munmap(0x7f3feae00000, 138412032 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5077] newfstatat(AT_FDCWD, "./246/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./246/binderfs") = 0 [pid 5077] umount2("./246/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6328] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... umount2 resumed>) = 0 [pid 6327] <... munmap resumed>) = 0 [pid 6329] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] umount2("./246/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./246/file0", [pid 6327] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6327] <... openat resumed>) = 4 [pid 5077] umount2("./246/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6327] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./246/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6328] <... write resumed>) = 2097152 [pid 6327] <... ioctl resumed>) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./246/file0") = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./246" [pid 6327] close(3 [pid 5077] <... rmdir resumed>) = 0 [pid 6327] <... close resumed>) = 0 [pid 6327] close(4 [pid 5077] mkdir("./247", 0777 [pid 6327] <... close resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 6327] mkdir("./file0", 0777 [pid 6328] munmap(0x7f3feae00000, 138412032 [pid 6327] <... mkdir resumed>) = 0 [pid 6328] <... munmap resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6327] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5077] <... openat resumed>) = 3 [ 255.438971][ T6327] loop2: detected capacity change from 0 to 4096 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6329] <... write resumed>) = 2097152 [pid 6328] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6328] ioctl(4, LOOP_SET_FD, 3 [pid 6329] munmap(0x7f3feae00000, 138412032 [pid 5079] <... ioctl resumed>) = 0 [pid 6328] <... ioctl resumed>) = 0 [pid 6328] close(3 [pid 5079] close(3 [pid 6328] <... close resumed>) = 0 [pid 6328] close(4) = 0 [pid 6328] mkdir("./file0", 0777) = 0 [pid 6328] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5079] <... close resumed>) = 0 [ 255.479098][ T6327] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 255.503250][ T6328] loop4: detected capacity change from 0 to 4096 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6329] <... munmap resumed>) = 0 [pid 6329] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6327] <... mount resumed>) = 0 [pid 6329] <... openat resumed>) = 4 [pid 6327] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6329] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6330 ./strace-static-x86_64: Process 6330 attached [pid 6330] set_robust_list(0x555556d3f660, 24 [pid 6327] <... openat resumed>) = 3 [pid 6330] <... set_robust_list resumed>) = 0 [pid 6330] chdir("./246" [pid 6327] chdir("./file0" [pid 6330] <... chdir resumed>) = 0 [pid 6330] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6330] setpgid(0, 0) = 0 [pid 6330] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6329] <... ioctl resumed>) = 0 [pid 6327] <... chdir resumed>) = 0 [pid 6330] <... openat resumed>) = 3 [pid 6329] close(3 [pid 6327] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6330] write(3, "1000", 4) = 4 [pid 6330] close(3 [pid 6327] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6330] <... close resumed>) = 0 [pid 6329] <... close resumed>) = 0 [pid 6330] symlink("/dev/binderfs", "./binderfs" [pid 6327] exit_group(0 [pid 6330] <... symlink resumed>) = 0 [pid 6329] close(4 [pid 6327] <... exit_group resumed>) = ? [pid 6329] <... close resumed>) = 0 [pid 6330] memfd_create("syzkaller", 0 [pid 6329] mkdir("./file0", 0777 [pid 6327] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6327, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5077] <... ioctl resumed>) = 0 [pid 5078] umount2("./248", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./248", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", [pid 5077] close(3 [pid 6329] <... mkdir resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6330] <... memfd_create resumed>) = 3 [pid 5078] getdents64(3, [pid 6330] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6330] <... mmap resumed>) = 0x7f3feae00000 [pid 6329] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [ 255.528117][ T6328] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 255.555114][ T6329] loop0: detected capacity change from 0 to 4096 [pid 5078] umount2("./248/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6331 attached ) = -1 EINVAL (Invalid argument) [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6331 [pid 6331] set_robust_list(0x555556d3f660, 24 [pid 5078] newfstatat(AT_FDCWD, "./248/binderfs", [pid 6331] <... set_robust_list resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6331] chdir("./247" [pid 5078] unlink("./248/binderfs") = 0 [pid 5078] umount2("./248/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6331] <... chdir resumed>) = 0 [pid 6331] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6331] setpgid(0, 0) = 0 [pid 6331] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6331] write(3, "1000", 4) = 4 [pid 6331] close(3) = 0 [pid 6331] symlink("/dev/binderfs", "./binderfs") = 0 [ 255.611034][ T6329] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6331] memfd_create("syzkaller", 0 [pid 5078] <... umount2 resumed>) = 0 [pid 6331] <... memfd_create resumed>) = 3 [pid 6331] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] umount2("./248/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6331] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./248/file0", [pid 6328] <... mount resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./248/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./248/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", [pid 6328] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6328] <... openat resumed>) = 3 [pid 5078] getdents64(4, [pid 6328] chdir("./file0" [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6328] <... chdir resumed>) = 0 [pid 5078] getdents64(4, [pid 6328] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6328] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] close(4 [pid 6328] exit_group(0 [pid 5078] <... close resumed>) = 0 [pid 6328] <... exit_group resumed>) = ? [pid 5078] rmdir("./248/file0" [pid 6329] <... mount resumed>) = 0 [pid 6328] +++ exited with 0 +++ [pid 5078] <... rmdir resumed>) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 6329] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] rmdir("./248" [pid 6329] <... openat resumed>) = 3 [pid 5078] <... rmdir resumed>) = 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6328, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5080] umount2("./244", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] mkdir("./249", 0777 [pid 6329] chdir("./file0") = 0 [pid 5080] openat(AT_FDCWD, "./244", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... mkdir resumed>) = 0 [pid 6329] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5080] <... openat resumed>) = 3 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6329] exit_group(0 [pid 5078] <... openat resumed>) = 3 [pid 6329] <... exit_group resumed>) = ? [pid 5080] newfstatat(3, "", [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6329] +++ exited with 0 +++ [pid 5080] umount2("./244/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./244/binderfs", [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6329, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5076] umount2("./244", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./244", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] unlink("./244/binderfs" [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, [pid 5080] <... unlink resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6330] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] umount2("./244/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] umount2("./244/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./244/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./244/binderfs") = 0 [pid 5076] umount2("./244/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5080] <... umount2 resumed>) = 0 [pid 5076] umount2("./244/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./244/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./244/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./244/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./244/file0") = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3 [pid 5080] umount2("./244/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... close resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] rmdir("./244") = 0 [pid 5080] newfstatat(AT_FDCWD, "./244/file0", [pid 5076] mkdir("./245", 0777 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5080] umount2("./244/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./244/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] newfstatat(4, "", [pid 5076] <... openat resumed>) = 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5080] getdents64(4, [pid 5076] <... ioctl resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] close(3 [pid 6331] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] <... close resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 6332 attached [pid 5080] close(4 [pid 6332] set_robust_list(0x555556d3f660, 24 [pid 5080] <... close resumed>) = 0 [pid 6332] <... set_robust_list resumed>) = 0 [pid 5080] rmdir("./244/file0" [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6332 [pid 5080] <... rmdir resumed>) = 0 [pid 6332] chdir("./245") = 0 [pid 6332] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6332] setpgid(0, 0) = 0 [pid 6332] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6332] write(3, "1000", 4 [pid 5080] getdents64(3, [pid 6332] <... write resumed>) = 4 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6332] close(3 [pid 5080] close(3 [pid 5078] <... ioctl resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 6332] <... close resumed>) = 0 [pid 5080] rmdir("./244" [pid 6332] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... rmdir resumed>) = 0 [pid 6332] <... symlink resumed>) = 0 [pid 5080] mkdir("./245", 0777 [pid 5078] close(3 [pid 6332] memfd_create("syzkaller", 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 ./strace-static-x86_64: Process 6333 attached [pid 6332] <... memfd_create resumed>) = 3 [pid 6330] <... write resumed>) = 2097152 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6333] set_robust_list(0x555556d3f660, 24 [pid 6332] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6333 [pid 6333] <... set_robust_list resumed>) = 0 [pid 6332] <... mmap resumed>) = 0x7f3feae00000 [pid 6333] chdir("./249" [pid 6330] munmap(0x7f3feae00000, 138412032 [pid 6333] <... chdir resumed>) = 0 [pid 6333] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6330] <... munmap resumed>) = 0 [pid 6333] setpgid(0, 0) = 0 [pid 6333] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6333] write(3, "1000", 4 [pid 6330] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6333] <... write resumed>) = 4 [pid 6330] <... openat resumed>) = 4 [pid 6333] close(3) = 0 [pid 6333] symlink("/dev/binderfs", "./binderfs" [pid 6330] ioctl(4, LOOP_SET_FD, 3 [pid 6333] <... symlink resumed>) = 0 [pid 6333] memfd_create("syzkaller", 0 [pid 6331] <... write resumed>) = 2097152 [pid 6333] <... memfd_create resumed>) = 3 [pid 6331] munmap(0x7f3feae00000, 138412032 [pid 6330] <... ioctl resumed>) = 0 [pid 6330] close(3) = 0 [pid 6330] close(4 [pid 6333] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6330] <... close resumed>) = 0 [pid 6333] <... mmap resumed>) = 0x7f3feae00000 [pid 6330] mkdir("./file0", 0777) = 0 [pid 6331] <... munmap resumed>) = 0 [ 255.848573][ T6330] loop3: detected capacity change from 0 to 4096 [pid 6330] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6331] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6331] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6331] close(3) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6334 [pid 6331] close(4) = 0 ./strace-static-x86_64: Process 6334 attached [pid 6331] mkdir("./file0", 0777 [pid 6334] set_robust_list(0x555556d3f660, 24) = 0 [pid 6331] <... mkdir resumed>) = 0 [pid 6334] chdir("./245" [pid 6332] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6334] <... chdir resumed>) = 0 [pid 6334] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6331] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6334] <... prctl resumed>) = 0 [ 255.913946][ T6330] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 255.926082][ T6331] loop1: detected capacity change from 0 to 4096 [pid 6334] setpgid(0, 0) = 0 [pid 6334] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6334] write(3, "1000", 4) = 4 [pid 6334] close(3) = 0 [pid 6334] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6334] memfd_create("syzkaller", 0) = 3 [pid 6333] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6330] <... mount resumed>) = 0 [pid 6334] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6330] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6330] chdir("./file0" [pid 6334] <... mmap resumed>) = 0x7f3feae00000 [pid 6332] <... write resumed>) = 2097152 [pid 6330] <... chdir resumed>) = 0 [ 255.971619][ T6331] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6330] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6330] exit_group(0 [pid 6333] <... write resumed>) = 2097152 [pid 6332] munmap(0x7f3feae00000, 138412032 [pid 6330] <... exit_group resumed>) = ? [pid 6330] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6330, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5079] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5079] umount2("./246", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./246", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6333] munmap(0x7f3feae00000, 138412032 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, [pid 6332] <... munmap resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6333] <... munmap resumed>) = 0 [pid 5079] umount2("./246/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./246/binderfs", [pid 6333] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6332] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6332] <... openat resumed>) = 4 [pid 5079] unlink("./246/binderfs" [pid 6333] <... openat resumed>) = 4 [pid 6332] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... unlink resumed>) = 0 [pid 5079] umount2("./246/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6333] ioctl(4, LOOP_SET_FD, 3 [pid 6331] <... mount resumed>) = 0 [pid 6331] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6331] chdir("./file0") = 0 [pid 6331] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6331] exit_group(0) = ? [pid 5079] <... umount2 resumed>) = 0 [pid 6333] <... ioctl resumed>) = 0 [pid 6333] close(3) = 0 [pid 6333] close(4 [pid 5079] umount2("./246/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6332] <... ioctl resumed>) = 0 [pid 6331] +++ exited with 0 +++ [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6332] close(3 [pid 5079] newfstatat(AT_FDCWD, "./246/file0", [pid 6332] <... close resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6331, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 6332] close(4 [pid 5077] restart_syscall(<... resuming interrupted clone ...> [pid 6333] <... close resumed>) = 0 [pid 6332] <... close resumed>) = 0 [pid 5079] umount2("./246/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6332] mkdir("./file0", 0777 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... restart_syscall resumed>) = 0 [pid 6332] <... mkdir resumed>) = 0 [ 256.091383][ T6332] loop0: detected capacity change from 0 to 4096 [ 256.100937][ T6333] loop2: detected capacity change from 0 to 4096 [pid 5079] openat(AT_FDCWD, "./246/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6334] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6333] mkdir("./file0", 0777 [pid 6332] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5079] <... openat resumed>) = 4 [pid 5077] umount2("./247", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6333] <... mkdir resumed>) = 0 [pid 5079] newfstatat(4, "", [pid 5077] openat(AT_FDCWD, "./247", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6333] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./246/file0" [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, [pid 5079] <... rmdir resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] umount2("./247/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./247/binderfs", [pid 5079] close(3) = 0 [pid 5079] rmdir("./246") = 0 [pid 5079] mkdir("./247", 0777) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./247/binderfs") = 0 [pid 5077] umount2("./247/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5077] <... umount2 resumed>) = 0 [ 256.159317][ T6332] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 256.178008][ T6333] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6334] <... write resumed>) = 2097152 [pid 5077] umount2("./247/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6334] munmap(0x7f3feae00000, 138412032 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./247/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./247/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./247/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6333] <... mount resumed>) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6333] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5077] getdents64(4, [pid 6334] <... munmap resumed>) = 0 [pid 6333] <... openat resumed>) = 3 [pid 6332] <... mount resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6334] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6333] chdir("./file0" [pid 6332] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6334] <... openat resumed>) = 4 [pid 6333] <... chdir resumed>) = 0 [pid 6332] <... openat resumed>) = 3 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./247/file0" [pid 6333] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6332] chdir("./file0" [pid 5077] <... rmdir resumed>) = 0 [pid 6333] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6332] <... chdir resumed>) = 0 [pid 5077] getdents64(3, [pid 6333] exit_group(0 [pid 6332] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6334] ioctl(4, LOOP_SET_FD, 3 [pid 6333] <... exit_group resumed>) = ? [pid 6332] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] close(3 [pid 6334] <... ioctl resumed>) = 0 [pid 5079] close(3) = 0 [pid 5077] <... close resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6333] +++ exited with 0 +++ [pid 6334] close(3 [pid 6332] exit_group(0 [pid 5077] rmdir("./247" [pid 6332] <... exit_group resumed>) = ? [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6333, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- ./strace-static-x86_64: Process 6335 attached [pid 5077] <... rmdir resumed>) = 0 [pid 6335] set_robust_list(0x555556d3f660, 24 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6335 [pid 6335] <... set_robust_list resumed>) = 0 [pid 5078] umount2("./249", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] mkdir("./248", 0777 [pid 6335] chdir("./247" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./249", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", [pid 6335] <... chdir resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 6335] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] getdents64(3, [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6335] <... prctl resumed>) = 0 [pid 6334] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6332] +++ exited with 0 +++ [pid 5078] umount2("./249/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... openat resumed>) = 3 [pid 6335] setpgid(0, 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6335] <... setpgid resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./249/binderfs", [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6332, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=7 /* 0.07 s */} --- [pid 5076] umount2("./245", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6334] close(4 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6334] <... close resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./245", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6334] mkdir("./file0", 0777 [pid 5076] <... openat resumed>) = 3 [pid 6334] <... mkdir resumed>) = 0 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./245/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] unlink("./249/binderfs" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6334] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5078] <... unlink resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./245/binderfs", [pid 6335] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] umount2("./249/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./245/binderfs" [pid 6335] <... openat resumed>) = 3 [pid 5076] <... unlink resumed>) = 0 [pid 6335] write(3, "1000", 4) = 4 [pid 6335] close(3) = 0 [pid 6335] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5076] umount2("./245/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] umount2("./249/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6335] memfd_create("syzkaller", 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./249/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5078] umount2("./249/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6335] <... memfd_create resumed>) = 3 [pid 6335] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./249/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6335] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] <... openat resumed>) = 4 [pid 5076] umount2("./245/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] newfstatat(AT_FDCWD, "./245/file0", [pid 5078] getdents64(4, [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4 [pid 5076] umount2("./245/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] rmdir("./249/file0" [pid 5076] openat(AT_FDCWD, "./245/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] newfstatat(4, "", [pid 5078] close(3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... close resumed>) = 0 [pid 5078] rmdir("./249" [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] <... rmdir resumed>) = 0 [pid 5078] mkdir("./250", 0777 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] <... mkdir resumed>) = 0 [ 256.290214][ T6334] loop4: detected capacity change from 0 to 4096 [ 256.324993][ T6334] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5076] close(4) = 0 [pid 5076] rmdir("./245/file0") = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] getdents64(3, [pid 5078] <... openat resumed>) = 3 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./245" [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] <... rmdir resumed>) = 0 [pid 5076] mkdir("./246", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5077] <... ioctl resumed>) = 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6336 attached [pid 6335] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6336 [pid 6336] set_robust_list(0x555556d3f660, 24) = 0 [pid 6336] chdir("./248") = 0 [pid 6336] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6336] setpgid(0, 0) = 0 [pid 6336] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6336] write(3, "1000", 4 [pid 5078] <... ioctl resumed>) = 0 [pid 6336] <... write resumed>) = 4 [pid 6336] close(3) = 0 [pid 6336] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6336] memfd_create("syzkaller", 0 [pid 6334] <... mount resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 6334] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] close(3 [pid 6334] <... openat resumed>) = 3 [pid 5078] <... close resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6334] chdir("./file0") = 0 [pid 6334] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6334] exit_group(0 [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6334] <... exit_group resumed>) = ? [pid 6336] <... memfd_create resumed>) = 3 [pid 6336] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 6338 attached ./strace-static-x86_64: Process 6337 attached ) = 0x7f3feae00000 [pid 6334] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6334, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=5 /* 0.05 s */} --- [pid 5080] umount2("./245", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./245", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6337 [pid 5080] umount2("./245/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./245/binderfs", [pid 6337] set_robust_list(0x555556d3f660, 24 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6337] <... set_robust_list resumed>) = 0 [pid 5080] unlink("./245/binderfs" [pid 6337] chdir("./250" [pid 5080] <... unlink resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6338 [pid 6337] <... chdir resumed>) = 0 [pid 6337] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6338] set_robust_list(0x555556d3f660, 24 [pid 6337] <... prctl resumed>) = 0 [pid 6335] <... write resumed>) = 2097152 [pid 5080] umount2("./245/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6338] <... set_robust_list resumed>) = 0 [pid 6337] setpgid(0, 0 [pid 6335] munmap(0x7f3feae00000, 138412032 [pid 6338] chdir("./246" [pid 6337] <... setpgid resumed>) = 0 [pid 6338] <... chdir resumed>) = 0 [pid 6338] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6337] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6338] <... prctl resumed>) = 0 [pid 6338] setpgid(0, 0 [pid 6337] <... openat resumed>) = 3 [pid 6335] <... munmap resumed>) = 0 [pid 5080] <... umount2 resumed>) = 0 [pid 6337] write(3, "1000", 4 [pid 6338] <... setpgid resumed>) = 0 [pid 6337] <... write resumed>) = 4 [pid 6338] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6337] close(3 [pid 5080] umount2("./245/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6337] <... close resumed>) = 0 [pid 6337] symlink("/dev/binderfs", "./binderfs" [pid 6338] <... openat resumed>) = 3 [pid 6337] <... symlink resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6338] write(3, "1000", 4 [pid 5080] newfstatat(AT_FDCWD, "./245/file0", [pid 6338] <... write resumed>) = 4 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6338] close(3 [pid 5080] umount2("./245/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6338] <... close resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6338] symlink("/dev/binderfs", "./binderfs" [pid 6337] memfd_create("syzkaller", 0 [pid 6338] <... symlink resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./245/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6338] memfd_create("syzkaller", 0 [pid 6337] <... memfd_create resumed>) = 3 [pid 6335] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] <... openat resumed>) = 4 [pid 6337] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6335] <... openat resumed>) = 4 [pid 5080] newfstatat(4, "", [pid 6338] <... memfd_create resumed>) = 3 [pid 6337] <... mmap resumed>) = 0x7f3feae00000 [pid 6336] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6335] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6338] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6335] <... ioctl resumed>) = 0 [pid 5080] getdents64(4, [pid 6338] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6335] close(3 [pid 5080] getdents64(4, [pid 6335] <... close resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6335] close(4 [pid 5080] close(4 [pid 6335] <... close resumed>) = 0 [pid 6337] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... close resumed>) = 0 [pid 6335] mkdir("./file0", 0777) = 0 [pid 5080] rmdir("./245/file0") = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./245" [pid 6335] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5080] <... rmdir resumed>) = 0 [ 256.549061][ T6335] loop3: detected capacity change from 0 to 4096 [pid 6338] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] mkdir("./246", 0777) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6336] <... write resumed>) = 2097152 [pid 5080] <... openat resumed>) = 3 [pid 6336] munmap(0x7f3feae00000, 138412032 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6336] <... munmap resumed>) = 0 [pid 6336] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6338] <... write resumed>) = 2097152 [ 256.608425][ T6335] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6338] munmap(0x7f3feae00000, 138412032 [pid 6336] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6336] close(3) = 0 [pid 6336] close(4 [pid 6338] <... munmap resumed>) = 0 [pid 6336] <... close resumed>) = 0 [pid 6337] <... write resumed>) = 2097152 [pid 6338] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6336] mkdir("./file0", 0777 [pid 6338] <... openat resumed>) = 4 [pid 6337] munmap(0x7f3feae00000, 138412032 [pid 6336] <... mkdir resumed>) = 0 [pid 6335] <... mount resumed>) = 0 [pid 6338] ioctl(4, LOOP_SET_FD, 3 [ 256.671732][ T6336] loop1: detected capacity change from 0 to 4096 [pid 6337] <... munmap resumed>) = 0 [pid 6336] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6335] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6335] chdir("./file0") = 0 [pid 6335] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6335] exit_group(0) = ? [pid 5080] <... ioctl resumed>) = 0 [pid 6338] <... ioctl resumed>) = 0 [pid 6337] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6335] +++ exited with 0 +++ [pid 6338] close(3) = 0 [pid 6337] <... openat resumed>) = 4 [pid 6338] close(4 [pid 6337] ioctl(4, LOOP_SET_FD, 3 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6335, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 6338] <... close resumed>) = 0 [pid 5079] umount2("./247", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6338] mkdir("./file0", 0777 [pid 5080] close(3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6337] <... ioctl resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./247", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6337] close(3 [pid 5080] <... close resumed>) = 0 [pid 6338] <... mkdir resumed>) = 0 [pid 6337] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... openat resumed>) = 3 [pid 6338] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6337] close(4 [pid 5079] newfstatat(3, "", [pid 6337] <... close resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 256.717016][ T6338] loop0: detected capacity change from 0 to 4096 [ 256.726332][ T6336] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 256.752990][ T6337] loop2: detected capacity change from 0 to 4096 [pid 6337] mkdir("./file0", 0777 [pid 5079] getdents64(3, [pid 6337] <... mkdir resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6337] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5079] umount2("./247/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6339 [pid 5079] newfstatat(AT_FDCWD, "./247/binderfs", [pid 6336] <... mount resumed>) = 0 [pid 6336] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6336] <... openat resumed>) = 3 [pid 5079] unlink("./247/binderfs" [pid 6336] chdir("./file0" [pid 5079] <... unlink resumed>) = 0 [pid 6336] <... chdir resumed>) = 0 [pid 5079] umount2("./247/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6339 attached [pid 6336] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6336] exit_group(0) = ? [pid 5079] <... umount2 resumed>) = 0 [pid 6339] set_robust_list(0x555556d3f660, 24) = 0 [pid 5079] umount2("./247/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6339] chdir("./246" [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6339] <... chdir resumed>) = 0 [pid 6336] +++ exited with 0 +++ [ 256.778894][ T6338] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 256.794605][ T6337] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5079] newfstatat(AT_FDCWD, "./247/file0", [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6336, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 6339] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6339] <... prctl resumed>) = 0 [pid 5079] umount2("./247/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6339] setpgid(0, 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6339] <... setpgid resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./247/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6339] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... openat resumed>) = 4 [pid 5077] umount2("./248", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6339] <... openat resumed>) = 3 [pid 6338] <... mount resumed>) = 0 [pid 5079] newfstatat(4, "", [pid 5077] openat(AT_FDCWD, "./248", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6339] write(3, "1000", 4 [pid 6338] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6339] <... write resumed>) = 4 [pid 6338] <... openat resumed>) = 3 [pid 5079] getdents64(4, [pid 5077] <... openat resumed>) = 3 [pid 6339] close(3 [pid 6338] chdir("./file0" [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] newfstatat(3, "", [pid 6339] <... close resumed>) = 0 [pid 6338] <... chdir resumed>) = 0 [pid 5079] getdents64(4, [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6339] symlink("/dev/binderfs", "./binderfs" [pid 6338] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] getdents64(3, [pid 6339] <... symlink resumed>) = 0 [pid 6338] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] close(4 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6339] memfd_create("syzkaller", 0 [pid 6338] exit_group(0 [pid 5079] <... close resumed>) = 0 [pid 5077] umount2("./248/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6338] <... exit_group resumed>) = ? [pid 5079] rmdir("./247/file0" [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... rmdir resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./248/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6337] <... mount resumed>) = 0 [pid 5077] unlink("./248/binderfs" [pid 5079] getdents64(3, [pid 5077] <... unlink resumed>) = 0 [pid 6337] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] umount2("./248/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6339] <... memfd_create resumed>) = 3 [pid 6337] <... openat resumed>) = 3 [pid 6338] +++ exited with 0 +++ [pid 5079] close(3 [pid 5077] <... umount2 resumed>) = 0 [pid 6339] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6337] chdir("./file0" [pid 5079] <... close resumed>) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6338, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 6339] <... mmap resumed>) = 0x7f3feae00000 [pid 6337] <... chdir resumed>) = 0 [pid 5079] rmdir("./247" [pid 5077] umount2("./248/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] umount2("./246", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./246", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./246/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] newfstatat(AT_FDCWD, "./248/file0", [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./246/binderfs", [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5077] umount2("./248/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] unlink("./246/binderfs") = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./246/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] mkdir("./248", 0777 [pid 5077] openat(AT_FDCWD, "./248/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... umount2 resumed>) = 0 [pid 6337] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] umount2("./246/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6337] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... mkdir resumed>) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6337] exit_group(0 [pid 5076] newfstatat(AT_FDCWD, "./246/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6337] <... exit_group resumed>) = ? [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] newfstatat(4, "", [pid 5076] umount2("./246/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./246/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] <... openat resumed>) = 3 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] rmdir("./246/file0" [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 6337] +++ exited with 0 +++ [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./246") = 0 [pid 5076] mkdir("./247", 0777) = 0 [pid 5077] getdents64(4, [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6337, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] umount2("./250", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] close(4 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... close resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./250", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] rmdir("./248/file0" [pid 5078] <... openat resumed>) = 3 [pid 5077] <... rmdir resumed>) = 0 [pid 6339] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] newfstatat(3, "", [pid 5077] getdents64(3, [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] getdents64(3, [pid 5077] close(3 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] <... close resumed>) = 0 [pid 5078] umount2("./250/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] rmdir("./248" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... rmdir resumed>) = 0 [pid 5077] mkdir("./249", 0777 [pid 5078] newfstatat(AT_FDCWD, "./250/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5078] unlink("./250/binderfs" [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] <... unlink resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 6339] <... write resumed>) = 2097152 [pid 5078] umount2("./250/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6339] munmap(0x7f3feae00000, 138412032) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5078] umount2("./250/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] <... ioctl resumed>) = 0 [pid 6339] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] newfstatat(AT_FDCWD, "./250/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] close(3 [pid 5078] umount2("./250/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./250/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6339] <... openat resumed>) = 4 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... openat resumed>) = 4 [pid 6339] ioctl(4, LOOP_SET_FD, 3 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 6340 attached [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6340 [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6340] set_robust_list(0x555556d3f660, 24 [pid 5078] getdents64(4, [pid 6340] <... set_robust_list resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6340] chdir("./248" [pid 5078] close(4) = 0 [pid 6340] <... chdir resumed>) = 0 [pid 5078] rmdir("./250/file0" [pid 5076] <... ioctl resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5076] close(3 [pid 5078] getdents64(3, [pid 6340] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] <... close resumed>) = 0 [pid 5078] close(3 [pid 6340] <... prctl resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6339] <... ioctl resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 6339] close(3) = 0 [pid 6339] close(4 [pid 5078] rmdir("./250" [pid 6339] <... close resumed>) = 0 [pid 6339] mkdir("./file0", 0777 [pid 5078] <... rmdir resumed>) = 0 [pid 5078] mkdir("./251", 0777 [pid 5077] close(3 [pid 6340] setpgid(0, 0./strace-static-x86_64: Process 6341 attached ) = 0 [pid 6339] <... mkdir resumed>) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6341 [pid 6341] set_robust_list(0x555556d3f660, 24 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6341] <... set_robust_list resumed>) = 0 [pid 6341] chdir("./247" [pid 5078] <... openat resumed>) = 3 [pid 6341] <... chdir resumed>) = 0 [pid 6341] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6339] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6340] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6342 [pid 6341] <... prctl resumed>) = 0 [pid 6340] <... openat resumed>) = 3 [ 257.033517][ T6339] loop4: detected capacity change from 0 to 4096 [pid 6341] setpgid(0, 0./strace-static-x86_64: Process 6342 attached ) = 0 [pid 6340] write(3, "1000", 4) = 4 [pid 6340] close(3 [pid 6341] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6340] <... close resumed>) = 0 [pid 6342] set_robust_list(0x555556d3f660, 24 [pid 6340] symlink("/dev/binderfs", "./binderfs" [pid 6342] <... set_robust_list resumed>) = 0 [pid 6342] chdir("./249" [pid 6341] <... openat resumed>) = 3 [pid 6340] <... symlink resumed>) = 0 [pid 6342] <... chdir resumed>) = 0 [pid 6342] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6341] write(3, "1000", 4) = 4 [pid 6341] close(3 [pid 6342] <... prctl resumed>) = 0 [pid 6342] setpgid(0, 0 [pid 6341] <... close resumed>) = 0 [pid 6341] symlink("/dev/binderfs", "./binderfs" [pid 6342] <... setpgid resumed>) = 0 [pid 6341] <... symlink resumed>) = 0 [pid 6341] memfd_create("syzkaller", 0 [pid 6342] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6340] memfd_create("syzkaller", 0 [pid 6341] <... memfd_create resumed>) = 3 [pid 6341] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6342] <... openat resumed>) = 3 [pid 6341] <... mmap resumed>) = 0x7f3feae00000 [pid 6340] <... memfd_create resumed>) = 3 [pid 6342] write(3, "1000", 4 [pid 6340] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6342] <... write resumed>) = 4 [pid 6340] <... mmap resumed>) = 0x7f3feae00000 [pid 6342] close(3) = 0 [pid 5078] <... ioctl resumed>) = 0 [ 257.089255][ T6339] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6342] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6342] memfd_create("syzkaller", 0) = 3 [pid 5078] close(3) = 0 [pid 6342] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6343 ./strace-static-x86_64: Process 6343 attached [pid 6343] set_robust_list(0x555556d3f660, 24) = 0 [pid 6343] chdir("./251") = 0 [pid 6343] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6341] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6343] setpgid(0, 0) = 0 [pid 6343] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6343] write(3, "1000", 4) = 4 [pid 6343] close(3) = 0 [pid 6343] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6339] <... mount resumed>) = 0 [pid 6342] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6340] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6339] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6339] chdir("./file0") = 0 [pid 6339] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6343] memfd_create("syzkaller", 0 [pid 6339] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6343] <... memfd_create resumed>) = 3 [pid 6339] exit_group(0) = ? [pid 6343] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6339] +++ exited with 0 +++ [pid 6343] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6339, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5080] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5080] umount2("./246", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./246", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./246/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./246/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./246/binderfs") = 0 [pid 5080] umount2("./246/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6342] <... write resumed>) = 2097152 [pid 5080] <... umount2 resumed>) = 0 [pid 6342] munmap(0x7f3feae00000, 138412032) = 0 [pid 6341] <... write resumed>) = 2097152 [pid 5080] umount2("./246/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6343] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6342] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6341] munmap(0x7f3feae00000, 138412032 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6342] <... openat resumed>) = 4 [pid 5080] newfstatat(AT_FDCWD, "./246/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6342] ioctl(4, LOOP_SET_FD, 3 [pid 5080] umount2("./246/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6341] <... munmap resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./246/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, [pid 6341] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, [pid 6341] <... openat resumed>) = 4 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6341] ioctl(4, LOOP_SET_FD, 3 [pid 5080] close(4) = 0 [pid 5080] rmdir("./246/file0" [pid 6340] <... write resumed>) = 2097152 [pid 5080] <... rmdir resumed>) = 0 [pid 6342] <... ioctl resumed>) = 0 [pid 6340] munmap(0x7f3feae00000, 138412032 [pid 5080] getdents64(3, [pid 6342] close(3 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6342] <... close resumed>) = 0 [pid 6342] close(4 [pid 5080] close(3 [pid 6342] <... close resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 6342] mkdir("./file0", 0777 [pid 5080] rmdir("./246" [pid 6342] <... mkdir resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5080] mkdir("./247", 0777) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6340] <... munmap resumed>) = 0 [pid 6341] <... ioctl resumed>) = 0 [pid 6341] close(3 [pid 6342] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6341] <... close resumed>) = 0 [ 257.363842][ T6342] loop1: detected capacity change from 0 to 4096 [ 257.373817][ T6341] loop0: detected capacity change from 0 to 4096 [pid 6341] close(4) = 0 [pid 6343] <... write resumed>) = 2097152 [pid 6340] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6341] mkdir("./file0", 0777) = 0 [pid 6340] <... openat resumed>) = 4 [pid 6343] munmap(0x7f3feae00000, 138412032 [pid 6341] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6340] ioctl(4, LOOP_SET_FD, 3 [pid 6343] <... munmap resumed>) = 0 [pid 6343] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6340] <... ioctl resumed>) = 0 [pid 6340] close(3) = 0 [pid 6340] close(4) = 0 [pid 6340] mkdir("./file0", 0777) = 0 [ 257.406312][ T6342] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 257.428262][ T6340] loop3: detected capacity change from 0 to 4096 [ 257.437255][ T6341] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6340] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6343] <... openat resumed>) = 4 [pid 6343] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... ioctl resumed>) = 0 [pid 6343] <... ioctl resumed>) = 0 [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6342] <... mount resumed>) = 0 [ 257.472030][ T6340] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 257.500059][ T6343] loop2: detected capacity change from 0 to 4096 [pid 6342] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 ./strace-static-x86_64: Process 6344 attached [pid 6343] close(3 [pid 6342] chdir("./file0" [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6344 [pid 6344] set_robust_list(0x555556d3f660, 24 [pid 6343] <... close resumed>) = 0 [pid 6342] <... chdir resumed>) = 0 [pid 6344] <... set_robust_list resumed>) = 0 [pid 6343] close(4 [pid 6342] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6344] chdir("./247" [pid 6343] <... close resumed>) = 0 [pid 6341] <... mount resumed>) = 0 [pid 6344] <... chdir resumed>) = 0 [pid 6342] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6343] mkdir("./file0", 0777 [pid 6344] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6341] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6344] setpgid(0, 0 [pid 6343] <... mkdir resumed>) = 0 [pid 6342] exit_group(0) = ? [pid 6344] <... setpgid resumed>) = 0 [pid 6341] <... openat resumed>) = 3 [pid 6344] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6341] chdir("./file0") = 0 [pid 6343] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6341] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6344] <... openat resumed>) = 3 [pid 6341] exit_group(0 [pid 6344] write(3, "1000", 4 [pid 6341] <... exit_group resumed>) = ? [pid 6344] <... write resumed>) = 4 [pid 6342] +++ exited with 0 +++ [pid 6344] close(3) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6342, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 6344] symlink("/dev/binderfs", "./binderfs" [pid 5077] umount2("./249", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6344] <... symlink resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6344] memfd_create("syzkaller", 0 [pid 5077] openat(AT_FDCWD, "./249", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6341] +++ exited with 0 +++ [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./249/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6344] <... memfd_create resumed>) = 3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6341, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=7 /* 0.07 s */} --- [pid 5077] newfstatat(AT_FDCWD, "./249/binderfs", [pid 6344] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./247", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6344] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] unlink("./249/binderfs" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./247", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... unlink resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, [pid 5077] umount2("./249/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./247/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./247/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./247/binderfs" [pid 5077] umount2("./249/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./249/file0", [pid 5076] <... unlink resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./247/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] umount2("./249/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./249/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, [pid 5076] <... umount2 resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./249/file0") = 0 [ 257.584749][ T6343] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5076] umount2("./247/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6340] <... mount resumed>) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... close resumed>) = 0 [pid 6340] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5077] rmdir("./249" [pid 5076] newfstatat(AT_FDCWD, "./247/file0", [pid 6340] <... openat resumed>) = 3 [pid 5077] <... rmdir resumed>) = 0 [pid 6343] <... mount resumed>) = 0 [pid 6340] chdir("./file0" [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6343] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6340] <... chdir resumed>) = 0 [pid 5076] umount2("./247/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6343] <... openat resumed>) = 3 [pid 5076] openat(AT_FDCWD, "./247/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] mkdir("./250", 0777 [pid 5076] <... openat resumed>) = 4 [pid 6343] chdir("./file0" [pid 6340] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... mkdir resumed>) = 0 [pid 5076] newfstatat(4, "", [pid 6340] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6343] <... chdir resumed>) = 0 [pid 6343] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6344] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6340] exit_group(0 [pid 5077] <... openat resumed>) = 3 [pid 5076] getdents64(4, [pid 6343] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6340] <... exit_group resumed>) = ? [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6343] exit_group(0 [pid 6340] +++ exited with 0 +++ [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6340, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 6343] <... exit_group resumed>) = ? [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6343] +++ exited with 0 +++ [pid 5076] close(4 [pid 5079] umount2("./248", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6343, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5076] <... close resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] umount2("./251", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] rmdir("./247/file0" [pid 5079] openat(AT_FDCWD, "./248", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, [pid 5078] openat(AT_FDCWD, "./251", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... rmdir resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./248/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... openat resumed>) = 3 [pid 5076] getdents64(3, [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(3, "", [pid 5079] newfstatat(AT_FDCWD, "./248/binderfs", [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] close(3 [pid 5078] getdents64(3, [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] rmdir("./247" [pid 5078] umount2("./251/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] unlink("./248/binderfs") = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] umount2("./248/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] newfstatat(AT_FDCWD, "./251/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./251/binderfs" [pid 5076] mkdir("./248", 0777 [pid 5079] <... umount2 resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5078] umount2("./251/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] umount2("./248/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] <... openat resumed>) = 3 [pid 5079] newfstatat(AT_FDCWD, "./248/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./248/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./248/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... umount2 resumed>) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5079] <... openat resumed>) = 4 [pid 5078] umount2("./251/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./248/file0") = 0 [pid 5079] getdents64(3, [pid 6344] <... write resumed>) = 2097152 [pid 5078] newfstatat(AT_FDCWD, "./251/file0", [pid 6344] munmap(0x7f3feae00000, 138412032 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] close(3) = 0 [pid 5078] umount2("./251/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6344] <... munmap resumed>) = 0 [pid 5079] rmdir("./248" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./251/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./251/file0") = 0 [pid 5079] mkdir("./249", 0777) = 0 [pid 6344] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 6344] ioctl(4, LOOP_SET_FD, 3 [pid 5078] rmdir("./251") = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5078] mkdir("./252", 0777 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] <... mkdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5077] <... ioctl resumed>) = 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6344] <... ioctl resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 6345 attached [pid 6344] close(3 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6345 [pid 6344] <... close resumed>) = 0 [pid 6344] close(4 [pid 6345] set_robust_list(0x555556d3f660, 24 [pid 6344] <... close resumed>) = 0 [pid 6344] mkdir("./file0", 0777) = 0 [pid 6344] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6345] <... set_robust_list resumed>) = 0 [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6346 [pid 6345] chdir("./250") = 0 [pid 6345] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 6346 attached ) = 0 [pid 6346] set_robust_list(0x555556d3f660, 24) = 0 [pid 6346] chdir("./248") = 0 [pid 6346] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6346] setpgid(0, 0) = 0 [pid 6346] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 257.763963][ T6344] loop4: detected capacity change from 0 to 4096 [ 257.802522][ T6344] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6346] write(3, "1000", 4) = 4 [pid 6346] close(3) = 0 [pid 6346] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6345] setpgid(0, 0) = 0 [pid 6345] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6346] memfd_create("syzkaller", 0) = 3 [pid 6345] <... openat resumed>) = 3 [pid 6345] write(3, "1000", 4 [pid 6346] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6345] <... write resumed>) = 4 [pid 5078] <... ioctl resumed>) = 0 [pid 6345] close(3 [pid 5078] close(3 [pid 6345] <... close resumed>) = 0 [pid 6345] symlink("/dev/binderfs", "./binderfs" [pid 5079] <... ioctl resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 6345] <... symlink resumed>) = 0 [pid 5079] close(3 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... close resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6347 attached [pid 6345] memfd_create("syzkaller", 0 [pid 6344] <... mount resumed>) = 0 [pid 6347] set_robust_list(0x555556d3f660, 24 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6347 [pid 6347] <... set_robust_list resumed>) = 0 [pid 6347] chdir("./252"./strace-static-x86_64: Process 6348 attached ) = 0 [pid 6345] <... memfd_create resumed>) = 3 [pid 6347] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6345] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6348 [pid 6348] set_robust_list(0x555556d3f660, 24 [pid 6347] <... prctl resumed>) = 0 [pid 6348] <... set_robust_list resumed>) = 0 [pid 6345] <... mmap resumed>) = 0x7f3feae00000 [pid 6344] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6348] chdir("./249" [pid 6347] setpgid(0, 0 [pid 6344] <... openat resumed>) = 3 [pid 6344] chdir("./file0" [pid 6348] <... chdir resumed>) = 0 [pid 6347] <... setpgid resumed>) = 0 [pid 6344] <... chdir resumed>) = 0 [pid 6344] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6348] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6347] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6348] setpgid(0, 0 [pid 6347] <... openat resumed>) = 3 [pid 6344] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6348] <... setpgid resumed>) = 0 [pid 6347] write(3, "1000", 4 [pid 6344] exit_group(0 [pid 6348] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6347] <... write resumed>) = 4 [pid 6344] <... exit_group resumed>) = ? [pid 6348] <... openat resumed>) = 3 [pid 6347] close(3 [pid 6344] +++ exited with 0 +++ [pid 6347] <... close resumed>) = 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6344, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 6347] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6348] write(3, "1000", 4 [pid 5080] umount2("./247", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6348] <... write resumed>) = 4 [pid 6347] memfd_create("syzkaller", 0 [pid 5080] openat(AT_FDCWD, "./247", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6348] close(3 [pid 6346] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... openat resumed>) = 3 [pid 6348] <... close resumed>) = 0 [pid 6347] <... memfd_create resumed>) = 3 [pid 6347] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6348] symlink("/dev/binderfs", "./binderfs" [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6348] <... symlink resumed>) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6347] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] umount2("./247/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./247/binderfs", [pid 6348] memfd_create("syzkaller", 0 [pid 6345] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6348] <... memfd_create resumed>) = 3 [pid 6348] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6346] <... write resumed>) = 2097152 [pid 5080] unlink("./247/binderfs") = 0 [pid 6346] munmap(0x7f3feae00000, 138412032 [pid 5080] umount2("./247/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6345] <... write resumed>) = 2097152 [pid 6347] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6346] <... munmap resumed>) = 0 [pid 5080] <... umount2 resumed>) = 0 [pid 5080] umount2("./247/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6345] munmap(0x7f3feae00000, 138412032 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./247/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./247/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./247/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6345] <... munmap resumed>) = 0 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4 [pid 6348] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6346] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6345] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6346] <... openat resumed>) = 4 [pid 5080] <... close resumed>) = 0 [pid 6346] ioctl(4, LOOP_SET_FD, 3 [pid 6345] <... openat resumed>) = 4 [pid 5080] rmdir("./247/file0" [pid 6346] <... ioctl resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 6345] ioctl(4, LOOP_SET_FD, 3 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6346] close(3 [pid 5080] close(3 [pid 6346] <... close resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 6346] close(4 [pid 5080] rmdir("./247" [pid 6346] <... close resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 6346] mkdir("./file0", 0777 [pid 5080] mkdir("./248", 0777) = 0 [pid 6346] <... mkdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6347] <... write resumed>) = 2097152 [pid 6346] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6345] <... ioctl resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6345] close(3 [pid 6348] <... write resumed>) = 2097152 [pid 6347] munmap(0x7f3feae00000, 138412032 [pid 6345] <... close resumed>) = 0 [pid 6348] munmap(0x7f3feae00000, 138412032 [pid 6345] close(4) = 0 [pid 6347] <... munmap resumed>) = 0 [pid 6345] mkdir("./file0", 0777 [pid 6347] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6345] <... mkdir resumed>) = 0 [ 258.081727][ T6346] loop0: detected capacity change from 0 to 4096 [ 258.090813][ T6345] loop1: detected capacity change from 0 to 4096 [ 258.107807][ T6346] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6345] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6347] <... openat resumed>) = 4 [pid 6347] ioctl(4, LOOP_SET_FD, 3 [pid 6348] <... munmap resumed>) = 0 [pid 6348] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6348] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6347] <... ioctl resumed>) = 0 [pid 6348] close(3) = 0 [pid 6348] close(4) = 0 [pid 6348] mkdir("./file0", 0777) = 0 [pid 6348] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6347] close(3) = 0 [pid 6347] close(4) = 0 [pid 6347] mkdir("./file0", 0777) = 0 [ 258.144534][ T6347] loop2: detected capacity change from 0 to 4096 [ 258.151092][ T6345] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 258.159829][ T6348] loop3: detected capacity change from 0 to 4096 [ 258.175955][ T6348] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6347] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6346] <... mount resumed>) = 0 [pid 6346] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6346] chdir("./file0") = 0 [pid 6346] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6346] exit_group(0) = ? [pid 6346] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6346, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5076] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5076] umount2("./248", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./248", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] <... ioctl resumed>) = 0 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6345] <... mount resumed>) = 0 [ 258.218874][ T6347] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5076] umount2("./248/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6345] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] newfstatat(AT_FDCWD, "./248/binderfs", [pid 6345] <... openat resumed>) = 3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6345] chdir("./file0" [pid 5076] unlink("./248/binderfs" [pid 6348] <... mount resumed>) = 0 [pid 6345] <... chdir resumed>) = 0 [pid 6345] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] <... unlink resumed>) = 0 [pid 6348] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6345] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] umount2("./248/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6348] <... openat resumed>) = 3 [pid 6345] exit_group(0 [pid 6348] chdir("./file0" [pid 6345] <... exit_group resumed>) = ? [pid 6348] <... chdir resumed>) = 0 [pid 5080] close(3) = 0 [pid 6348] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6348] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] <... umount2 resumed>) = 0 [pid 6348] exit_group(0./strace-static-x86_64: Process 6349 attached ) = ? [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6349 [pid 6349] set_robust_list(0x555556d3f660, 24 [pid 6348] +++ exited with 0 +++ [pid 6349] <... set_robust_list resumed>) = 0 [pid 6345] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6348, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=7 /* 0.07 s */} --- [pid 5076] umount2("./248/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6349] chdir("./248" [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6345, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6349] <... chdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6349] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] umount2("./249", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] newfstatat(AT_FDCWD, "./248/file0", [pid 6349] <... prctl resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6349] setpgid(0, 0 [pid 5079] openat(AT_FDCWD, "./249", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6349] <... setpgid resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5076] umount2("./248/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6349] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] newfstatat(3, "", [pid 6349] <... openat resumed>) = 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] umount2("./250", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] getdents64(3, [pid 5077] openat(AT_FDCWD, "./250", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] openat(AT_FDCWD, "./248/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6349] write(3, "1000", 4 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] <... openat resumed>) = 3 [pid 5076] <... openat resumed>) = 4 [pid 6349] <... write resumed>) = 4 [pid 5079] umount2("./249/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] newfstatat(3, "", [pid 5076] newfstatat(4, "", [pid 6349] close(3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6349] <... close resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6349] symlink("/dev/binderfs", "./binderfs" [pid 5079] newfstatat(AT_FDCWD, "./249/binderfs", [pid 5077] getdents64(3, [pid 5076] getdents64(4, [pid 6349] <... symlink resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6349] memfd_create("syzkaller", 0 [pid 6347] <... mount resumed>) = 0 [pid 5079] unlink("./249/binderfs" [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] getdents64(4, [pid 6349] <... memfd_create resumed>) = 3 [pid 6347] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... unlink resumed>) = 0 [pid 5077] umount2("./250/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6349] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6347] <... openat resumed>) = 3 [pid 5079] umount2("./249/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] close(4 [pid 6349] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] newfstatat(AT_FDCWD, "./250/binderfs", [pid 6347] chdir("./file0" [pid 5076] <... close resumed>) = 0 [pid 6347] <... chdir resumed>) = 0 [pid 6347] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6347] exit_group(0) = ? [pid 5076] rmdir("./248/file0" [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6347] +++ exited with 0 +++ [pid 5079] <... umount2 resumed>) = 0 [pid 5077] unlink("./250/binderfs" [pid 5076] <... rmdir resumed>) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6347, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5076] getdents64(3, [pid 5077] umount2("./250/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] umount2("./249/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 5076] close(3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6349] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] newfstatat(AT_FDCWD, "./249/file0", [pid 5078] umount2("./252", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] umount2("./250/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... close resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] rmdir("./248" [pid 5079] umount2("./249/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] openat(AT_FDCWD, "./252", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... rmdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... openat resumed>) = 3 [pid 5077] newfstatat(AT_FDCWD, "./250/file0", [pid 5076] mkdir("./249", 0777 [pid 5079] openat(AT_FDCWD, "./249/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] newfstatat(3, "", [pid 5076] <... mkdir resumed>) = 0 [pid 5079] <... openat resumed>) = 4 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] newfstatat(4, "", [pid 5078] getdents64(3, [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./250/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] getdents64(4, [pid 5078] umount2("./252/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... openat resumed>) = 3 [pid 5078] newfstatat(AT_FDCWD, "./252/binderfs", [pid 5077] openat(AT_FDCWD, "./250/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] getdents64(4, [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] unlink("./252/binderfs" [pid 5077] <... openat resumed>) = 4 [pid 5079] close(4 [pid 5078] <... unlink resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5078] umount2("./252/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] newfstatat(4, "", [pid 5079] rmdir("./249/file0" [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4 [pid 5079] getdents64(3, [pid 5077] <... close resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] rmdir("./250/file0" [pid 6349] <... write resumed>) = 2097152 [pid 5079] close(3 [pid 5078] <... umount2 resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./249") = 0 [pid 6349] munmap(0x7f3feae00000, 138412032 [pid 5078] umount2("./252/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] getdents64(3, [pid 5079] mkdir("./250", 0777 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] newfstatat(AT_FDCWD, "./252/file0", [pid 5077] close(3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5078] umount2("./252/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./252/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] rmdir("./250" [pid 5078] <... openat resumed>) = 4 [pid 5077] <... rmdir resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] newfstatat(4, "", [pid 5077] mkdir("./251", 0777 [pid 5079] <... openat resumed>) = 3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5077] <... mkdir resumed>) = 0 [pid 6349] <... munmap resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] getdents64(4, [pid 6349] <... openat resumed>) = 4 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6349] ioctl(4, LOOP_SET_FD, 3 [pid 5078] close(4 [pid 5077] <... openat resumed>) = 3 [pid 5078] <... close resumed>) = 0 [pid 5078] rmdir("./252/file0") = 0 [pid 5078] getdents64(3, [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3 [pid 6349] <... ioctl resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 6349] close(3 [pid 5078] rmdir("./252" [pid 6349] <... close resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 6349] close(4 [pid 5076] <... ioctl resumed>) = 0 [pid 6349] <... close resumed>) = 0 [pid 6349] mkdir("./file0", 0777) = 0 [pid 5078] mkdir("./253", 0777) = 0 [pid 6349] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [ 258.448967][ T6349] loop4: detected capacity change from 0 to 4096 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] close(3 [pid 5079] <... ioctl resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6351 ./strace-static-x86_64: Process 6350 attached ./strace-static-x86_64: Process 6351 attached [pid 6351] set_robust_list(0x555556d3f660, 24 [pid 6350] set_robust_list(0x555556d3f660, 24 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6350 [pid 6350] <... set_robust_list resumed>) = 0 [pid 6351] <... set_robust_list resumed>) = 0 [pid 6350] chdir("./250") = 0 [pid 6351] chdir("./249" [pid 6350] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 6350] setpgid(0, 0) = 0 [pid 6351] <... chdir resumed>) = 0 [ 258.499607][ T6349] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6351] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6350] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6351] <... prctl resumed>) = 0 [pid 5077] close(3 [pid 6351] setpgid(0, 0) = 0 [pid 6351] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6350] <... openat resumed>) = 3 [pid 5077] <... close resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6350] write(3, "1000", 4) = 4 [pid 6351] <... openat resumed>) = 3 [pid 6349] <... mount resumed>) = 0 [pid 6350] close(3) = 0 [pid 6349] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY./strace-static-x86_64: Process 6352 attached [pid 6350] symlink("/dev/binderfs", "./binderfs" [pid 6352] set_robust_list(0x555556d3f660, 24 [pid 6350] <... symlink resumed>) = 0 [pid 6351] write(3, "1000", 4 [pid 6349] <... openat resumed>) = 3 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6352 [pid 6352] <... set_robust_list resumed>) = 0 [pid 6351] <... write resumed>) = 4 [pid 6351] close(3 [pid 6352] chdir("./251" [pid 6350] memfd_create("syzkaller", 0 [pid 6351] <... close resumed>) = 0 [pid 6349] chdir("./file0" [pid 6352] <... chdir resumed>) = 0 [pid 6351] symlink("/dev/binderfs", "./binderfs" [pid 6349] <... chdir resumed>) = 0 [pid 6352] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6350] <... memfd_create resumed>) = 3 [pid 6351] <... symlink resumed>) = 0 [pid 6349] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6352] <... prctl resumed>) = 0 [pid 6352] setpgid(0, 0 [pid 6350] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6349] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] close(3 [pid 6352] <... setpgid resumed>) = 0 [pid 6350] <... mmap resumed>) = 0x7f3feae00000 [pid 6351] memfd_create("syzkaller", 0 [pid 6349] exit_group(0 [pid 5078] <... close resumed>) = 0 [pid 6352] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6352] write(3, "1000", 4 [pid 6349] <... exit_group resumed>) = ? [pid 6351] <... memfd_create resumed>) = 3 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6353 attached [pid 6352] <... write resumed>) = 4 [pid 6351] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6349] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6349, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6353 [pid 6352] close(3) = 0 [pid 6351] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] umount2("./248", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6353] set_robust_list(0x555556d3f660, 24) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6352] symlink("/dev/binderfs", "./binderfs" [pid 6353] chdir("./253" [pid 5080] openat(AT_FDCWD, "./248", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6352] <... symlink resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 6353] <... chdir resumed>) = 0 [pid 6352] memfd_create("syzkaller", 0 [pid 5080] newfstatat(3, "", [pid 6353] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6353] setpgid(0, 0 [pid 5080] getdents64(3, [pid 6353] <... setpgid resumed>) = 0 [pid 6353] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6352] <... memfd_create resumed>) = 3 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6353] <... openat resumed>) = 3 [pid 6352] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] umount2("./248/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6352] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6353] write(3, "1000", 4 [pid 5080] newfstatat(AT_FDCWD, "./248/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6353] <... write resumed>) = 4 [pid 5080] unlink("./248/binderfs" [pid 6353] close(3 [pid 5080] <... unlink resumed>) = 0 [pid 6353] <... close resumed>) = 0 [pid 6353] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5080] umount2("./248/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6353] memfd_create("syzkaller", 0 [pid 5080] <... umount2 resumed>) = 0 [pid 5080] umount2("./248/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./248/file0", [pid 6353] <... memfd_create resumed>) = 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6353] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] umount2("./248/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6353] <... mmap resumed>) = 0x7f3feae00000 [pid 6351] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] openat(AT_FDCWD, "./248/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6350] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... openat resumed>) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, [pid 6352] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./248/file0") = 0 [pid 6350] <... write resumed>) = 2097152 [pid 6350] munmap(0x7f3feae00000, 138412032 [pid 5080] getdents64(3, [pid 6353] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./248") = 0 [pid 5080] mkdir("./249", 0777) = 0 [pid 6351] <... write resumed>) = 2097152 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6350] <... munmap resumed>) = 0 [pid 6351] munmap(0x7f3feae00000, 138412032 [pid 5080] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6350] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6350] ioctl(4, LOOP_SET_FD, 3 [pid 6351] <... munmap resumed>) = 0 [pid 6352] <... write resumed>) = 2097152 [pid 6351] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6350] <... ioctl resumed>) = 0 [pid 6350] close(3 [pid 6351] <... openat resumed>) = 4 [pid 6352] munmap(0x7f3feae00000, 138412032 [pid 6350] <... close resumed>) = 0 [pid 6351] ioctl(4, LOOP_SET_FD, 3 [pid 6352] <... munmap resumed>) = 0 [pid 6350] close(4 [pid 6352] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6350] <... close resumed>) = 0 [pid 6353] <... write resumed>) = 2097152 [pid 6352] ioctl(4, LOOP_SET_FD, 3 [pid 6350] mkdir("./file0", 0777) = 0 [pid 6351] <... ioctl resumed>) = 0 [pid 6350] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6351] close(3) = 0 [pid 6353] munmap(0x7f3feae00000, 138412032 [pid 6352] <... ioctl resumed>) = 0 [pid 6351] close(4 [pid 6353] <... munmap resumed>) = 0 [pid 6351] <... close resumed>) = 0 [pid 6352] close(3 [pid 6351] mkdir("./file0", 0777 [pid 6353] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6352] <... close resumed>) = 0 [pid 6351] <... mkdir resumed>) = 0 [ 258.795988][ T6350] loop3: detected capacity change from 0 to 4096 [ 258.813893][ T6351] loop0: detected capacity change from 0 to 4096 [ 258.827810][ T6352] loop1: detected capacity change from 0 to 4096 [pid 6353] <... openat resumed>) = 4 [pid 6352] close(4) = 0 [pid 6353] ioctl(4, LOOP_SET_FD, 3 [pid 6352] mkdir("./file0", 0777 [pid 6351] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6352] <... mkdir resumed>) = 0 [pid 6352] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6353] <... ioctl resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 6353] close(3 [pid 5080] close(3 [pid 6353] <... close resumed>) = 0 [pid 6353] close(4 [pid 5080] <... close resumed>) = 0 [pid 6353] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6353] mkdir("./file0", 0777) = 0 [ 258.852766][ T6350] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 258.863880][ T6353] loop2: detected capacity change from 0 to 4096 [ 258.879506][ T6351] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 258.880151][ T6352] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). ./strace-static-x86_64: Process 6354 attached [pid 6353] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6354] set_robust_list(0x555556d3f660, 24 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6354 [pid 6351] <... mount resumed>) = 0 [pid 6351] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6351] chdir("./file0" [pid 6354] <... set_robust_list resumed>) = 0 [pid 6354] chdir("./249") = 0 [pid 6354] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6351] <... chdir resumed>) = 0 [pid 6351] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6354] <... prctl resumed>) = 0 [pid 6351] exit_group(0 [pid 6354] setpgid(0, 0 [pid 6350] <... mount resumed>) = 0 [pid 6351] <... exit_group resumed>) = ? [pid 6354] <... setpgid resumed>) = 0 [pid 6351] +++ exited with 0 +++ [pid 6354] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6350] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6351, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 6350] <... openat resumed>) = 3 [pid 5076] umount2("./249", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6350] chdir("./file0" [pid 6354] <... openat resumed>) = 3 [pid 6350] <... chdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6354] write(3, "1000", 4 [pid 6350] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] openat(AT_FDCWD, "./249", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6350] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6350] exit_group(0 [pid 5076] <... openat resumed>) = 3 [pid 6354] <... write resumed>) = 4 [pid 6350] <... exit_group resumed>) = ? [pid 5076] newfstatat(3, "", [pid 6354] close(3 [pid 6350] +++ exited with 0 +++ [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6354] <... close resumed>) = 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6350, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 6354] symlink("/dev/binderfs", "./binderfs" [pid 6352] <... mount resumed>) = 0 [ 258.927720][ T6353] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5076] getdents64(3, [pid 6352] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6354] <... symlink resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6352] <... openat resumed>) = 3 [pid 6352] chdir("./file0") = 0 [pid 5079] umount2("./250", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] umount2("./249/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6352] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6352] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] openat(AT_FDCWD, "./250", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6354] memfd_create("syzkaller", 0 [pid 5079] <... openat resumed>) = 3 [pid 5076] newfstatat(AT_FDCWD, "./249/binderfs", [pid 5079] newfstatat(3, "", [pid 6354] <... memfd_create resumed>) = 3 [pid 6352] exit_group(0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./249/binderfs" [pid 5079] getdents64(3, [pid 6352] <... exit_group resumed>) = ? [pid 6354] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6353] <... mount resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... unlink resumed>) = 0 [pid 5079] umount2("./250/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6353] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] umount2("./249/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6354] <... mmap resumed>) = 0x7f3feae00000 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./250/binderfs", [pid 6353] <... openat resumed>) = 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6353] chdir("./file0" [pid 6352] +++ exited with 0 +++ [pid 5079] unlink("./250/binderfs" [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6352, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5076] <... umount2 resumed>) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 5077] restart_syscall(<... resuming interrupted clone ...> [pid 6353] <... chdir resumed>) = 0 [pid 5077] <... restart_syscall resumed>) = 0 [pid 5079] umount2("./250/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6353] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] umount2("./249/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] umount2("./251", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6353] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./249/file0", [pid 5077] openat(AT_FDCWD, "./251", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6353] exit_group(0 [pid 5077] <... openat resumed>) = 3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] newfstatat(3, "", [pid 5076] umount2("./249/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6353] <... exit_group resumed>) = ? [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, [pid 5076] openat(AT_FDCWD, "./249/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6353] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6353, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5078] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... openat resumed>) = 4 [pid 5078] umount2("./253", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(4, "", [pid 5078] openat(AT_FDCWD, "./253", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] umount2("./251/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] newfstatat(3, "", [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, [pid 5077] newfstatat(AT_FDCWD, "./251/binderfs", [pid 5078] getdents64(3, [pid 5079] <... umount2 resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] umount2("./250/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] umount2("./253/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] unlink("./251/binderfs" [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] umount2("./251/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] rmdir("./249/file0" [pid 5079] newfstatat(AT_FDCWD, "./250/file0", [pid 5076] <... rmdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] getdents64(3, [pid 5078] newfstatat(AT_FDCWD, "./253/binderfs", [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./250/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] unlink("./253/binderfs" [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] rmdir("./249" [pid 5079] openat(AT_FDCWD, "./250/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... unlink resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5078] umount2("./253/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] mkdir("./250", 0777 [pid 5079] <... openat resumed>) = 4 [pid 5076] <... mkdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5079] newfstatat(4, "", [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] umount2("./253/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] ioctl(3, LOOP_CLR_FD) = 0 [pid 5076] close(3) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] getdents64(4, [pid 5078] newfstatat(AT_FDCWD, "./253/file0", [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] getdents64(4, [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./251/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] umount2("./253/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] close(4 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... close resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./253/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] rmdir("./250/file0") = 0 [pid 5077] newfstatat(AT_FDCWD, "./251/file0", ./strace-static-x86_64: Process 6355 attached [pid 5078] <... openat resumed>) = 4 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6355 [pid 6355] set_robust_list(0x555556d3f660, 24 [pid 5079] getdents64(3, [pid 5078] newfstatat(4, "", [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6355] <... set_robust_list resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] umount2("./251/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6355] chdir("./250" [pid 6354] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] close(3 [pid 5078] getdents64(4, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6355] <... chdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] openat(AT_FDCWD, "./251/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] getdents64(4, [pid 5077] <... openat resumed>) = 4 [pid 6355] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] newfstatat(4, "", [pid 6355] <... prctl resumed>) = 0 [pid 5079] rmdir("./250" [pid 5078] close(4 [pid 6355] setpgid(0, 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6355] <... setpgid resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5078] rmdir("./253/file0" [pid 6355] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] <... rmdir resumed>) = 0 [pid 5079] mkdir("./251", 0777 [pid 5077] getdents64(4, [pid 6355] <... openat resumed>) = 3 [pid 5079] <... mkdir resumed>) = 0 [pid 5078] getdents64(3, [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6355] write(3, "1000", 4 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6355] <... write resumed>) = 4 [pid 5079] <... openat resumed>) = 3 [pid 5078] close(3 [pid 5077] getdents64(4, [pid 6355] close(3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] <... close resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6355] <... close resumed>) = 0 [pid 5078] rmdir("./253" [pid 5077] close(4 [pid 6355] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... rmdir resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 6355] <... symlink resumed>) = 0 [pid 5077] rmdir("./251/file0") = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3 [pid 5078] mkdir("./254", 0777 [pid 5077] <... close resumed>) = 0 [pid 6355] memfd_create("syzkaller", 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5077] rmdir("./251" [pid 6355] <... memfd_create resumed>) = 3 [pid 5077] <... rmdir resumed>) = 0 [pid 6355] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] mkdir("./252", 0777 [pid 6355] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] <... mkdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] <... openat resumed>) = 3 [pid 5077] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6354] <... write resumed>) = 2097152 [pid 6354] munmap(0x7f3feae00000, 138412032) = 0 [pid 6354] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6354] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... ioctl resumed>) = 0 [pid 6354] <... ioctl resumed>) = 0 [pid 6354] close(3) = 0 [pid 6354] close(4) = 0 [pid 6354] mkdir("./file0", 0777) = 0 [pid 5079] close(3 [pid 6354] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5078] <... ioctl resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6355] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6356 ./strace-static-x86_64: Process 6356 attached [pid 5078] close(3 [pid 5077] <... ioctl resumed>) = 0 [pid 6356] set_robust_list(0x555556d3f660, 24 [pid 5078] <... close resumed>) = 0 [pid 5077] close(3 [pid 6356] <... set_robust_list resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... close resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6357 attached [pid 6356] chdir("./251" [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6357 [pid 6357] set_robust_list(0x555556d3f660, 24 [pid 6356] <... chdir resumed>) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6358 ./strace-static-x86_64: Process 6358 attached [pid 6357] <... set_robust_list resumed>) = 0 [ 259.203711][ T6354] loop4: detected capacity change from 0 to 4096 [ 259.243818][ T6354] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6356] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6358] set_robust_list(0x555556d3f660, 24 [pid 6357] chdir("./252" [pid 6356] <... prctl resumed>) = 0 [pid 6354] <... mount resumed>) = 0 [pid 6358] <... set_robust_list resumed>) = 0 [pid 6356] setpgid(0, 0 [pid 6358] chdir("./254" [pid 6357] <... chdir resumed>) = 0 [pid 6356] <... setpgid resumed>) = 0 [pid 6354] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6357] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6356] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6354] <... openat resumed>) = 3 [pid 6358] <... chdir resumed>) = 0 [pid 6357] <... prctl resumed>) = 0 [pid 6356] <... openat resumed>) = 3 [pid 6354] chdir("./file0") = 0 [pid 6356] write(3, "1000", 4 [pid 6357] setpgid(0, 0 [pid 6356] <... write resumed>) = 4 [pid 6354] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6358] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6357] <... setpgid resumed>) = 0 [pid 6356] close(3 [pid 6354] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6356] <... close resumed>) = 0 [pid 6358] <... prctl resumed>) = 0 [pid 6354] exit_group(0 [pid 6356] symlink("/dev/binderfs", "./binderfs" [pid 6358] setpgid(0, 0 [pid 6357] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6356] <... symlink resumed>) = 0 [pid 6355] <... write resumed>) = 2097152 [pid 6354] <... exit_group resumed>) = ? [pid 6358] <... setpgid resumed>) = 0 [pid 6357] <... openat resumed>) = 3 [pid 6358] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6358] write(3, "1000", 4) = 4 [pid 6357] write(3, "1000", 4 [pid 6355] munmap(0x7f3feae00000, 138412032 [pid 6358] close(3 [pid 6357] <... write resumed>) = 4 [pid 6356] memfd_create("syzkaller", 0 [pid 6358] <... close resumed>) = 0 [pid 6357] close(3 [pid 6356] <... memfd_create resumed>) = 3 [pid 6354] +++ exited with 0 +++ [pid 6358] symlink("/dev/binderfs", "./binderfs" [pid 6357] <... close resumed>) = 0 [pid 6356] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6354, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 6358] <... symlink resumed>) = 0 [pid 6357] symlink("/dev/binderfs", "./binderfs" [pid 6356] <... mmap resumed>) = 0x7f3feae00000 [pid 6355] <... munmap resumed>) = 0 [pid 6357] <... symlink resumed>) = 0 [pid 6355] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6358] memfd_create("syzkaller", 0 [pid 5080] umount2("./249", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./249", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6357] memfd_create("syzkaller", 0 [pid 6355] <... openat resumed>) = 4 [pid 5080] <... openat resumed>) = 3 [pid 6358] <... memfd_create resumed>) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6358] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] getdents64(3, [pid 6358] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./249/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./249/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./249/binderfs") = 0 [pid 5080] umount2("./249/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6357] <... memfd_create resumed>) = 3 [pid 6355] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... umount2 resumed>) = 0 [pid 6357] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] umount2("./249/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./249/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./249/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./249/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6357] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./249/file0") = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./249") = 0 [pid 6355] <... ioctl resumed>) = 0 [pid 5080] mkdir("./250", 0777 [pid 6355] close(3) = 0 [pid 6355] close(4 [pid 5080] <... mkdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6355] <... close resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6355] mkdir("./file0", 0777) = 0 [ 259.382166][ T6355] loop0: detected capacity change from 0 to 4096 [pid 6355] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6356] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6358] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [ 259.441977][ T6355] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6357] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... ioctl resumed>) = 0 [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6359 attached [pid 6359] set_robust_list(0x555556d3f660, 24 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6359 [pid 6359] <... set_robust_list resumed>) = 0 [pid 6359] chdir("./250") = 0 [pid 6359] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6359] setpgid(0, 0 [pid 6356] <... write resumed>) = 2097152 [pid 6359] <... setpgid resumed>) = 0 [pid 6359] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6359] write(3, "1000", 4) = 4 [pid 6359] close(3) = 0 [pid 6359] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6359] memfd_create("syzkaller", 0 [pid 6358] <... write resumed>) = 2097152 [pid 6359] <... memfd_create resumed>) = 3 [pid 6356] munmap(0x7f3feae00000, 138412032 [pid 6359] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6358] munmap(0x7f3feae00000, 138412032 [pid 6355] <... mount resumed>) = 0 [pid 6357] <... write resumed>) = 2097152 [pid 6355] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6357] munmap(0x7f3feae00000, 138412032 [pid 6359] <... mmap resumed>) = 0x7f3feae00000 [pid 6358] <... munmap resumed>) = 0 [pid 6357] <... munmap resumed>) = 0 [pid 6355] <... openat resumed>) = 3 [pid 6357] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6358] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6356] <... munmap resumed>) = 0 [pid 6355] chdir("./file0") = 0 [pid 6355] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6357] <... openat resumed>) = 4 [pid 6356] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6355] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6358] <... openat resumed>) = 4 [pid 6358] ioctl(4, LOOP_SET_FD, 3 [pid 6356] <... openat resumed>) = 4 [pid 6355] exit_group(0 [pid 6357] ioctl(4, LOOP_SET_FD, 3 [pid 6355] <... exit_group resumed>) = ? [pid 6356] ioctl(4, LOOP_SET_FD, 3 [pid 6358] <... ioctl resumed>) = 0 [pid 6357] <... ioctl resumed>) = 0 [pid 6355] +++ exited with 0 +++ [pid 6358] close(3 [pid 6357] close(3 [pid 6358] <... close resumed>) = 0 [pid 6358] close(4 [pid 6357] <... close resumed>) = 0 [pid 6358] <... close resumed>) = 0 [pid 6357] close(4 [pid 6358] mkdir("./file0", 0777) = 0 [pid 6357] <... close resumed>) = 0 [pid 6358] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6357] mkdir("./file0", 0777 [pid 6359] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6356] <... ioctl resumed>) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6355, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 6357] <... mkdir resumed>) = 0 [pid 5076] <... restart_syscall resumed>) = 0 [ 259.583706][ T6358] loop2: detected capacity change from 0 to 4096 [ 259.593683][ T6357] loop1: detected capacity change from 0 to 4096 [ 259.600171][ T6356] loop3: detected capacity change from 0 to 4096 [ 259.621085][ T6358] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6357] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6356] close(3 [pid 5076] umount2("./250", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6356] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6356] close(4 [pid 5076] openat(AT_FDCWD, "./250", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6356] <... close resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 6356] mkdir("./file0", 0777) = 0 [pid 6356] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./250/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./250/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./250/binderfs") = 0 [pid 5076] umount2("./250/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5076] umount2("./250/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./250/file0", [pid 6358] <... mount resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 259.645214][ T6357] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 259.654635][ T6356] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6358] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] umount2("./250/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./250/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6358] <... openat resumed>) = 3 [pid 5076] newfstatat(4, "", [pid 6358] chdir("./file0" [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, [pid 6358] <... chdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6358] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5076] getdents64(4, [pid 6358] exit_group(0) = ? [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./250/file0") = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./250" [pid 6358] +++ exited with 0 +++ [pid 5076] <... rmdir resumed>) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6358, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 5078] umount2("./254", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./254", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", [pid 5076] mkdir("./251", 0777 [pid 6359] <... write resumed>) = 2097152 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 6359] munmap(0x7f3feae00000, 138412032 [pid 5078] getdents64(3, [pid 6356] <... mount resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6356] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] umount2("./254/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 3 [pid 6356] <... openat resumed>) = 3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6356] chdir("./file0" [pid 5078] newfstatat(AT_FDCWD, "./254/binderfs", [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6356] <... chdir resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6356] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] unlink("./254/binderfs" [pid 6356] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... unlink resumed>) = 0 [pid 6356] exit_group(0 [pid 5078] umount2("./254/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6356] <... exit_group resumed>) = ? [pid 6359] <... munmap resumed>) = 0 [pid 6357] <... mount resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 6359] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6357] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6359] <... openat resumed>) = 4 [pid 6357] chdir("./file0" [pid 6359] ioctl(4, LOOP_SET_FD, 3 [pid 6357] <... chdir resumed>) = 0 [pid 6356] +++ exited with 0 +++ [pid 6357] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] umount2("./254/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./254/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./254/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./254/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6356, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6357] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] getdents64(4, [pid 6359] <... ioctl resumed>) = 0 [pid 6357] exit_group(0) = ? [pid 5079] umount2("./251", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./254/file0" [pid 6359] close(3 [pid 6357] +++ exited with 0 +++ [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6359] <... close resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./251", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6359] close(4) = 0 [pid 5079] <... openat resumed>) = 3 [pid 6359] mkdir("./file0", 0777 [pid 5079] newfstatat(3, "", [pid 6359] <... mkdir resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6357, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6359] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5079] getdents64(3, [pid 5078] getdents64(3, [pid 5077] umount2("./252", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./252", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] close(3) = 0 [pid 5077] umount2("./252/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] rmdir("./254") = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./252/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [ 259.777500][ T6359] loop4: detected capacity change from 0 to 4096 [pid 5077] unlink("./252/binderfs" [pid 5079] umount2("./251/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... unlink resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] mkdir("./255", 0777 [pid 5077] umount2("./252/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... mkdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5079] newfstatat(AT_FDCWD, "./251/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 5079] unlink("./251/binderfs" [pid 5077] umount2("./252/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./252/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./252/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... unlink resumed>) = 0 [pid 5079] umount2("./251/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./252/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./252/file0" [pid 5076] close(3 [pid 5079] <... umount2 resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] umount2("./251/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] close(3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./252" [pid 5079] newfstatat(AT_FDCWD, "./251/file0", [pid 5077] <... rmdir resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./251/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] mkdir("./253", 0777 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... mkdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6360 [pid 5079] openat(AT_FDCWD, "./251/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] <... openat resumed>) = 3 [pid 5079] newfstatat(4, "", [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 6360 attached [pid 5079] getdents64(4, [pid 6360] set_robust_list(0x555556d3f660, 24 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6360] <... set_robust_list resumed>) = 0 [ 259.829049][ T6359] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5079] getdents64(4, [pid 6360] chdir("./251" [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6360] <... chdir resumed>) = 0 [pid 5079] close(4) = 0 [pid 6360] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] rmdir("./251/file0" [pid 6360] <... prctl resumed>) = 0 [pid 6360] setpgid(0, 0 [pid 5079] <... rmdir resumed>) = 0 [pid 6360] <... setpgid resumed>) = 0 [pid 6360] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] getdents64(3, [pid 6360] <... openat resumed>) = 3 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 6360] write(3, "1000", 4) = 4 [pid 5079] close(3 [pid 6360] close(3) = 0 [pid 5079] <... close resumed>) = 0 [pid 6360] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5079] rmdir("./251" [pid 6360] memfd_create("syzkaller", 0 [pid 5079] <... rmdir resumed>) = 0 [pid 6360] <... memfd_create resumed>) = 3 [pid 5079] mkdir("./252", 0777 [pid 5078] close(3) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6360] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] <... mkdir resumed>) = 0 [pid 6360] <... mmap resumed>) = 0x7f3feae00000 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6361 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5077] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 6361 attached [pid 6361] set_robust_list(0x555556d3f660, 24 [pid 5077] close(3 [pid 6361] <... set_robust_list resumed>) = 0 [pid 6361] chdir("./255" [pid 5077] <... close resumed>) = 0 [pid 6361] <... chdir resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6359] <... mount resumed>) = 0 [pid 6361] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6361] setpgid(0, 0./strace-static-x86_64: Process 6362 attached ) = 0 [pid 6359] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6362 [pid 6362] set_robust_list(0x555556d3f660, 24 [pid 6361] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6359] <... openat resumed>) = 3 [pid 6362] <... set_robust_list resumed>) = 0 [pid 6361] <... openat resumed>) = 3 [pid 6359] chdir("./file0" [pid 6362] chdir("./253" [pid 6361] write(3, "1000", 4) = 4 [pid 6361] close(3) = 0 [pid 6361] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6362] <... chdir resumed>) = 0 [pid 6359] <... chdir resumed>) = 0 [pid 6359] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6361] memfd_create("syzkaller", 0 [pid 5079] <... ioctl resumed>) = 0 [pid 6359] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6362] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6361] <... memfd_create resumed>) = 3 [pid 6362] setpgid(0, 0 [pid 6359] exit_group(0 [pid 5079] close(3 [pid 6362] <... setpgid resumed>) = 0 [pid 6361] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6360] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6359] <... exit_group resumed>) = ? [pid 5079] <... close resumed>) = 0 [pid 6362] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6361] <... mmap resumed>) = 0x7f3feae00000 ./strace-static-x86_64: Process 6363 attached [pid 6362] <... openat resumed>) = 3 [pid 6359] +++ exited with 0 +++ [pid 6362] write(3, "1000", 4 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6359, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6363 [pid 6363] set_robust_list(0x555556d3f660, 24 [pid 6362] <... write resumed>) = 4 [pid 6362] close(3 [pid 6363] <... set_robust_list resumed>) = 0 [pid 6362] <... close resumed>) = 0 [pid 6363] chdir("./252" [pid 6362] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5080] umount2("./250", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./250", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, [pid 6363] <... chdir resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6363] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6362] memfd_create("syzkaller", 0 [pid 5080] umount2("./250/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6363] <... prctl resumed>) = 0 [pid 6363] setpgid(0, 0) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6362] <... memfd_create resumed>) = 3 [pid 5080] newfstatat(AT_FDCWD, "./250/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./250/binderfs") = 0 [pid 5080] umount2("./250/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6363] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6362] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... umount2 resumed>) = 0 [pid 5080] umount2("./250/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6363] <... openat resumed>) = 3 [pid 6362] <... mmap resumed>) = 0x7f3feae00000 [pid 6360] <... write resumed>) = 2097152 [pid 5080] newfstatat(AT_FDCWD, "./250/file0", [pid 6363] write(3, "1000", 4) = 4 [pid 6363] close(3 [pid 6360] munmap(0x7f3feae00000, 138412032 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6363] <... close resumed>) = 0 [pid 6361] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] umount2("./250/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6363] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./250/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", [pid 6363] memfd_create("syzkaller", 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4 [pid 6360] <... munmap resumed>) = 0 [pid 6363] <... memfd_create resumed>) = 3 [pid 5080] <... close resumed>) = 0 [pid 6363] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] rmdir("./250/file0" [pid 6360] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6363] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] <... rmdir resumed>) = 0 [pid 5080] getdents64(3, [pid 6360] <... openat resumed>) = 4 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 6360] ioctl(4, LOOP_SET_FD, 3 [pid 5080] rmdir("./250") = 0 [pid 5080] mkdir("./251", 0777) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6362] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6361] <... write resumed>) = 2097152 [pid 6360] <... ioctl resumed>) = 0 [pid 6361] munmap(0x7f3feae00000, 138412032 [pid 6360] close(3) = 0 [pid 6360] close(4 [pid 6363] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6361] <... munmap resumed>) = 0 [ 260.101921][ T6360] loop0: detected capacity change from 0 to 4096 [pid 6361] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6360] <... close resumed>) = 0 [pid 6361] <... openat resumed>) = 4 [pid 6361] ioctl(4, LOOP_SET_FD, 3 [pid 6360] mkdir("./file0", 0777) = 0 [pid 6360] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6363] <... write resumed>) = 2097152 [pid 6361] <... ioctl resumed>) = 0 [pid 6363] munmap(0x7f3feae00000, 138412032) = 0 [pid 6361] close(3) = 0 [pid 6361] close(4 [pid 6363] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6361] <... close resumed>) = 0 [pid 6361] mkdir("./file0", 0777 [pid 6363] <... openat resumed>) = 4 [pid 6361] <... mkdir resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [ 260.173750][ T6361] loop2: detected capacity change from 0 to 4096 [ 260.180798][ T6360] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6361] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6362] <... write resumed>) = 2097152 [pid 6363] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6364 [pid 6362] munmap(0x7f3feae00000, 138412032./strace-static-x86_64: Process 6364 attached [pid 6364] set_robust_list(0x555556d3f660, 24) = 0 [pid 6363] <... ioctl resumed>) = 0 [pid 6364] chdir("./251") = 0 [pid 6364] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6364] setpgid(0, 0) = 0 [pid 6364] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6363] close(3 [pid 6364] <... openat resumed>) = 3 [pid 6363] <... close resumed>) = 0 [pid 6362] <... munmap resumed>) = 0 [pid 6363] close(4) = 0 [pid 6363] mkdir("./file0", 0777) = 0 [pid 6364] write(3, "1000", 4 [ 260.230643][ T6361] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 260.241702][ T6363] loop3: detected capacity change from 0 to 4096 [pid 6363] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6364] <... write resumed>) = 4 [pid 6362] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6362] ioctl(4, LOOP_SET_FD, 3 [pid 6364] close(3) = 0 [pid 6364] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6364] memfd_create("syzkaller", 0 [pid 6361] <... mount resumed>) = 0 [pid 6364] <... memfd_create resumed>) = 3 [pid 6361] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6364] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6361] <... openat resumed>) = 3 [pid 6361] chdir("./file0") = 0 [pid 6364] <... mmap resumed>) = 0x7f3feae00000 [pid 6362] <... ioctl resumed>) = 0 [pid 6361] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6362] close(3) = 0 [pid 6361] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6360] <... mount resumed>) = 0 [pid 6361] exit_group(0 [pid 6362] close(4 [pid 6361] <... exit_group resumed>) = ? [ 260.283994][ T6363] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 260.292260][ T6362] loop1: detected capacity change from 0 to 4096 [pid 6362] <... close resumed>) = 0 [pid 6361] +++ exited with 0 +++ [pid 6362] mkdir("./file0", 0777) = 0 [pid 6360] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6361, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 6360] <... openat resumed>) = 3 [pid 5078] restart_syscall(<... resuming interrupted clone ...> [pid 6360] chdir("./file0" [pid 5078] <... restart_syscall resumed>) = 0 [pid 6360] <... chdir resumed>) = 0 [pid 6360] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5078] umount2("./255", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./255", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6362] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6360] exit_group(0 [pid 5078] umount2("./255/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6360] <... exit_group resumed>) = ? [pid 6363] <... mount resumed>) = 0 [pid 6360] +++ exited with 0 +++ [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./255/binderfs", [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6360, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 6363] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 5078] unlink("./255/binderfs" [pid 5076] <... restart_syscall resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5078] umount2("./255/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6363] <... openat resumed>) = 3 [pid 5078] <... umount2 resumed>) = 0 [pid 5076] umount2("./251", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./251", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6363] chdir("./file0" [pid 5076] newfstatat(3, "", [pid 6363] <... chdir resumed>) = 0 [pid 6363] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6363] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] umount2("./255/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, [pid 6363] exit_group(0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] newfstatat(AT_FDCWD, "./255/file0", [pid 5076] umount2("./251/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6363] <... exit_group resumed>) = ? [pid 5078] umount2("./255/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] newfstatat(AT_FDCWD, "./251/binderfs", [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] openat(AT_FDCWD, "./255/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] unlink("./251/binderfs" [pid 5078] <... openat resumed>) = 4 [pid 5076] <... unlink resumed>) = 0 [pid 5078] newfstatat(4, "", [pid 5076] umount2("./251/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6363] +++ exited with 0 +++ [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6363, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5078] getdents64(4, [pid 5076] <... umount2 resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./255/file0") = 0 [pid 6364] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] umount2("./252", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] getdents64(3, [pid 5076] umount2("./251/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./252", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] close(3 [pid 5076] newfstatat(AT_FDCWD, "./251/file0", [pid 5079] <... openat resumed>) = 3 [pid 5078] <... close resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6362] <... mount resumed>) = 0 [pid 5079] newfstatat(3, "", [ 260.359512][ T6362] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5078] rmdir("./255" [pid 5076] umount2("./251/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6362] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6362] <... openat resumed>) = 3 [pid 5076] openat(AT_FDCWD, "./251/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6362] chdir("./file0" [pid 5079] getdents64(3, [pid 5078] mkdir("./256", 0777 [pid 6362] <... chdir resumed>) = 0 [pid 5076] newfstatat(4, "", [pid 6362] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6362] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./252/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6362] exit_group(0 [pid 5078] <... mkdir resumed>) = 0 [pid 5076] getdents64(4, [pid 6362] <... exit_group resumed>) = ? [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6362] +++ exited with 0 +++ [pid 5079] newfstatat(AT_FDCWD, "./252/binderfs", [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] getdents64(4, [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6362, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] restart_syscall(<... resuming interrupted clone ...> [pid 5079] unlink("./252/binderfs" [pid 6364] <... write resumed>) = 2097152 [pid 5078] <... openat resumed>) = 3 [pid 5077] <... restart_syscall resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6364] munmap(0x7f3feae00000, 138412032 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] close(4 [pid 5079] <... unlink resumed>) = 0 [pid 5079] umount2("./252/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] umount2("./253", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... close resumed>) = 0 [pid 6364] <... munmap resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] rmdir("./251/file0" [pid 6364] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] umount2("./252/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] openat(AT_FDCWD, "./253", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... openat resumed>) = 3 [pid 5077] newfstatat(3, "", [pid 5076] <... rmdir resumed>) = 0 [pid 6364] <... openat resumed>) = 4 [pid 5079] newfstatat(AT_FDCWD, "./252/file0", [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6364] ioctl(4, LOOP_SET_FD, 3 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./253/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./253/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./253/binderfs") = 0 [pid 5077] umount2("./253/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./251" [pid 6364] <... ioctl resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 6364] close(3) = 0 [pid 5079] umount2("./252/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... rmdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./252/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] mkdir("./252", 0777 [pid 6364] close(4 [pid 5079] <... openat resumed>) = 4 [pid 5077] umount2("./253/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... mkdir resumed>) = 0 [pid 5079] getdents64(4, [pid 5077] newfstatat(AT_FDCWD, "./253/file0", [pid 6364] <... close resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6364] mkdir("./file0", 0777 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... openat resumed>) = 3 [pid 6364] <... mkdir resumed>) = 0 [pid 5079] getdents64(4, [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6364] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4 [pid 5077] umount2("./253/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] rmdir("./252/file0" [pid 5077] openat(AT_FDCWD, "./253/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... rmdir resumed>) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5077] newfstatat(4, "", [pid 5079] getdents64(3, [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 260.480693][ T6364] loop4: detected capacity change from 0 to 4096 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] getdents64(4, [pid 5079] close(3 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] <... close resumed>) = 0 [pid 5077] getdents64(4, [pid 5079] rmdir("./252" [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5077] close(4) = 0 [pid 5079] mkdir("./253", 0777 [pid 5077] rmdir("./253/file0" [pid 5079] <... mkdir resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] getdents64(3, [pid 5079] <... openat resumed>) = 3 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5077] close(3) = 0 [pid 5077] rmdir("./253") = 0 [pid 5077] mkdir("./254", 0777) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5078] <... ioctl resumed>) = 0 [pid 5078] close(3) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6365 ./strace-static-x86_64: Process 6365 attached [pid 6365] set_robust_list(0x555556d3f660, 24) = 0 [ 260.530038][ T6364] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6365] chdir("./256") = 0 [pid 6365] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6365] setpgid(0, 0) = 0 [pid 6365] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6364] <... mount resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 6365] write(3, "1000", 4 [pid 5079] <... ioctl resumed>) = 0 [pid 6365] <... write resumed>) = 4 [pid 6365] close(3 [pid 6364] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] close(3 [pid 6365] <... close resumed>) = 0 [pid 6364] <... openat resumed>) = 3 [pid 5076] <... close resumed>) = 0 [pid 6365] symlink("/dev/binderfs", "./binderfs" [pid 6364] chdir("./file0" [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6364] <... chdir resumed>) = 0 [pid 6365] <... symlink resumed>) = 0 [pid 6364] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6364] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6367 [pid 6364] exit_group(0 [pid 6365] memfd_create("syzkaller", 0 [pid 6364] <... exit_group resumed>) = ? ./strace-static-x86_64: Process 6367 attached [pid 6367] set_robust_list(0x555556d3f660, 24) = 0 [pid 6367] chdir("./253") = 0 [pid 6367] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6364] +++ exited with 0 +++ [pid 6367] setpgid(0, 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6364, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6366 [pid 6367] <... setpgid resumed>) = 0 [pid 6365] <... memfd_create resumed>) = 3 [pid 6367] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 6366 attached ) = 3 [pid 6365] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] umount2("./251", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... ioctl resumed>) = 0 [pid 6366] set_robust_list(0x555556d3f660, 24 [pid 6367] write(3, "1000", 4 [pid 6365] <... mmap resumed>) = 0x7f3feae00000 [pid 6366] <... set_robust_list resumed>) = 0 [pid 6367] <... write resumed>) = 4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] close(3 [pid 6366] chdir("./252" [pid 6367] close(3 [pid 6366] <... chdir resumed>) = 0 [pid 6367] <... close resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./251", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6367] symlink("/dev/binderfs", "./binderfs" [pid 6366] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] <... close resumed>) = 0 [pid 6366] <... prctl resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6367] <... symlink resumed>) = 0 [pid 6366] setpgid(0, 0) = 0 [pid 6366] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6368 attached [pid 6366] <... openat resumed>) = 3 [pid 6367] memfd_create("syzkaller", 0 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6368 [pid 6368] set_robust_list(0x555556d3f660, 24 [pid 6366] write(3, "1000", 4 [pid 5080] newfstatat(3, "", [pid 6368] <... set_robust_list resumed>) = 0 [pid 6366] <... write resumed>) = 4 [pid 6367] <... memfd_create resumed>) = 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6368] chdir("./254" [pid 6366] close(3 [pid 5080] getdents64(3, [pid 6368] <... chdir resumed>) = 0 [pid 6366] <... close resumed>) = 0 [pid 6367] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6368] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6366] symlink("/dev/binderfs", "./binderfs" [pid 6368] <... prctl resumed>) = 0 [pid 6366] <... symlink resumed>) = 0 [pid 6367] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] umount2("./251/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6368] setpgid(0, 0 [pid 6366] memfd_create("syzkaller", 0 [pid 6368] <... setpgid resumed>) = 0 [pid 6368] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6366] <... memfd_create resumed>) = 3 [pid 6368] write(3, "1000", 4 [pid 6366] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6368] <... write resumed>) = 4 [pid 6366] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] newfstatat(AT_FDCWD, "./251/binderfs", [pid 6368] close(3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./251/binderfs" [pid 6368] <... close resumed>) = 0 [pid 5080] <... unlink resumed>) = 0 [pid 6368] symlink("/dev/binderfs", "./binderfs" [pid 5080] umount2("./251/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6368] <... symlink resumed>) = 0 [pid 6365] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... umount2 resumed>) = 0 [pid 5080] umount2("./251/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./251/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./251/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6368] memfd_create("syzkaller", 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./251/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6368] <... memfd_create resumed>) = 3 [pid 6368] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6368] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6367] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./251/file0" [pid 6366] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... rmdir resumed>) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./251") = 0 [pid 6367] <... write resumed>) = 2097152 [pid 5080] mkdir("./252", 0777 [pid 6365] <... write resumed>) = 2097152 [pid 6367] munmap(0x7f3feae00000, 138412032 [pid 5080] <... mkdir resumed>) = 0 [pid 6365] munmap(0x7f3feae00000, 138412032 [pid 6368] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6366] <... write resumed>) = 2097152 [pid 6367] <... munmap resumed>) = 0 [pid 6365] <... munmap resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6366] munmap(0x7f3feae00000, 138412032 [pid 6365] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6366] <... munmap resumed>) = 0 [pid 6367] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6365] <... openat resumed>) = 4 [pid 5080] <... openat resumed>) = 3 [pid 6366] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6367] <... openat resumed>) = 4 [pid 6365] ioctl(4, LOOP_SET_FD, 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6368] <... write resumed>) = 2097152 [pid 6368] munmap(0x7f3feae00000, 138412032 [pid 6366] <... openat resumed>) = 4 [pid 6367] ioctl(4, LOOP_SET_FD, 3 [pid 6365] <... ioctl resumed>) = 0 [pid 6366] ioctl(4, LOOP_SET_FD, 3 [pid 6368] <... munmap resumed>) = 0 [pid 6366] <... ioctl resumed>) = 0 [pid 6367] <... ioctl resumed>) = 0 [pid 6365] close(3 [pid 6366] close(3 [pid 6368] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6367] close(3 [pid 6365] <... close resumed>) = 0 [pid 6366] <... close resumed>) = 0 [pid 6366] close(4 [pid 6368] <... openat resumed>) = 4 [pid 6366] <... close resumed>) = 0 [pid 6366] mkdir("./file0", 0777) = 0 [pid 6367] <... close resumed>) = 0 [pid 6366] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6367] close(4 [pid 6365] close(4 [pid 6368] ioctl(4, LOOP_SET_FD, 3 [pid 6367] <... close resumed>) = 0 [pid 6365] <... close resumed>) = 0 [ 260.886350][ T6365] loop2: detected capacity change from 0 to 4096 [ 260.894455][ T6367] loop3: detected capacity change from 0 to 4096 [ 260.901652][ T6366] loop0: detected capacity change from 0 to 4096 [ 260.922741][ T6366] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6367] mkdir("./file0", 0777 [pid 6365] mkdir("./file0", 0777) = 0 [pid 6367] <... mkdir resumed>) = 0 [pid 6367] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6368] <... ioctl resumed>) = 0 [pid 6365] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6368] close(3) = 0 [pid 6368] close(4) = 0 [pid 6368] mkdir("./file0", 0777) = 0 [pid 6368] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6366] <... mount resumed>) = 0 [pid 6366] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6366] chdir("./file0") = 0 [pid 6366] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6366] exit_group(0) = ? [pid 5080] <... ioctl resumed>) = 0 [ 260.933741][ T6368] loop1: detected capacity change from 0 to 4096 [ 260.946529][ T6365] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 260.956618][ T6367] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 260.971058][ T6368] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5080] close(3 [pid 6366] +++ exited with 0 +++ [pid 5080] <... close resumed>) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6366, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] umount2("./252", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./252", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6369 attached [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6369 [pid 5076] <... openat resumed>) = 3 [pid 6369] set_robust_list(0x555556d3f660, 24 [pid 6368] <... mount resumed>) = 0 [pid 6369] <... set_robust_list resumed>) = 0 [pid 5076] newfstatat(3, "", [pid 6369] chdir("./252" [pid 6368] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6369] <... chdir resumed>) = 0 [pid 6368] <... openat resumed>) = 3 [pid 6365] <... mount resumed>) = 0 [pid 5076] getdents64(3, [pid 6365] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6369] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6368] chdir("./file0" [pid 6365] <... openat resumed>) = 3 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6369] <... prctl resumed>) = 0 [pid 6368] <... chdir resumed>) = 0 [pid 6365] chdir("./file0" [pid 6369] setpgid(0, 0 [pid 6368] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6365] <... chdir resumed>) = 0 [pid 5076] umount2("./252/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6369] <... setpgid resumed>) = 0 [pid 6368] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6365] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6369] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] newfstatat(AT_FDCWD, "./252/binderfs", [pid 6368] exit_group(0 [pid 6365] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6369] <... openat resumed>) = 3 [pid 6368] <... exit_group resumed>) = ? [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6365] exit_group(0 [pid 5076] unlink("./252/binderfs" [pid 6369] write(3, "1000", 4 [pid 6368] +++ exited with 0 +++ [pid 6367] <... mount resumed>) = 0 [pid 6365] <... exit_group resumed>) = ? [pid 6369] <... write resumed>) = 4 [pid 6367] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] <... unlink resumed>) = 0 [pid 6369] close(3 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6368, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5076] umount2("./252/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6369] <... close resumed>) = 0 [pid 6367] <... openat resumed>) = 3 [pid 6369] symlink("/dev/binderfs", "./binderfs" [pid 6367] chdir("./file0" [pid 5077] umount2("./254", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6367] <... chdir resumed>) = 0 [pid 6367] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6369] <... symlink resumed>) = 0 [pid 6367] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] openat(AT_FDCWD, "./254", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6369] memfd_create("syzkaller", 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5076] umount2("./252/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] newfstatat(3, "", [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] newfstatat(AT_FDCWD, "./252/file0", [pid 6367] exit_group(0 [pid 5077] getdents64(3, [pid 6369] <... memfd_create resumed>) = 3 [pid 6367] <... exit_group resumed>) = ? [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./252/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6369] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] umount2("./254/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6369] <... mmap resumed>) = 0x7f3feae00000 [pid 6367] +++ exited with 0 +++ [pid 6365] +++ exited with 0 +++ [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./254/binderfs", [pid 5076] openat(AT_FDCWD, "./252/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6365, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=7 /* 0.07 s */} --- [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6367, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5078] restart_syscall(<... resuming interrupted clone ...> [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5078] <... restart_syscall resumed>) = 0 [pid 5077] unlink("./254/binderfs" [pid 5076] newfstatat(4, "", [pid 5077] <... unlink resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] umount2("./254/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(4, [pid 5078] umount2("./256", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] umount2("./253", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./253", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] getdents64(4, [pid 5079] <... openat resumed>) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] <... umount2 resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./256", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] umount2("./253/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./253/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] close(4 [pid 5079] unlink("./253/binderfs" [pid 5078] <... openat resumed>) = 3 [pid 5076] <... close resumed>) = 0 [pid 5078] newfstatat(3, "", [pid 5076] rmdir("./252/file0" [pid 5079] <... unlink resumed>) = 0 [pid 5079] umount2("./253/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5078] getdents64(3, [pid 5076] getdents64(3, [pid 5079] <... umount2 resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6369] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] close(3 [pid 5078] umount2("./256/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] rmdir("./252") = 0 [pid 5078] newfstatat(AT_FDCWD, "./256/binderfs", [pid 5076] mkdir("./253", 0777 [pid 5079] umount2("./253/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./253/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./253/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] unlink("./256/binderfs" [pid 5076] <... mkdir resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./253/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", [pid 5078] <... unlink resumed>) = 0 [pid 5077] umount2("./254/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] umount2("./256/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... openat resumed>) = 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./253/file0") = 0 [pid 5077] newfstatat(AT_FDCWD, "./254/file0", [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5079] getdents64(3, [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3 [pid 5077] umount2("./254/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] rmdir("./253") = 0 [pid 5077] openat(AT_FDCWD, "./254/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] mkdir("./254", 0777 [pid 5077] <... openat resumed>) = 4 [pid 5079] <... mkdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5077] newfstatat(4, "", [pid 5078] umount2("./256/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] getdents64(4, [pid 5078] newfstatat(AT_FDCWD, "./256/file0", [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] umount2("./256/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... ioctl resumed>) = 0 [pid 5077] getdents64(4, [pid 5079] close(3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6369] <... write resumed>) = 2097152 [pid 5079] <... close resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./256/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] close(4 [pid 6369] munmap(0x7f3feae00000, 138412032 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... openat resumed>) = 4 [pid 5077] <... close resumed>) = 0 [pid 5078] newfstatat(4, "", [pid 5077] rmdir("./254/file0" [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5078] getdents64(4, [pid 5077] getdents64(3, [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] getdents64(4, [pid 5077] close(3 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] <... close resumed>) = 0 [pid 5078] close(4 [pid 5077] rmdir("./254" [pid 5078] <... close resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 6370 attached [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6370 [pid 5078] rmdir("./256/file0" [pid 5077] mkdir("./255", 0777 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5078] getdents64(3, [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5078] close(3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6370] set_robust_list(0x555556d3f660, 24 [pid 5078] <... close resumed>) = 0 [pid 6370] <... set_robust_list resumed>) = 0 [pid 6369] <... munmap resumed>) = 0 [pid 5078] rmdir("./256" [pid 5077] <... ioctl resumed>) = 0 [pid 6370] chdir("./254" [pid 5078] <... rmdir resumed>) = 0 [pid 5077] close(3 [pid 6370] <... chdir resumed>) = 0 [pid 6370] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6369] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] mkdir("./257", 0777 [pid 5077] <... close resumed>) = 0 [pid 6370] setpgid(0, 0 [pid 6369] <... openat resumed>) = 4 [ 261.190551][ T5089] I/O error, dev loop0, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6370] <... setpgid resumed>) = 0 [pid 6369] ioctl(4, LOOP_SET_FD, 3 [pid 6370] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6371 [pid 6370] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6371 attached [pid 6370] write(3, "1000", 4) = 4 [pid 6370] close(3 [pid 6371] set_robust_list(0x555556d3f660, 24 [pid 6370] <... close resumed>) = 0 [pid 6370] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6371] <... set_robust_list resumed>) = 0 [pid 6370] <... symlink resumed>) = 0 [pid 6369] <... ioctl resumed>) = 0 [pid 6369] close(3 [pid 6370] memfd_create("syzkaller", 0 [pid 6371] chdir("./255" [pid 6369] <... close resumed>) = 0 [pid 6371] <... chdir resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 6371] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6371] setpgid(0, 0) = 0 [pid 6369] close(4 [pid 5076] close(3 [pid 6369] <... close resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 6371] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6369] mkdir("./file0", 0777 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6371] write(3, "1000", 4) = 4 [pid 6371] close(3) = 0 [ 261.236466][ T6369] loop4: detected capacity change from 0 to 4096 [pid 6371] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6369] <... mkdir resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6372 ./strace-static-x86_64: Process 6372 attached [pid 6372] set_robust_list(0x555556d3f660, 24 [pid 6371] memfd_create("syzkaller", 0 [pid 6370] <... memfd_create resumed>) = 3 [pid 6370] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6371] <... memfd_create resumed>) = 3 [pid 6372] <... set_robust_list resumed>) = 0 [pid 6369] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6371] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6372] chdir("./253") = 0 [pid 6372] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6372] setpgid(0, 0) = 0 [pid 6372] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6372] write(3, "1000", 4) = 4 [pid 6372] close(3) = 0 [pid 6372] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6372] memfd_create("syzkaller", 0) = 3 [pid 6372] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [ 261.313679][ T6369] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6370] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] <... ioctl resumed>) = 0 [pid 6371] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] close(3) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6373 attached [pid 6373] set_robust_list(0x555556d3f660, 24) = 0 [pid 6373] chdir("./257" [pid 6369] <... mount resumed>) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6373 [pid 6373] <... chdir resumed>) = 0 [pid 6369] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6373] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6369] <... openat resumed>) = 3 [pid 6373] <... prctl resumed>) = 0 [pid 6369] chdir("./file0" [pid 6373] setpgid(0, 0 [pid 6369] <... chdir resumed>) = 0 [pid 6369] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6373] <... setpgid resumed>) = 0 [pid 6369] exit_group(0 [pid 6373] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6372] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6369] <... exit_group resumed>) = ? [pid 6373] <... openat resumed>) = 3 [pid 6373] write(3, "1000", 4 [pid 6369] +++ exited with 0 +++ [pid 6373] <... write resumed>) = 4 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6369, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5080] umount2("./252", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./252", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6373] close(3 [pid 5080] <... openat resumed>) = 3 [pid 6373] <... close resumed>) = 0 [pid 6370] <... write resumed>) = 2097152 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6373] symlink("/dev/binderfs", "./binderfs" [pid 6371] <... write resumed>) = 2097152 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./252/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6373] <... symlink resumed>) = 0 [pid 6371] munmap(0x7f3feae00000, 138412032 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./252/binderfs", [pid 6370] munmap(0x7f3feae00000, 138412032 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6373] memfd_create("syzkaller", 0 [pid 6371] <... munmap resumed>) = 0 [pid 6370] <... munmap resumed>) = 0 [pid 5080] unlink("./252/binderfs") = 0 [pid 5080] umount2("./252/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6373] <... memfd_create resumed>) = 3 [pid 6371] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... umount2 resumed>) = 0 [pid 6373] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6371] <... openat resumed>) = 4 [pid 6373] <... mmap resumed>) = 0x7f3feae00000 [pid 6371] ioctl(4, LOOP_SET_FD, 3 [pid 5080] umount2("./252/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./252/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./252/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./252/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6370] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] getdents64(4, [pid 6370] <... openat resumed>) = 4 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6370] ioctl(4, LOOP_SET_FD, 3 [pid 5080] close(4) = 0 [pid 5080] rmdir("./252/file0" [pid 6371] <... ioctl resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 6371] close(3) = 0 [pid 6371] close(4) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./252") = 0 [pid 5080] mkdir("./253", 0777) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6372] <... write resumed>) = 2097152 [pid 6371] mkdir("./file0", 0777 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6371] <... mkdir resumed>) = 0 [pid 6371] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6370] <... ioctl resumed>) = 0 [ 261.535529][ T6371] loop1: detected capacity change from 0 to 4096 [ 261.546809][ T6370] loop3: detected capacity change from 0 to 4096 [pid 6370] close(3) = 0 [pid 6370] close(4) = 0 [pid 6370] mkdir("./file0", 0777) = 0 [pid 6370] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6372] munmap(0x7f3feae00000, 138412032) = 0 [pid 6373] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6372] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6372] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... ioctl resumed>) = 0 [pid 6372] <... ioctl resumed>) = 0 [ 261.582536][ T6371] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 261.594601][ T6370] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 261.618393][ T6372] loop0: detected capacity change from 0 to 4096 [pid 5080] close(3 [pid 6372] close(3) = 0 [pid 6372] close(4) = 0 [pid 6372] mkdir("./file0", 0777) = 0 [pid 5080] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6372] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6371] <... mount resumed>) = 0 [pid 6373] <... write resumed>) = 2097152 [pid 6370] <... mount resumed>) = 0 ./strace-static-x86_64: Process 6374 attached [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6374 [pid 6374] set_robust_list(0x555556d3f660, 24) = 0 [pid 6374] chdir("./253") = 0 [pid 6370] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6374] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6370] <... openat resumed>) = 3 [pid 6374] setpgid(0, 0 [pid 6371] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6374] <... setpgid resumed>) = 0 [pid 6373] munmap(0x7f3feae00000, 138412032 [pid 6370] chdir("./file0" [pid 6374] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6370] <... chdir resumed>) = 0 [pid 6370] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6371] <... openat resumed>) = 3 [pid 6374] <... openat resumed>) = 3 [pid 6371] chdir("./file0" [pid 6370] exit_group(0 [pid 6371] <... chdir resumed>) = 0 [pid 6371] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6370] <... exit_group resumed>) = ? [pid 6374] write(3, "1000", 4 [pid 6373] <... munmap resumed>) = 0 [pid 6371] exit_group(0 [pid 6374] <... write resumed>) = 4 [pid 6371] <... exit_group resumed>) = ? [pid 6374] close(3 [pid 6371] +++ exited with 0 +++ [pid 6374] <... close resumed>) = 0 [pid 6373] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6374] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6373] <... openat resumed>) = 4 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6371, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [ 261.690988][ T6372] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5077] restart_syscall(<... resuming interrupted clone ...> [pid 6373] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... restart_syscall resumed>) = 0 [pid 5077] umount2("./255", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6370] +++ exited with 0 +++ [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./255", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6370, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 6374] memfd_create("syzkaller", 0 [pid 5079] restart_syscall(<... resuming interrupted clone ...> [pid 5077] <... openat resumed>) = 3 [pid 5079] <... restart_syscall resumed>) = 0 [pid 5077] newfstatat(3, "", [pid 6374] <... memfd_create resumed>) = 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] umount2("./254", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] getdents64(3, [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6374] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] openat(AT_FDCWD, "./254", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6374] <... mmap resumed>) = 0x7f3feae00000 [pid 5079] <... openat resumed>) = 3 [pid 5077] umount2("./255/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(3, "", [pid 5077] newfstatat(AT_FDCWD, "./255/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, [pid 5077] unlink("./255/binderfs" [pid 6372] <... mount resumed>) = 0 [pid 6372] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] <... unlink resumed>) = 0 [pid 6372] <... openat resumed>) = 3 [pid 5079] umount2("./254/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] umount2("./255/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6373] <... ioctl resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./254/binderfs", [pid 6373] close(3 [pid 6372] chdir("./file0" [pid 6373] <... close resumed>) = 0 [pid 6373] close(4) = 0 [pid 6372] <... chdir resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 6373] mkdir("./file0", 0777 [pid 6372] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] unlink("./254/binderfs" [pid 6373] <... mkdir resumed>) = 0 [pid 5077] umount2("./255/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6372] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... unlink resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6372] exit_group(0 [pid 5079] umount2("./254/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] newfstatat(AT_FDCWD, "./255/file0", [pid 6372] <... exit_group resumed>) = ? [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 261.739215][ T6373] loop2: detected capacity change from 0 to 4096 [pid 5077] umount2("./255/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6373] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./255/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", [pid 6372] +++ exited with 0 +++ [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6372, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=10 /* 0.10 s */} --- [pid 5076] umount2("./253", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./253", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./253/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./253/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] getdents64(4, [pid 5076] unlink("./253/binderfs") = 0 [pid 5076] umount2("./253/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... umount2 resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4 [pid 5079] umount2("./254/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... close resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] rmdir("./255/file0" [pid 5076] <... umount2 resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./254/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5079] umount2("./254/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] getdents64(3, [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6374] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] openat(AT_FDCWD, "./254/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] close(3 [pid 5079] <... openat resumed>) = 4 [pid 5077] <... close resumed>) = 0 [pid 5076] umount2("./253/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] newfstatat(4, "", [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] rmdir("./255" [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] newfstatat(AT_FDCWD, "./253/file0", [pid 5079] getdents64(4, [pid 5077] <... rmdir resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./253/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./253/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] mkdir("./256", 0777 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, [pid 5077] <... mkdir resumed>) = 0 [pid 5076] getdents64(4, [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4 [pid 5076] close(4 [pid 5079] <... close resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5076] <... close resumed>) = 0 [pid 5079] rmdir("./254/file0" [ 261.799996][ T6373] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5076] rmdir("./253/file0") = 0 [pid 5076] getdents64(3, [pid 6373] <... mount resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3 [pid 6374] <... write resumed>) = 2097152 [pid 6373] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6374] munmap(0x7f3feae00000, 138412032 [pid 6373] <... openat resumed>) = 3 [pid 5079] <... close resumed>) = 0 [pid 6373] chdir("./file0" [pid 5079] rmdir("./254" [pid 5076] close(3 [pid 6373] <... chdir resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 6373] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] mkdir("./255", 0777 [pid 6373] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] rmdir("./253" [pid 6373] exit_group(0 [pid 5076] <... rmdir resumed>) = 0 [pid 6373] <... exit_group resumed>) = ? [pid 6374] <... munmap resumed>) = 0 [pid 6373] +++ exited with 0 +++ [pid 5079] <... mkdir resumed>) = 0 [pid 5076] mkdir("./254", 0777 [pid 6374] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6373, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 6374] <... openat resumed>) = 4 [pid 5076] <... mkdir resumed>) = 0 [pid 6374] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... openat resumed>) = 3 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6374] <... ioctl resumed>) = 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6374] close(3) = 0 [pid 6374] close(4 [pid 5078] umount2("./257", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 3 [pid 6374] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./257", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./257/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6374] mkdir("./file0", 0777 [pid 5078] newfstatat(AT_FDCWD, "./257/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6374] <... mkdir resumed>) = 0 [pid 6374] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5078] unlink("./257/binderfs") = 0 [pid 5078] umount2("./257/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... ioctl resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5078] umount2("./257/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./257/file0", [pid 5077] close(3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./257/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./257/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 261.908985][ T6374] loop4: detected capacity change from 0 to 4096 [ 261.943339][ T6374] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, [pid 5077] <... close resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./257/file0") = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./257"./strace-static-x86_64: Process 6375 attached ) = 0 [pid 6375] set_robust_list(0x555556d3f660, 24 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6375 [pid 6375] <... set_robust_list resumed>) = 0 [pid 6375] chdir("./256") = 0 [pid 6375] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6375] setpgid(0, 0) = 0 [pid 6375] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5078] mkdir("./258", 0777 [pid 6375] write(3, "1000", 4 [pid 5078] <... mkdir resumed>) = 0 [pid 6375] <... write resumed>) = 4 [pid 6375] close(3) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6375] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5078] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5079] <... ioctl resumed>) = 0 [pid 6375] memfd_create("syzkaller", 0 [pid 6374] <... mount resumed>) = 0 [pid 5079] close(3 [pid 5076] <... ioctl resumed>) = 0 [pid 6375] <... memfd_create resumed>) = 3 [pid 5079] <... close resumed>) = 0 [pid 6375] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6374] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] close(3 [pid 6375] <... mmap resumed>) = 0x7f3feae00000 [pid 6374] <... openat resumed>) = 3 [pid 5076] <... close resumed>) = 0 [pid 6374] chdir("./file0" [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6376 [pid 6374] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 6376 attached [pid 6376] set_robust_list(0x555556d3f660, 24) = 0 [pid 6374] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6377 [pid 6376] chdir("./255" [pid 6374] <... openat resumed>) = -1 EBUSY (Device or resource busy) ./strace-static-x86_64: Process 6377 attached [pid 6376] <... chdir resumed>) = 0 [pid 6374] exit_group(0 [pid 6376] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6376] setpgid(0, 0 [pid 6377] set_robust_list(0x555556d3f660, 24 [pid 6374] <... exit_group resumed>) = ? [pid 6377] <... set_robust_list resumed>) = 0 [pid 6377] chdir("./254" [pid 6376] <... setpgid resumed>) = 0 [pid 6377] <... chdir resumed>) = 0 [pid 6376] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6377] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6376] <... openat resumed>) = 3 [pid 6374] +++ exited with 0 +++ [pid 6377] <... prctl resumed>) = 0 [pid 6377] setpgid(0, 0 [pid 6376] write(3, "1000", 4 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6374, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 6376] <... write resumed>) = 4 [pid 6376] close(3 [pid 5080] restart_syscall(<... resuming interrupted clone ...> [pid 6377] <... setpgid resumed>) = 0 [pid 6376] <... close resumed>) = 0 [pid 6377] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6376] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... restart_syscall resumed>) = 0 [pid 6376] <... symlink resumed>) = 0 [pid 6376] memfd_create("syzkaller", 0 [pid 6377] <... openat resumed>) = 3 [pid 6377] write(3, "1000", 4) = 4 [pid 6376] <... memfd_create resumed>) = 3 [pid 6377] close(3 [pid 6375] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] umount2("./253", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6377] <... close resumed>) = 0 [pid 6377] symlink("/dev/binderfs", "./binderfs" [pid 6376] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6377] <... symlink resumed>) = 0 [pid 6376] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] openat(AT_FDCWD, "./253", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 6377] memfd_create("syzkaller", 0 [pid 5078] close(3) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] getdents64(3, [pid 6377] <... memfd_create resumed>) = 3 [pid 6377] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./253/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6377] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6378 attached [pid 5080] newfstatat(AT_FDCWD, "./253/binderfs", [pid 6378] set_robust_list(0x555556d3f660, 24 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6378 [pid 6378] <... set_robust_list resumed>) = 0 [pid 5080] unlink("./253/binderfs") = 0 [pid 6378] chdir("./258") = 0 [pid 5080] umount2("./253/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6378] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6378] setpgid(0, 0) = 0 [pid 6378] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6378] write(3, "1000", 4) = 4 [pid 6378] close(3) = 0 [pid 6378] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6376] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6378] memfd_create("syzkaller", 0 [pid 5080] <... umount2 resumed>) = 0 [pid 5080] umount2("./253/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6378] <... memfd_create resumed>) = 3 [pid 6377] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6375] <... write resumed>) = 2097152 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./253/file0", [pid 6378] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6375] munmap(0x7f3feae00000, 138412032 [pid 5080] umount2("./253/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./253/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6375] <... munmap resumed>) = 0 [pid 5080] getdents64(4, [pid 6375] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6375] <... openat resumed>) = 4 [pid 5080] close(4) = 0 [pid 6375] ioctl(4, LOOP_SET_FD, 3 [pid 5080] rmdir("./253/file0" [pid 6376] <... write resumed>) = 2097152 [pid 6376] munmap(0x7f3feae00000, 138412032 [pid 5080] <... rmdir resumed>) = 0 [pid 6378] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] getdents64(3, [pid 6377] <... write resumed>) = 2097152 [pid 6376] <... munmap resumed>) = 0 [pid 6375] <... ioctl resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6377] munmap(0x7f3feae00000, 138412032 [pid 6376] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6375] close(3 [pid 5080] close(3) = 0 [pid 5080] rmdir("./253" [pid 6376] <... openat resumed>) = 4 [pid 6375] <... close resumed>) = 0 [ 262.280195][ T6375] loop1: detected capacity change from 0 to 4096 [pid 6375] close(4 [pid 6376] ioctl(4, LOOP_SET_FD, 3 [pid 6375] <... close resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 6378] <... write resumed>) = 2097152 [pid 6377] <... munmap resumed>) = 0 [pid 5080] mkdir("./254", 0777 [pid 6378] munmap(0x7f3feae00000, 138412032 [pid 6377] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6375] mkdir("./file0", 0777 [pid 6377] <... openat resumed>) = 4 [pid 6375] <... mkdir resumed>) = 0 [pid 6377] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... mkdir resumed>) = 0 [pid 6378] <... munmap resumed>) = 0 [pid 6377] <... ioctl resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6375] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5080] <... openat resumed>) = 3 [pid 6378] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6376] <... ioctl resumed>) = 0 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6376] close(3) = 0 [pid 6376] close(4 [pid 6378] <... openat resumed>) = 4 [pid 6376] <... close resumed>) = 0 [pid 6378] ioctl(4, LOOP_SET_FD, 3 [pid 6376] mkdir("./file0", 0777 [pid 6377] close(3) = 0 [pid 6377] close(4) = 0 [pid 6377] mkdir("./file0", 0777) = 0 [ 262.326412][ T6376] loop3: detected capacity change from 0 to 4096 [ 262.340727][ T6377] loop0: detected capacity change from 0 to 4096 [ 262.352495][ T6375] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 262.367046][ T6378] loop2: detected capacity change from 0 to 4096 [pid 6377] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6376] <... mkdir resumed>) = 0 [pid 6376] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6378] <... ioctl resumed>) = 0 [pid 6378] close(3) = 0 [pid 6378] close(4) = 0 [pid 6378] mkdir("./file0", 0777) = 0 [ 262.376246][ T6377] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 262.393202][ T6376] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6378] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5080] <... ioctl resumed>) = 0 [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6379 attached , child_tidptr=0x555556d3f650) = 6379 [ 262.429711][ T6378] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6379] set_robust_list(0x555556d3f660, 24) = 0 [pid 6378] <... mount resumed>) = 0 [pid 6375] <... mount resumed>) = 0 [pid 6378] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6379] chdir("./254" [pid 6375] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6378] <... openat resumed>) = 3 [pid 6379] <... chdir resumed>) = 0 [pid 6378] chdir("./file0" [pid 6379] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6378] <... chdir resumed>) = 0 [pid 6379] setpgid(0, 0 [pid 6378] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6377] <... mount resumed>) = 0 [pid 6375] <... openat resumed>) = 3 [pid 6379] <... setpgid resumed>) = 0 [pid 6378] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6379] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6378] exit_group(0 [pid 6377] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6376] <... mount resumed>) = 0 [pid 6375] chdir("./file0" [pid 6379] <... openat resumed>) = 3 [pid 6378] <... exit_group resumed>) = ? [pid 6377] <... openat resumed>) = 3 [pid 6376] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6375] <... chdir resumed>) = 0 [pid 6379] write(3, "1000", 4 [pid 6377] chdir("./file0" [pid 6376] <... openat resumed>) = 3 [pid 6375] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6377] <... chdir resumed>) = 0 [pid 6376] chdir("./file0" [pid 6375] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6379] <... write resumed>) = 4 [pid 6379] close(3 [pid 6378] +++ exited with 0 +++ [pid 6377] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6376] <... chdir resumed>) = 0 [pid 6375] exit_group(0 [pid 6377] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6376] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6375] <... exit_group resumed>) = ? [pid 6379] <... close resumed>) = 0 [pid 6376] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6378, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 6379] symlink("/dev/binderfs", "./binderfs" [pid 6377] exit_group(0 [pid 6376] exit_group(0 [pid 5078] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6379] <... symlink resumed>) = 0 [pid 6377] <... exit_group resumed>) = ? [pid 6376] <... exit_group resumed>) = ? [pid 6375] +++ exited with 0 +++ [pid 6379] memfd_create("syzkaller", 0 [pid 6377] +++ exited with 0 +++ [pid 6376] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6376, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=10 /* 0.10 s */} --- [pid 5078] umount2("./258", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6375, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6377, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5077] restart_syscall(<... resuming interrupted clone ...> [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... restart_syscall resumed>) = 0 [pid 6379] <... memfd_create resumed>) = 3 [pid 5079] umount2("./255", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] openat(AT_FDCWD, "./258", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6379] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... openat resumed>) = 3 [pid 5076] umount2("./254", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] openat(AT_FDCWD, "./255", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] newfstatat(3, "", [pid 5077] umount2("./256", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6379] <... mmap resumed>) = 0x7f3feae00000 [pid 5079] <... openat resumed>) = 3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(3, "", [pid 5078] getdents64(3, [pid 5077] openat(AT_FDCWD, "./256", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] openat(AT_FDCWD, "./254", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] <... openat resumed>) = 3 [pid 5076] <... openat resumed>) = 3 [pid 5079] getdents64(3, [pid 5078] umount2("./258/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] newfstatat(3, "", [pid 5076] newfstatat(3, "", [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] umount2("./255/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] newfstatat(AT_FDCWD, "./258/binderfs", [pid 5077] getdents64(3, [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] unlink("./258/binderfs" [pid 5077] umount2("./256/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, [pid 5079] newfstatat(AT_FDCWD, "./255/binderfs", [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... unlink resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./256/binderfs", [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./258/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] unlink("./255/binderfs" [pid 5078] <... umount2 resumed>) = 0 [pid 5077] unlink("./256/binderfs" [pid 5079] <... unlink resumed>) = 0 [pid 5078] umount2("./258/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] umount2("./254/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] umount2("./255/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... unlink resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./258/file0", [pid 5076] newfstatat(AT_FDCWD, "./254/binderfs", [pid 5077] umount2("./256/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./258/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] unlink("./254/binderfs" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5077] umount2("./256/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./256/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] openat(AT_FDCWD, "./258/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] umount2("./256/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] umount2("./254/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... umount2 resumed>) = 0 [pid 5078] <... openat resumed>) = 4 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] umount2("./255/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] newfstatat(4, "", [pid 5077] openat(AT_FDCWD, "./256/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5076] <... umount2 resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./255/file0", [pid 5078] getdents64(4, [pid 5077] newfstatat(4, "", [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6379] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] umount2("./254/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./256/file0") = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./256" [pid 5078] getdents64(4, [pid 5077] <... rmdir resumed>) = 0 [pid 5079] umount2("./255/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] mkdir("./257", 0777) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] close(4 [pid 5076] newfstatat(AT_FDCWD, "./254/file0", [pid 5079] openat(AT_FDCWD, "./255/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... close resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./254/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] rmdir("./258/file0" [pid 5079] <... openat resumed>) = 4 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(4, "", [pid 5078] <... rmdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./254/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, [pid 5076] <... openat resumed>) = 4 [pid 5079] getdents64(4, [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] newfstatat(4, "", [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] close(3 [pid 5079] getdents64(4, [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] <... close resumed>) = 0 [pid 5079] close(4 [pid 5078] rmdir("./258" [pid 5076] getdents64(4, [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./255/file0" [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] mkdir("./259", 0777 [pid 5076] getdents64(4, [pid 5079] <... rmdir resumed>) = 0 [pid 6379] <... write resumed>) = 2097152 [pid 5078] <... mkdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6379] munmap(0x7f3feae00000, 138412032 [pid 5079] getdents64(3, [pid 5076] close(4) = 0 [pid 5076] rmdir("./254/file0" [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3 [pid 5078] <... openat resumed>) = 3 [pid 5076] close(3 [pid 6379] <... munmap resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] <... close resumed>) = 0 [pid 6379] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] rmdir("./255" [pid 5076] rmdir("./254" [pid 6379] <... openat resumed>) = 4 [pid 6379] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... rmdir resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6380 attached , child_tidptr=0x555556d3f650) = 6380 [pid 6380] set_robust_list(0x555556d3f660, 24 [pid 6379] <... ioctl resumed>) = 0 [pid 5079] mkdir("./256", 0777 [pid 5076] mkdir("./255", 0777 [pid 6380] <... set_robust_list resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 6380] chdir("./257") = 0 [pid 6379] close(3 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] <... mkdir resumed>) = 0 [pid 6380] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6379] <... close resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6380] <... prctl resumed>) = 0 [pid 6379] close(4 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] <... openat resumed>) = 3 [pid 6380] setpgid(0, 0 [pid 6379] <... close resumed>) = 0 [pid 6380] <... setpgid resumed>) = 0 [pid 6379] mkdir("./file0", 0777 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6380] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6379] <... mkdir resumed>) = 0 [pid 6380] write(3, "1000", 4) = 4 [pid 6380] close(3) = 0 [pid 6380] symlink("/dev/binderfs", "./binderfs" [pid 6379] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6380] <... symlink resumed>) = 0 [pid 6380] memfd_create("syzkaller", 0) = 3 [pid 6380] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [ 262.728000][ T6379] loop4: detected capacity change from 0 to 4096 [ 262.766956][ T6379] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6379] <... mount resumed>) = 0 [pid 6379] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6379] chdir("./file0") = 0 [pid 6379] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6379] exit_group(0 [pid 5078] <... ioctl resumed>) = 0 [pid 6379] <... exit_group resumed>) = ? [pid 5078] close(3) = 0 [pid 6379] +++ exited with 0 +++ [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6379, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5080] umount2("./254", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./254", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6381 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 6381 attached [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6381] set_robust_list(0x555556d3f660, 24 [pid 5080] umount2("./254/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6381] <... set_robust_list resumed>) = 0 [pid 6380] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] newfstatat(AT_FDCWD, "./254/binderfs", [pid 5079] <... ioctl resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6381] chdir("./259" [pid 5080] unlink("./254/binderfs" [pid 5079] close(3 [pid 5076] close(3) = 0 [pid 5080] <... unlink resumed>) = 0 [pid 6381] <... chdir resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6382 attached [pid 6381] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6382] set_robust_list(0x555556d3f660, 24 [pid 6381] <... prctl resumed>) = 0 [pid 6382] <... set_robust_list resumed>) = 0 [pid 6381] setpgid(0, 0 [pid 5080] umount2("./254/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6382 ./strace-static-x86_64: Process 6383 attached [pid 6382] chdir("./255" [pid 6381] <... setpgid resumed>) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6383 [pid 6383] set_robust_list(0x555556d3f660, 24 [pid 6382] <... chdir resumed>) = 0 [pid 5080] <... umount2 resumed>) = 0 [pid 6383] <... set_robust_list resumed>) = 0 [pid 6382] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6381] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6383] chdir("./256" [pid 6382] <... prctl resumed>) = 0 [pid 6383] <... chdir resumed>) = 0 [pid 6382] setpgid(0, 0 [pid 6383] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6382] <... setpgid resumed>) = 0 [pid 6383] <... prctl resumed>) = 0 [pid 6382] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6381] <... openat resumed>) = 3 [pid 5080] umount2("./254/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6383] setpgid(0, 0 [pid 6381] write(3, "1000", 4 [pid 6383] <... setpgid resumed>) = 0 [pid 6381] <... write resumed>) = 4 [pid 6383] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6382] <... openat resumed>) = 3 [pid 6381] close(3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6383] <... openat resumed>) = 3 [pid 6382] write(3, "1000", 4 [pid 6381] <... close resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./254/file0", [pid 6382] <... write resumed>) = 4 [pid 6381] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6383] write(3, "1000", 4 [pid 6382] close(3 [pid 6381] <... symlink resumed>) = 0 [pid 5080] umount2("./254/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6383] <... write resumed>) = 4 [pid 6382] <... close resumed>) = 0 [pid 6381] memfd_create("syzkaller", 0 [pid 6380] <... write resumed>) = 2097152 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6383] close(3) = 0 [pid 5080] openat(AT_FDCWD, "./254/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6383] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... openat resumed>) = 4 [pid 6383] <... symlink resumed>) = 0 [pid 5080] newfstatat(4, "", [pid 6383] memfd_create("syzkaller", 0 [pid 6382] symlink("/dev/binderfs", "./binderfs" [pid 6381] <... memfd_create resumed>) = 3 [pid 6380] munmap(0x7f3feae00000, 138412032 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, [pid 6382] <... symlink resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./254/file0" [pid 6383] <... memfd_create resumed>) = 3 [pid 5080] <... rmdir resumed>) = 0 [pid 6383] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5080] getdents64(3, [pid 6380] <... munmap resumed>) = 0 [pid 6381] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6382] memfd_create("syzkaller", 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./254" [pid 6382] <... memfd_create resumed>) = 3 [pid 6381] <... mmap resumed>) = 0x7f3feae00000 [pid 6380] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... rmdir resumed>) = 0 [pid 5080] mkdir("./255", 0777) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6382] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6380] <... openat resumed>) = 4 [pid 6382] <... mmap resumed>) = 0x7f3feae00000 [pid 6380] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6380] close(3) = 0 [pid 6380] close(4) = 0 [pid 6380] mkdir("./file0", 0777) = 0 [pid 6383] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [ 262.991295][ T6380] loop1: detected capacity change from 0 to 4096 [pid 6380] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6381] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... ioctl resumed>) = 0 [ 263.037680][ T6380] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6383] <... write resumed>) = 2097152 [pid 6382] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6384 attached [pid 6384] set_robust_list(0x555556d3f660, 24 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6384 [pid 6383] munmap(0x7f3feae00000, 138412032 [pid 6384] <... set_robust_list resumed>) = 0 [pid 6380] <... mount resumed>) = 0 [pid 6384] chdir("./255" [pid 6383] <... munmap resumed>) = 0 [pid 6380] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6380] chdir("./file0") = 0 [pid 6384] <... chdir resumed>) = 0 [pid 6380] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6384] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6383] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6381] <... write resumed>) = 2097152 [pid 6384] <... prctl resumed>) = 0 [pid 6383] <... openat resumed>) = 4 [pid 6381] munmap(0x7f3feae00000, 138412032 [pid 6380] exit_group(0 [pid 6384] setpgid(0, 0 [pid 6380] <... exit_group resumed>) = ? [pid 6384] <... setpgid resumed>) = 0 [pid 6383] ioctl(4, LOOP_SET_FD, 3 [pid 6384] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6382] <... write resumed>) = 2097152 [pid 6380] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6380, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5077] umount2("./257", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6384] <... openat resumed>) = 3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./257", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6384] write(3, "1000", 4 [pid 6383] <... ioctl resumed>) = 0 [pid 6382] munmap(0x7f3feae00000, 138412032 [pid 6381] <... munmap resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 6384] <... write resumed>) = 4 [pid 6383] close(3 [pid 6384] close(3 [pid 6383] <... close resumed>) = 0 [pid 6381] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] newfstatat(3, "", [pid 6384] <... close resumed>) = 0 [pid 6383] close(4 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6384] symlink("/dev/binderfs", "./binderfs" [pid 6383] <... close resumed>) = 0 [pid 6382] <... munmap resumed>) = 0 [pid 6381] <... openat resumed>) = 4 [pid 5077] getdents64(3, [pid 6383] mkdir("./file0", 0777 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6384] <... symlink resumed>) = 0 [pid 6383] <... mkdir resumed>) = 0 [pid 6382] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6381] ioctl(4, LOOP_SET_FD, 3 [pid 5077] umount2("./257/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./257/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6382] <... openat resumed>) = 4 [pid 6384] memfd_create("syzkaller", 0 [pid 6383] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6382] ioctl(4, LOOP_SET_FD, 3 [ 263.170689][ T6383] loop3: detected capacity change from 0 to 4096 [ 263.205587][ T6381] loop2: detected capacity change from 0 to 4096 [pid 5077] unlink("./257/binderfs") = 0 [pid 5077] umount2("./257/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5077] umount2("./257/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6381] <... ioctl resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6381] close(3 [pid 5077] newfstatat(AT_FDCWD, "./257/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6384] <... memfd_create resumed>) = 3 [pid 5077] umount2("./257/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6384] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6384] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] openat(AT_FDCWD, "./257/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6381] <... close resumed>) = 0 [pid 5077] <... openat resumed>) = 4 [pid 6381] close(4 [pid 5077] newfstatat(4, "", [pid 6382] <... ioctl resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6382] close(3 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6381] <... close resumed>) = 0 [pid 6381] mkdir("./file0", 0777 [pid 6382] <... close resumed>) = 0 [pid 5077] getdents64(4, [pid 6382] close(4 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6382] <... close resumed>) = 0 [pid 5077] close(4 [pid 6382] mkdir("./file0", 0777 [pid 5077] <... close resumed>) = 0 [pid 6382] <... mkdir resumed>) = 0 [pid 5077] rmdir("./257/file0" [pid 6382] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5077] <... rmdir resumed>) = 0 [pid 6381] <... mkdir resumed>) = 0 [ 263.217916][ T6382] loop0: detected capacity change from 0 to 4096 [ 263.230770][ T6383] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6381] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./257") = 0 [pid 5077] mkdir("./258", 0777) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [ 263.269780][ T6382] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 263.279869][ T6381] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6382] <... mount resumed>) = 0 [pid 6382] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6381] <... mount resumed>) = 0 [pid 6381] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6382] chdir("./file0" [pid 6381] chdir("./file0" [pid 6382] <... chdir resumed>) = 0 [pid 6382] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6381] <... chdir resumed>) = 0 [pid 6382] exit_group(0 [pid 6381] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6384] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6382] <... exit_group resumed>) = ? [pid 6381] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] <... ioctl resumed>) = 0 [pid 6383] <... mount resumed>) = 0 [pid 6382] +++ exited with 0 +++ [pid 6381] exit_group(0 [pid 6383] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6383] chdir("./file0") = 0 [pid 6383] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] close(3 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6382, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 6383] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] <... close resumed>) = 0 [pid 6383] exit_group(0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6383] <... exit_group resumed>) = ? [pid 6381] <... exit_group resumed>) = ? ./strace-static-x86_64: Process 6385 attached [pid 6385] set_robust_list(0x555556d3f660, 24) = 0 [pid 6385] chdir("./258") = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6385 [pid 6385] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6385] setpgid(0, 0) = 0 [pid 6385] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6383] +++ exited with 0 +++ [pid 6381] +++ exited with 0 +++ [pid 5076] umount2("./255", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6381, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=5 /* 0.05 s */} --- [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6383, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 6385] <... openat resumed>) = 3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] umount2("./256", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "./255", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6385] write(3, "1000", 4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... openat resumed>) = 3 [pid 6385] <... write resumed>) = 4 [pid 5078] umount2("./259", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] openat(AT_FDCWD, "./256", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(3, "", [pid 5079] <... openat resumed>) = 3 [pid 5078] openat(AT_FDCWD, "./259", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] newfstatat(3, "", [pid 6385] close(3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6385] <... close resumed>) = 0 [pid 5079] getdents64(3, [pid 5078] newfstatat(3, "", [pid 5076] getdents64(3, [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6385] symlink("/dev/binderfs", "./binderfs" [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] getdents64(3, [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6385] <... symlink resumed>) = 0 [pid 5079] umount2("./256/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./255/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] umount2("./259/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./255/binderfs", [pid 5078] newfstatat(AT_FDCWD, "./259/binderfs", [pid 6385] memfd_create("syzkaller", 0 [pid 5079] newfstatat(AT_FDCWD, "./256/binderfs", [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./259/binderfs" [pid 5076] unlink("./255/binderfs" [pid 5079] unlink("./256/binderfs") = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 6385] <... memfd_create resumed>) = 3 [pid 5079] umount2("./256/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] umount2("./259/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] umount2("./255/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6385] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6384] <... write resumed>) = 2097152 [pid 5079] <... umount2 resumed>) = 0 [pid 6385] <... mmap resumed>) = 0x7f3feae00000 [pid 5076] <... umount2 resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5078] umount2("./259/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] umount2("./255/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./255/file0", [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] newfstatat(AT_FDCWD, "./259/file0", [pid 5076] umount2("./255/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] umount2("./256/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] umount2("./259/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "./255/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./259/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... openat resumed>) = 4 [pid 5079] newfstatat(AT_FDCWD, "./256/file0", [pid 5078] <... openat resumed>) = 4 [pid 5076] newfstatat(4, "", [pid 5078] newfstatat(4, "", [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, [pid 5076] getdents64(4, [pid 5079] umount2("./256/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] getdents64(4, [pid 5076] getdents64(4, [pid 6384] munmap(0x7f3feae00000, 138412032 [pid 5079] openat(AT_FDCWD, "./256/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] <... openat resumed>) = 4 [pid 5078] close(4 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] newfstatat(4, "", [pid 5078] <... close resumed>) = 0 [pid 5076] close(4 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] rmdir("./259/file0" [pid 5079] getdents64(4, [pid 5076] <... close resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4 [pid 5078] <... rmdir resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5076] rmdir("./255/file0" [pid 5079] rmdir("./256/file0") = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./256" [pid 6384] <... munmap resumed>) = 0 [pid 5078] getdents64(3, [pid 5076] getdents64(3, [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5079] mkdir("./257", 0777) = 0 [pid 5078] close(3 [pid 5076] close(3 [pid 6384] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] <... close resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] <... close resumed>) = 0 [pid 6384] <... openat resumed>) = 4 [pid 5079] <... openat resumed>) = 3 [pid 5078] rmdir("./259" [pid 5076] rmdir("./255" [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] <... rmdir resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 6384] ioctl(4, LOOP_SET_FD, 3 [pid 5078] mkdir("./260", 0777 [pid 5076] mkdir("./256", 0777 [pid 5078] <... mkdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] <... mkdir resumed>) = 0 [pid 6385] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6384] <... ioctl resumed>) = 0 [pid 6384] close(3 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6384] <... close resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 6384] close(4 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6384] <... close resumed>) = 0 [pid 6384] mkdir("./file0", 0777) = 0 [ 263.493485][ T6384] loop4: detected capacity change from 0 to 4096 [pid 6384] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6385] <... write resumed>) = 2097152 [pid 6385] munmap(0x7f3feae00000, 138412032 [pid 5079] <... ioctl resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 6385] <... munmap resumed>) = 0 [pid 5078] close(3) = 0 [pid 6385] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6386 attached [pid 6385] <... openat resumed>) = 4 [pid 6385] ioctl(4, LOOP_SET_FD, 3 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6386 [ 263.582929][ T6384] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6387 [pid 6386] set_robust_list(0x555556d3f660, 24) = 0 ./strace-static-x86_64: Process 6387 attached [pid 6386] chdir("./260") = 0 [pid 6386] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6387] set_robust_list(0x555556d3f660, 24) = 0 [pid 6386] <... prctl resumed>) = 0 [pid 6387] chdir("./257" [pid 6386] setpgid(0, 0) = 0 [pid 6385] <... ioctl resumed>) = 0 [pid 6387] <... chdir resumed>) = 0 [pid 6386] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6385] close(3 [pid 6387] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6386] <... openat resumed>) = 3 [pid 6385] <... close resumed>) = 0 [pid 6387] <... prctl resumed>) = 0 [pid 6386] write(3, "1000", 4 [pid 6385] close(4 [pid 5076] <... ioctl resumed>) = 0 [pid 6387] setpgid(0, 0 [pid 6386] <... write resumed>) = 4 [pid 6385] <... close resumed>) = 0 [pid 6387] <... setpgid resumed>) = 0 [pid 6386] close(3 [pid 6385] mkdir("./file0", 0777 [pid 5076] close(3 [pid 6387] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6386] <... close resumed>) = 0 [pid 6385] <... mkdir resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 6387] <... openat resumed>) = 3 [pid 6386] symlink("/dev/binderfs", "./binderfs" [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6387] write(3, "1000", 4) = 4 [pid 6386] <... symlink resumed>) = 0 [pid 6387] close(3) = 0 [pid 6387] symlink("/dev/binderfs", "./binderfs") = 0 [ 263.624564][ T6385] loop1: detected capacity change from 0 to 4096 [pid 6385] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6387] memfd_create("syzkaller", 0) = 3 [pid 6386] memfd_create("syzkaller", 0 [pid 6387] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6384] <... mount resumed>) = 0 [pid 6387] <... mmap resumed>) = 0x7f3feae00000 [pid 6384] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6388 [pid 6386] <... memfd_create resumed>) = 3 ./strace-static-x86_64: Process 6388 attached [pid 6386] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6388] set_robust_list(0x555556d3f660, 24) = 0 [ 263.692730][ T6385] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6388] chdir("./256" [pid 6386] <... mmap resumed>) = 0x7f3feae00000 [pid 6384] chdir("./file0") = 0 [pid 6384] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6384] exit_group(0 [pid 6388] <... chdir resumed>) = 0 [pid 6384] <... exit_group resumed>) = ? [pid 6388] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6384] +++ exited with 0 +++ [pid 6388] <... prctl resumed>) = 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6384, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 6388] setpgid(0, 0 [pid 5080] umount2("./255", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6388] <... setpgid resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6388] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] openat(AT_FDCWD, "./255", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./255/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6388] <... openat resumed>) = 3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6388] write(3, "1000", 4 [pid 5080] newfstatat(AT_FDCWD, "./255/binderfs", [pid 6388] <... write resumed>) = 4 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6388] close(3 [pid 5080] unlink("./255/binderfs" [pid 6388] <... close resumed>) = 0 [pid 5080] <... unlink resumed>) = 0 [pid 6388] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5080] umount2("./255/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6388] memfd_create("syzkaller", 0 [pid 5080] <... umount2 resumed>) = 0 [pid 6388] <... memfd_create resumed>) = 3 [pid 5080] umount2("./255/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6388] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6388] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] newfstatat(AT_FDCWD, "./255/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./255/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./255/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./255/file0" [pid 6387] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... rmdir resumed>) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./255") = 0 [pid 5080] mkdir("./256", 0777) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6388] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6386] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6385] <... mount resumed>) = 0 [pid 6385] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6385] chdir("./file0") = 0 [pid 6385] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6387] <... write resumed>) = 2097152 [pid 6385] exit_group(0) = ? [pid 6387] munmap(0x7f3feae00000, 138412032) = 0 [pid 6387] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6385] +++ exited with 0 +++ [pid 6387] <... openat resumed>) = 4 [pid 6387] ioctl(4, LOOP_SET_FD, 3 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6385, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5077] umount2("./258", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./258", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./258/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./258/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6386] <... write resumed>) = 2097152 [pid 5077] unlink("./258/binderfs" [pid 6387] <... ioctl resumed>) = 0 [pid 6386] munmap(0x7f3feae00000, 138412032 [pid 5077] <... unlink resumed>) = 0 [pid 6388] <... write resumed>) = 2097152 [pid 6386] <... munmap resumed>) = 0 [pid 5077] umount2("./258/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6388] munmap(0x7f3feae00000, 138412032 [pid 6387] close(3 [pid 6386] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] <... ioctl resumed>) = 0 [pid 6387] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 5077] umount2("./258/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./258/file0", [pid 6387] close(4 [pid 5080] close(3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6387] <... close resumed>) = 0 [pid 6386] <... openat resumed>) = 4 [pid 5080] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] umount2("./258/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./258/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 6389 attached [pid 6388] <... munmap resumed>) = 0 [pid 6387] mkdir("./file0", 0777 [pid 6386] ioctl(4, LOOP_SET_FD, 3 [pid 5077] getdents64(4, [pid 6389] set_robust_list(0x555556d3f660, 24 [pid 6388] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6389 [pid 6389] <... set_robust_list resumed>) = 0 [pid 6389] chdir("./256" [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6389] <... chdir resumed>) = 0 [pid 5077] close(4 [pid 6389] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] <... close resumed>) = 0 [pid 6389] <... prctl resumed>) = 0 [pid 6389] setpgid(0, 0 [pid 5077] rmdir("./258/file0" [pid 6389] <... setpgid resumed>) = 0 [pid 6389] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] <... rmdir resumed>) = 0 [pid 6389] <... openat resumed>) = 3 [pid 5077] getdents64(3, [pid 6389] write(3, "1000", 4 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6389] <... write resumed>) = 4 [pid 6388] <... openat resumed>) = 4 [pid 6389] close(3 [pid 5077] close(3 [pid 6389] <... close resumed>) = 0 [pid 6388] ioctl(4, LOOP_SET_FD, 3 [pid 6387] <... mkdir resumed>) = 0 [pid 6386] <... ioctl resumed>) = 0 [ 263.921137][ T6387] loop3: detected capacity change from 0 to 4096 [ 263.960969][ T6386] loop2: detected capacity change from 0 to 4096 [pid 5077] <... close resumed>) = 0 [pid 6389] symlink("/dev/binderfs", "./binderfs" [pid 6387] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6386] close(3 [pid 5077] rmdir("./258" [pid 6389] <... symlink resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 6389] memfd_create("syzkaller", 0 [pid 5077] mkdir("./259", 0777) = 0 [pid 6389] <... memfd_create resumed>) = 3 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 6389] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6386] <... close resumed>) = 0 [pid 6386] close(4) = 0 [pid 6386] mkdir("./file0", 0777) = 0 [pid 6386] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6388] <... ioctl resumed>) = 0 [pid 6388] close(3) = 0 [pid 6388] close(4) = 0 [pid 6388] mkdir("./file0", 0777) = 0 [ 263.973128][ T6388] loop0: detected capacity change from 0 to 4096 [ 263.982128][ T6387] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 264.001501][ T6386] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6388] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5077] <... ioctl resumed>) = 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [ 264.054828][ T6388] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6389] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152./strace-static-x86_64: Process 6390 attached [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6390 [pid 6390] set_robust_list(0x555556d3f660, 24) = 0 [pid 6390] chdir("./259") = 0 [pid 6390] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6390] setpgid(0, 0) = 0 [pid 6390] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6390] write(3, "1000", 4) = 4 [pid 6390] close(3) = 0 [pid 6390] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6386] <... mount resumed>) = 0 [pid 6386] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6387] <... mount resumed>) = 0 [pid 6387] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6386] <... openat resumed>) = 3 [pid 6390] memfd_create("syzkaller", 0 [pid 6387] <... openat resumed>) = 3 [pid 6386] chdir("./file0" [pid 6390] <... memfd_create resumed>) = 3 [pid 6388] <... mount resumed>) = 0 [pid 6387] chdir("./file0" [pid 6386] <... chdir resumed>) = 0 [pid 6390] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6388] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6387] <... chdir resumed>) = 0 [pid 6386] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6390] <... mmap resumed>) = 0x7f3feae00000 [pid 6389] <... write resumed>) = 2097152 [pid 6388] <... openat resumed>) = 3 [pid 6387] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6386] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6388] chdir("./file0") = 0 [pid 6388] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6386] exit_group(0 [pid 6388] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6386] <... exit_group resumed>) = ? [pid 6388] exit_group(0) = ? [pid 6389] munmap(0x7f3feae00000, 138412032 [pid 6387] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6387] exit_group(0 [pid 6386] +++ exited with 0 +++ [pid 6387] <... exit_group resumed>) = ? [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6386, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 6388] +++ exited with 0 +++ [pid 6387] +++ exited with 0 +++ [pid 5078] restart_syscall(<... resuming interrupted clone ...> [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6387, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5078] <... restart_syscall resumed>) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6388, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- [pid 6389] <... munmap resumed>) = 0 [pid 5076] umount2("./256", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] umount2("./257", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "./256", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] umount2("./260", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, [pid 5079] openat(AT_FDCWD, "./257", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6389] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] <... openat resumed>) = 3 [pid 5078] openat(AT_FDCWD, "./260", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] umount2("./256/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6389] <... openat resumed>) = 4 [pid 5079] newfstatat(3, "", [pid 5078] <... openat resumed>) = 3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6389] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] newfstatat(3, "", [pid 5076] newfstatat(AT_FDCWD, "./256/binderfs", [pid 5079] getdents64(3, [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./256/binderfs" [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... unlink resumed>) = 0 [pid 5076] umount2("./256/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] umount2("./257/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5076] umount2("./256/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./256/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./256/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./256/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... openat resumed>) = 4 [pid 5079] newfstatat(AT_FDCWD, "./257/binderfs", [pid 5078] getdents64(3, [pid 5076] newfstatat(4, "", [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] unlink("./257/binderfs" [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] umount2("./260/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(4, [pid 5079] <... unlink resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] newfstatat(AT_FDCWD, "./260/binderfs", [pid 5076] close(4 [pid 6389] <... ioctl resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... close resumed>) = 0 [pid 6389] close(3 [pid 5078] unlink("./260/binderfs" [pid 5076] rmdir("./256/file0" [pid 6389] <... close resumed>) = 0 [pid 5079] umount2("./257/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... unlink resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 6389] close(4 [pid 5078] umount2("./260/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, [pid 6389] <... close resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6390] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] umount2("./257/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6389] mkdir("./file0", 0777 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] close(3 [pid 6389] <... mkdir resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./257/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... close resumed>) = 0 [pid 6389] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5079] umount2("./257/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] rmdir("./256" [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./257/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] <... rmdir resumed>) = 0 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./257/file0") = 0 [pid 5076] mkdir("./257", 0777 [pid 5078] umount2("./260/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... mkdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./260/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] umount2("./260/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./260/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] rmdir("./257" [pid 5078] getdents64(4, [pid 5076] <... openat resumed>) = 3 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./260/file0") = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3 [pid 5079] mkdir("./258", 0777 [pid 5078] <... close resumed>) = 0 [pid 5078] rmdir("./260") = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5078] mkdir("./261", 0777 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5078] <... mkdir resumed>) = 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [ 264.205770][ T6389] loop4: detected capacity change from 0 to 4096 [ 264.238655][ T6389] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6390] <... write resumed>) = 2097152 [pid 5076] <... ioctl resumed>) = 0 [pid 6390] munmap(0x7f3feae00000, 138412032 [pid 6389] <... mount resumed>) = 0 [pid 6389] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6389] chdir("./file0" [pid 6390] <... munmap resumed>) = 0 [pid 6389] <... chdir resumed>) = 0 [pid 6389] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6389] exit_group(0) = ? [pid 6389] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6389, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 6390] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] <... ioctl resumed>) = 0 [pid 6390] <... openat resumed>) = 4 [pid 5080] umount2("./256", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6390] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./256", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... ioctl resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5078] close(3 [pid 5076] close(3 [pid 5080] newfstatat(3, "", [pid 5079] close(3 [pid 5078] <... close resumed>) = 0 [pid 6390] <... ioctl resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6391 attached [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6390] close(3 [pid 5080] getdents64(3, [pid 5079] <... close resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6391 [pid 6391] set_robust_list(0x555556d3f660, 24) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6392 attached [pid 6391] chdir("./257" [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6392] set_robust_list(0x555556d3f660, 24 [pid 6391] <... chdir resumed>) = 0 [pid 6390] <... close resumed>) = 0 [pid 5080] umount2("./256/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6392 [pid 6390] close(4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6390] <... close resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./256/binderfs", [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6393 [pid 6391] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6393 attached [pid 6392] <... set_robust_list resumed>) = 0 [pid 6391] <... prctl resumed>) = 0 [pid 6390] mkdir("./file0", 0777 [pid 5080] unlink("./256/binderfs" [pid 6393] set_robust_list(0x555556d3f660, 24 [pid 6392] chdir("./261" [pid 6391] setpgid(0, 0 [pid 6393] <... set_robust_list resumed>) = 0 [pid 6391] <... setpgid resumed>) = 0 [pid 6393] chdir("./258" [pid 6392] <... chdir resumed>) = 0 [pid 6391] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... unlink resumed>) = 0 [pid 6393] <... chdir resumed>) = 0 [pid 6392] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6391] <... openat resumed>) = 3 [pid 6390] <... mkdir resumed>) = 0 [pid 6392] <... prctl resumed>) = 0 [pid 6392] setpgid(0, 0 [pid 6390] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6393] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6392] <... setpgid resumed>) = 0 [pid 6393] <... prctl resumed>) = 0 [pid 6392] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6391] write(3, "1000", 4 [pid 6393] setpgid(0, 0 [pid 6392] <... openat resumed>) = 3 [pid 6391] <... write resumed>) = 4 [pid 5080] umount2("./256/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6393] <... setpgid resumed>) = 0 [pid 6392] write(3, "1000", 4 [pid 6391] close(3 [pid 6393] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6392] <... write resumed>) = 4 [pid 6391] <... close resumed>) = 0 [pid 6393] <... openat resumed>) = 3 [pid 6392] close(3 [pid 6391] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6392] <... close resumed>) = 0 [pid 6393] write(3, "1000", 4 [pid 6392] symlink("/dev/binderfs", "./binderfs" [pid 6393] <... write resumed>) = 4 [pid 6392] <... symlink resumed>) = 0 [pid 6391] memfd_create("syzkaller", 0 [pid 6393] close(3) = 0 [pid 6393] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6391] <... memfd_create resumed>) = 3 [pid 6391] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... umount2 resumed>) = 0 [pid 6391] <... mmap resumed>) = 0x7f3feae00000 [pid 6393] memfd_create("syzkaller", 0 [pid 5080] umount2("./256/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6392] memfd_create("syzkaller", 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 264.375603][ T6390] loop1: detected capacity change from 0 to 4096 [ 264.413980][ T6390] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5080] newfstatat(AT_FDCWD, "./256/file0", [pid 6393] <... memfd_create resumed>) = 3 [pid 6392] <... memfd_create resumed>) = 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6393] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6392] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] umount2("./256/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6393] <... mmap resumed>) = 0x7f3feae00000 [pid 6392] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./256/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, [pid 6390] <... mount resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, [pid 6390] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6390] chdir("./file0" [pid 5080] close(4) = 0 [pid 6390] <... chdir resumed>) = 0 [pid 5080] rmdir("./256/file0") = 0 [pid 6390] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6390] exit_group(0 [pid 5080] close(3 [pid 6390] <... exit_group resumed>) = ? [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./256" [pid 6390] +++ exited with 0 +++ [pid 5080] <... rmdir resumed>) = 0 [pid 5080] mkdir("./257", 0777 [pid 6393] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6391] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6390, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 6392] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... mkdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6392] <... write resumed>) = 2097152 [pid 6392] munmap(0x7f3feae00000, 138412032) = 0 [pid 5077] umount2("./259", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./259", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6392] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6392] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... openat resumed>) = 3 [pid 6393] <... write resumed>) = 2097152 [pid 6392] <... ioctl resumed>) = 0 [pid 6391] <... write resumed>) = 2097152 [pid 5077] newfstatat(3, "", [pid 6392] close(3 [pid 6391] munmap(0x7f3feae00000, 138412032 [pid 6392] <... close resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6392] close(4 [pid 5077] getdents64(3, [pid 6393] munmap(0x7f3feae00000, 138412032 [pid 6392] <... close resumed>) = 0 [pid 6393] <... munmap resumed>) = 0 [pid 6392] mkdir("./file0", 0777 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6393] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6392] <... mkdir resumed>) = 0 [pid 6391] <... munmap resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5077] umount2("./259/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6393] <... openat resumed>) = 4 [pid 6392] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6391] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] close(3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6393] ioctl(4, LOOP_SET_FD, 3 [pid 6391] <... openat resumed>) = 4 [pid 5080] <... close resumed>) = 0 [ 264.580820][ T6392] loop2: detected capacity change from 0 to 4096 [ 264.620340][ T6392] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5077] newfstatat(AT_FDCWD, "./259/binderfs", [pid 6391] ioctl(4, LOOP_SET_FD, 3 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6394 ./strace-static-x86_64: Process 6394 attached [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./259/binderfs" [pid 6394] set_robust_list(0x555556d3f660, 24 [pid 5077] <... unlink resumed>) = 0 [pid 6394] <... set_robust_list resumed>) = 0 [pid 6394] chdir("./257" [pid 5077] umount2("./259/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6394] <... chdir resumed>) = 0 [pid 6394] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6394] setpgid(0, 0 [pid 5077] <... umount2 resumed>) = 0 [pid 6394] <... setpgid resumed>) = 0 [pid 6394] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] umount2("./259/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6394] <... openat resumed>) = 3 [pid 5077] newfstatat(AT_FDCWD, "./259/file0", [pid 6394] write(3, "1000", 4 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6394] <... write resumed>) = 4 [ 264.622381][ T6393] loop3: detected capacity change from 0 to 4096 [ 264.654538][ T6391] loop0: detected capacity change from 0 to 4096 [pid 5077] umount2("./259/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6394] close(3 [pid 6391] <... ioctl resumed>) = 0 [pid 6394] <... close resumed>) = 0 [pid 6391] close(3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6394] symlink("/dev/binderfs", "./binderfs" [pid 6391] <... close resumed>) = 0 [pid 6391] close(4 [pid 5077] openat(AT_FDCWD, "./259/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6394] <... symlink resumed>) = 0 [pid 6391] <... close resumed>) = 0 [pid 6391] mkdir("./file0", 0777 [pid 5077] <... openat resumed>) = 4 [pid 6391] <... mkdir resumed>) = 0 [pid 6391] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6394] memfd_create("syzkaller", 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, [pid 6392] <... mount resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6394] <... memfd_create resumed>) = 3 [pid 6392] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5077] close(4 [pid 6394] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6392] <... openat resumed>) = 3 [pid 6394] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] <... close resumed>) = 0 [pid 6392] chdir("./file0" [pid 5077] rmdir("./259/file0" [pid 6392] <... chdir resumed>) = 0 [pid 6392] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] <... rmdir resumed>) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3 [pid 6392] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./259" [pid 6392] exit_group(0 [pid 5077] <... rmdir resumed>) = 0 [pid 6392] <... exit_group resumed>) = ? [pid 5077] mkdir("./260", 0777 [pid 6393] <... ioctl resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 6393] close(3) = 0 [pid 6393] close(4) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6393] mkdir("./file0", 0777 [pid 5077] <... openat resumed>) = 3 [pid 6393] <... mkdir resumed>) = 0 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6393] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6392] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6392, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5078] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 264.675653][ T6391] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5078] umount2("./261", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./261", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./261/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./261/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./261/binderfs") = 0 [pid 5078] umount2("./261/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5078] umount2("./261/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./261/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./261/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./261/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./261/file0") = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./261") = 0 [pid 6391] <... mount resumed>) = 0 [ 264.718741][ T6393] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5078] mkdir("./262", 0777 [pid 6391] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6391] chdir("./file0" [pid 5077] <... ioctl resumed>) = 0 [pid 6391] <... chdir resumed>) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 6391] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6391] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6391] exit_group(0) = ? [pid 6391] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6391, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 6394] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] umount2("./257", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./257", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./257/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./257/binderfs", [pid 5077] close(3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] unlink("./257/binderfs" [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... unlink resumed>) = 0 [pid 5076] umount2("./257/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5076] umount2("./257/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6395 attached [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6395 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6395] set_robust_list(0x555556d3f660, 24) = 0 [pid 5076] newfstatat(AT_FDCWD, "./257/file0", [pid 6395] chdir("./260" [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6395] <... chdir resumed>) = 0 [pid 5076] umount2("./257/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6395] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6395] <... prctl resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./257/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6395] setpgid(0, 0 [pid 5076] <... openat resumed>) = 4 [pid 6395] <... setpgid resumed>) = 0 [pid 5076] newfstatat(4, "", [pid 6395] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6395] <... openat resumed>) = 3 [pid 5076] getdents64(4, [pid 6395] write(3, "1000", 4 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6395] <... write resumed>) = 4 [pid 5076] getdents64(4, [pid 6395] close(3 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6395] <... close resumed>) = 0 [pid 5076] close(4 [pid 6395] symlink("/dev/binderfs", "./binderfs" [pid 5076] <... close resumed>) = 0 [pid 6395] <... symlink resumed>) = 0 [pid 5076] rmdir("./257/file0" [pid 6395] memfd_create("syzkaller", 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./257" [pid 6395] <... memfd_create resumed>) = 3 [pid 5076] <... rmdir resumed>) = 0 [pid 6395] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6394] <... write resumed>) = 2097152 [pid 6393] <... mount resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5076] mkdir("./258", 0777 [pid 6395] <... mmap resumed>) = 0x7f3feae00000 [pid 6394] munmap(0x7f3feae00000, 138412032 [pid 6393] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] close(3 [pid 5076] <... mkdir resumed>) = 0 [pid 6394] <... munmap resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 6393] <... openat resumed>) = 3 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6393] chdir("./file0" [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... openat resumed>) = 3 [pid 6393] <... chdir resumed>) = 0 [pid 6393] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6393] <... openat resumed>) = -1 EBUSY (Device or resource busy) ./strace-static-x86_64: Process 6396 attached [pid 6393] exit_group(0 [pid 6394] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6396 [pid 6396] set_robust_list(0x555556d3f660, 24) = 0 [pid 6394] ioctl(4, LOOP_SET_FD, 3 [pid 6396] chdir("./262") = 0 [pid 6396] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6396] setpgid(0, 0 [pid 6393] <... exit_group resumed>) = ? [pid 6396] <... setpgid resumed>) = 0 [pid 6393] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6393, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 6396] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] umount2("./258", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./258", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6396] <... openat resumed>) = 3 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6396] write(3, "1000", 4 [pid 5079] umount2("./258/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6396] <... write resumed>) = 4 [pid 6396] close(3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6396] <... close resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./258/binderfs", [pid 6396] symlink("/dev/binderfs", "./binderfs" [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6396] <... symlink resumed>) = 0 [pid 6394] <... ioctl resumed>) = 0 [pid 5079] unlink("./258/binderfs" [pid 6394] close(3) = 0 [pid 6394] close(4 [pid 5079] <... unlink resumed>) = 0 [pid 6394] <... close resumed>) = 0 [pid 6394] mkdir("./file0", 0777 [pid 5079] umount2("./258/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6394] <... mkdir resumed>) = 0 [ 264.922228][ T6394] loop4: detected capacity change from 0 to 4096 [pid 6394] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6396] memfd_create("syzkaller", 0 [pid 6395] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] <... ioctl resumed>) = 0 [pid 6396] <... memfd_create resumed>) = 3 [pid 6396] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5079] <... umount2 resumed>) = 0 [pid 5079] umount2("./258/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./258/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] close(3) = 0 [pid 5079] umount2("./258/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./258/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6397 attached ) = 4 [pid 5079] newfstatat(4, "", [pid 6397] set_robust_list(0x555556d3f660, 24 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6397 [pid 6397] <... set_robust_list resumed>) = 0 [pid 5079] getdents64(4, [pid 6397] chdir("./258" [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [ 264.963036][ T6394] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5079] getdents64(4, [pid 6397] <... chdir resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6397] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5079] close(4 [pid 6397] setpgid(0, 0 [pid 5079] <... close resumed>) = 0 [pid 6397] <... setpgid resumed>) = 0 [pid 5079] rmdir("./258/file0" [pid 6397] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... rmdir resumed>) = 0 [pid 6397] <... openat resumed>) = 3 [pid 5079] getdents64(3, [pid 6397] write(3, "1000", 4) = 4 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6397] close(3 [pid 5079] close(3 [pid 6397] <... close resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 6397] symlink("/dev/binderfs", "./binderfs" [pid 5079] rmdir("./258" [pid 6397] <... symlink resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 6397] memfd_create("syzkaller", 0 [pid 5079] mkdir("./259", 0777) = 0 [pid 6397] <... memfd_create resumed>) = 3 [pid 6397] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6397] <... mmap resumed>) = 0x7f3feae00000 [pid 5079] <... openat resumed>) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6395] <... write resumed>) = 2097152 [pid 6395] munmap(0x7f3feae00000, 138412032 [pid 6394] <... mount resumed>) = 0 [pid 6396] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6394] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6395] <... munmap resumed>) = 0 [pid 6395] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6394] <... openat resumed>) = 3 [pid 6394] chdir("./file0" [pid 6395] ioctl(4, LOOP_SET_FD, 3 [pid 6394] <... chdir resumed>) = 0 [pid 6394] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6394] exit_group(0) = ? [pid 6395] <... ioctl resumed>) = 0 [pid 6395] close(3) = 0 [pid 6395] close(4) = 0 [pid 6395] mkdir("./file0", 0777) = 0 [pid 6394] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6394, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 6395] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5080] umount2("./257", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./257", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 265.114088][ T6395] loop1: detected capacity change from 0 to 4096 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./257/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] <... ioctl resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./257/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./257/binderfs") = 0 [pid 5080] umount2("./257/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6397] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6398 attached [pid 5080] <... umount2 resumed>) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6398 [pid 6398] set_robust_list(0x555556d3f660, 24) = 0 [pid 6398] chdir("./259") = 0 [pid 5080] umount2("./257/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6398] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6396] <... write resumed>) = 2097152 [pid 6398] setpgid(0, 0) = 0 [pid 6398] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./257/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./257/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 265.162538][ T6395] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5080] openat(AT_FDCWD, "./257/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6398] <... openat resumed>) = 3 [pid 6396] munmap(0x7f3feae00000, 138412032 [pid 5080] <... openat resumed>) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6398] write(3, "1000", 4 [pid 6396] <... munmap resumed>) = 0 [pid 6395] <... mount resumed>) = 0 [pid 6398] <... write resumed>) = 4 [pid 6395] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6398] close(3) = 0 [pid 6398] symlink("/dev/binderfs", "./binderfs" [pid 6395] <... openat resumed>) = 3 [pid 6398] <... symlink resumed>) = 0 [pid 6395] chdir("./file0" [pid 5080] getdents64(4, [pid 6395] <... chdir resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4 [pid 6395] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... close resumed>) = 0 [pid 6395] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] rmdir("./257/file0" [pid 6398] memfd_create("syzkaller", 0 [pid 6395] exit_group(0 [pid 5080] <... rmdir resumed>) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 6396] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] rmdir("./257" [pid 6398] <... memfd_create resumed>) = 3 [pid 6396] <... openat resumed>) = 4 [pid 6395] <... exit_group resumed>) = ? [pid 5080] <... rmdir resumed>) = 0 [pid 5080] mkdir("./258", 0777 [pid 6396] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... mkdir resumed>) = 0 [pid 6398] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6397] <... write resumed>) = 2097152 [pid 6396] <... ioctl resumed>) = 0 [pid 6395] +++ exited with 0 +++ [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6398] <... mmap resumed>) = 0x7f3feae00000 [pid 6397] munmap(0x7f3feae00000, 138412032 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6395, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 6396] close(3 [pid 5077] umount2("./260", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6396] <... close resumed>) = 0 [pid 5077] openat(AT_FDCWD, "./260", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6397] <... munmap resumed>) = 0 [pid 6396] close(4 [pid 5080] <... openat resumed>) = 3 [pid 5077] <... openat resumed>) = 3 [pid 6396] <... close resumed>) = 0 [pid 5077] newfstatat(3, "", [pid 6396] mkdir("./file0", 0777 [pid 6397] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6396] <... mkdir resumed>) = 0 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 265.262786][ T6396] loop2: detected capacity change from 0 to 4096 [pid 5077] getdents64(3, [pid 6397] <... openat resumed>) = 4 [pid 6396] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6397] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6398] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6397] close(3 [pid 5077] umount2("./260/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./260/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./260/binderfs") = 0 [pid 5077] umount2("./260/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6397] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 6397] close(4 [pid 6396] <... mount resumed>) = 0 [pid 6397] <... close resumed>) = 0 [ 265.306474][ T6397] loop0: detected capacity change from 0 to 4096 [ 265.307198][ T6396] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6396] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6397] mkdir("./file0", 0777 [pid 5077] umount2("./260/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./260/file0", [pid 6397] <... mkdir resumed>) = 0 [pid 6396] <... openat resumed>) = 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6396] chdir("./file0") = 0 [pid 5077] umount2("./260/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6397] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6396] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./260/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6396] exit_group(0 [pid 5077] <... openat resumed>) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6398] <... write resumed>) = 2097152 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./260/file0" [pid 6396] <... exit_group resumed>) = ? [pid 5080] <... ioctl resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./260" [pid 6396] +++ exited with 0 +++ [pid 5077] <... rmdir resumed>) = 0 [pid 5080] close(3 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6396, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=11 /* 0.11 s */} --- [pid 5077] mkdir("./261", 0777) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5080] <... close resumed>) = 0 [pid 6398] munmap(0x7f3feae00000, 138412032 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6399 attached [pid 6398] <... munmap resumed>) = 0 [pid 6399] set_robust_list(0x555556d3f660, 24 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6399 [pid 6399] <... set_robust_list resumed>) = 0 [pid 5078] umount2("./262", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6399] chdir("./258" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./262", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6399] <... chdir resumed>) = 0 [pid 6399] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] <... openat resumed>) = 3 [pid 6399] <... prctl resumed>) = 0 [ 265.377554][ T6397] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5078] newfstatat(3, "", [pid 6398] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6399] setpgid(0, 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6399] <... setpgid resumed>) = 0 [pid 5078] getdents64(3, [pid 6399] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6399] <... openat resumed>) = 3 [pid 6398] <... openat resumed>) = 4 [pid 5078] umount2("./262/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6398] ioctl(4, LOOP_SET_FD, 3 [pid 6399] write(3, "1000", 4 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6399] <... write resumed>) = 4 [pid 5078] newfstatat(AT_FDCWD, "./262/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6399] close(3 [pid 5078] unlink("./262/binderfs" [pid 6399] <... close resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 6399] symlink("/dev/binderfs", "./binderfs" [pid 5078] umount2("./262/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6399] <... symlink resumed>) = 0 [pid 6399] memfd_create("syzkaller", 0) = 3 [pid 5078] <... umount2 resumed>) = 0 [pid 6399] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6398] <... ioctl resumed>) = 0 [pid 6397] <... mount resumed>) = 0 [pid 5078] umount2("./262/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6399] <... mmap resumed>) = 0x7f3feae00000 [pid 6398] close(3 [pid 6397] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6398] <... close resumed>) = 0 [pid 6397] <... openat resumed>) = 3 [pid 6398] close(4 [ 265.448341][ T6398] loop3: detected capacity change from 0 to 4096 [pid 5078] newfstatat(AT_FDCWD, "./262/file0", [pid 6398] <... close resumed>) = 0 [pid 6397] chdir("./file0" [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 6397] <... chdir resumed>) = 0 [pid 5078] umount2("./262/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6397] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] openat(AT_FDCWD, "./262/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] close(3 [pid 5078] newfstatat(4, "", [pid 6398] mkdir("./file0", 0777 [pid 6397] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... close resumed>) = 0 [pid 6398] <... mkdir resumed>) = 0 [pid 6397] exit_group(0 [pid 5078] getdents64(4, [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6398] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6397] <... exit_group resumed>) = ? [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, ./strace-static-x86_64: Process 6400 attached [pid 6397] +++ exited with 0 +++ [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6400 [pid 5078] <... close resumed>) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6397, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} --- [pid 5078] rmdir("./262/file0" [pid 6400] set_robust_list(0x555556d3f660, 24) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 6400] chdir("./261" [pid 6399] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] umount2("./258", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./258", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./258/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./258/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./258/binderfs") = 0 [pid 5076] umount2("./258/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5076] umount2("./258/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6400] <... chdir resumed>) = 0 [pid 5078] getdents64(3, [pid 5076] newfstatat(AT_FDCWD, "./258/file0", [pid 6400] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6400] <... prctl resumed>) = 0 [pid 5076] umount2("./258/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./258/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6400] setpgid(0, 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] <... openat resumed>) = 4 [pid 6400] <... setpgid resumed>) = 0 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6400] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./258/file0" [pid 6400] <... openat resumed>) = 3 [pid 5076] <... rmdir resumed>) = 0 [pid 6400] write(3, "1000", 4 [pid 5078] close(3 [pid 6400] <... write resumed>) = 4 [pid 6400] close(3 [pid 5076] getdents64(3, [pid 6400] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6400] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... close resumed>) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./258") = 0 [pid 5078] rmdir("./262" [ 265.514628][ T6398] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5076] mkdir("./259", 0777 [pid 6400] <... symlink resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5078] mkdir("./263", 0777 [pid 5076] <... mkdir resumed>) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 6400] memfd_create("syzkaller", 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6400] <... memfd_create resumed>) = 3 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6400] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6399] <... write resumed>) = 2097152 [pid 6399] munmap(0x7f3feae00000, 138412032 [pid 6400] <... mmap resumed>) = 0x7f3feae00000 [pid 6398] <... mount resumed>) = 0 [pid 6398] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6398] chdir("./file0" [pid 6399] <... munmap resumed>) = 0 [pid 6399] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6398] <... chdir resumed>) = 0 [pid 6400] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6399] <... openat resumed>) = 4 [pid 6399] ioctl(4, LOOP_SET_FD, 3 [pid 6398] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] <... ioctl resumed>) = 0 [pid 6399] <... ioctl resumed>) = 0 [pid 6398] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] close(3 [pid 5076] <... ioctl resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6401 ./strace-static-x86_64: Process 6401 attached [pid 6398] exit_group(0) = ? [pid 6401] set_robust_list(0x555556d3f660, 24 [pid 6398] +++ exited with 0 +++ [pid 6401] <... set_robust_list resumed>) = 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6398, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5076] close(3 [pid 6401] chdir("./263" [pid 6399] close(3 [pid 5076] <... close resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6401] <... chdir resumed>) = 0 [pid 6399] <... close resumed>) = 0 ./strace-static-x86_64: Process 6402 attached [pid 6401] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6400] <... write resumed>) = 2097152 [pid 6399] close(4 [pid 6402] set_robust_list(0x555556d3f660, 24 [pid 6401] <... prctl resumed>) = 0 [pid 6400] munmap(0x7f3feae00000, 138412032 [pid 6399] <... close resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6402 [pid 6402] <... set_robust_list resumed>) = 0 [pid 6401] setpgid(0, 0 [pid 6399] mkdir("./file0", 0777 [ 265.660943][ T6399] loop4: detected capacity change from 0 to 4096 [pid 5079] umount2("./259", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6402] chdir("./259" [pid 6401] <... setpgid resumed>) = 0 [pid 6400] <... munmap resumed>) = 0 [pid 6399] <... mkdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6402] <... chdir resumed>) = 0 [pid 6402] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6401] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] openat(AT_FDCWD, "./259", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6402] <... prctl resumed>) = 0 [pid 6399] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5079] <... openat resumed>) = 3 [pid 6402] setpgid(0, 0 [pid 5079] newfstatat(3, "", [pid 6402] <... setpgid resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6402] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] getdents64(3, [pid 6402] <... openat resumed>) = 3 [pid 6402] write(3, "1000", 4 [pid 6401] <... openat resumed>) = 3 [pid 6402] <... write resumed>) = 4 [pid 6400] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6402] close(3) = 0 [pid 6400] <... openat resumed>) = 4 [pid 6401] write(3, "1000", 4 [pid 6402] symlink("/dev/binderfs", "./binderfs" [pid 6401] <... write resumed>) = 4 [pid 6401] close(3 [pid 6402] <... symlink resumed>) = 0 [pid 6401] <... close resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6402] memfd_create("syzkaller", 0 [pid 6401] symlink("/dev/binderfs", "./binderfs" [pid 5079] umount2("./259/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6400] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./259/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./259/binderfs") = 0 [pid 6401] <... symlink resumed>) = 0 [pid 5079] umount2("./259/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6400] <... ioctl resumed>) = 0 [pid 6401] memfd_create("syzkaller", 0 [pid 6400] close(3 [pid 5079] <... umount2 resumed>) = 0 [pid 6402] <... memfd_create resumed>) = 3 [pid 6401] <... memfd_create resumed>) = 3 [pid 6400] <... close resumed>) = 0 [pid 6402] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6401] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6400] close(4 [pid 6402] <... mmap resumed>) = 0x7f3feae00000 [pid 6401] <... mmap resumed>) = 0x7f3feae00000 [pid 6400] <... close resumed>) = 0 [pid 5079] umount2("./259/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6400] mkdir("./file0", 0777 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./259/file0", [pid 6400] <... mkdir resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./259/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./259/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, [pid 6400] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [ 265.727447][ T6399] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 265.750032][ T6400] loop1: detected capacity change from 0 to 4096 [pid 5079] rmdir("./259/file0") = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6399] <... mount resumed>) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./259") = 0 [pid 6399] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5079] mkdir("./260", 0777) = 0 [pid 6399] chdir("./file0") = 0 [pid 6399] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6399] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... openat resumed>) = 3 [pid 6399] exit_group(0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6399] <... exit_group resumed>) = ? [pid 6399] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6399, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5080] umount2("./258", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./258", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./258/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./258/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./258/binderfs") = 0 [ 265.805442][ T6400] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5080] umount2("./258/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6402] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6400] <... mount resumed>) = 0 [pid 6401] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6400] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... umount2 resumed>) = 0 [pid 6400] <... openat resumed>) = 3 [pid 6400] chdir("./file0") = 0 [pid 6400] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] umount2("./258/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6400] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./258/file0", [pid 6400] exit_group(0) = ? [pid 6400] +++ exited with 0 +++ [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6400, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5080] umount2("./258/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] umount2("./261", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./261", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] openat(AT_FDCWD, "./258/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... openat resumed>) = 3 [pid 5080] <... openat resumed>) = 4 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] newfstatat(4, "", [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] umount2("./261/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] getdents64(4, [pid 5077] newfstatat(AT_FDCWD, "./261/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./261/binderfs") = 0 [pid 5077] umount2("./261/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] <... umount2 resumed>) = 0 [pid 5080] getdents64(4, [pid 5079] <... ioctl resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(3 [pid 5077] umount2("./261/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] close(4 [pid 5079] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] newfstatat(AT_FDCWD, "./261/file0", [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./258/file0" [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6403 [pid 5080] <... rmdir resumed>) = 0 [pid 5077] umount2("./261/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] getdents64(3, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6403 attached [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] openat(AT_FDCWD, "./261/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6403] set_robust_list(0x555556d3f660, 24 [pid 5080] close(3 [pid 5077] <... openat resumed>) = 4 [pid 5080] <... close resumed>) = 0 [pid 5077] newfstatat(4, "", [pid 5080] rmdir("./258" [pid 6403] <... set_robust_list resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 6403] chdir("./260" [pid 5080] mkdir("./259", 0777 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5077] getdents64(4, [pid 6403] <... chdir resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6403] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] getdents64(4, [pid 6403] <... prctl resumed>) = 0 [pid 6403] setpgid(0, 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6403] <... setpgid resumed>) = 0 [pid 5077] close(4 [pid 6403] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] <... close resumed>) = 0 [pid 6403] <... openat resumed>) = 3 [pid 6402] <... write resumed>) = 2097152 [pid 6401] <... write resumed>) = 2097152 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] rmdir("./261/file0" [pid 6403] write(3, "1000", 4) = 4 [pid 6403] close(3) = 0 [pid 6403] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... rmdir resumed>) = 0 [pid 6403] <... symlink resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5077] getdents64(3, [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6402] munmap(0x7f3feae00000, 138412032 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6401] munmap(0x7f3feae00000, 138412032 [pid 6403] memfd_create("syzkaller", 0) = 3 [pid 6402] <... munmap resumed>) = 0 [pid 6401] <... munmap resumed>) = 0 [pid 5077] close(3 [pid 6403] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6402] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6401] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] <... close resumed>) = 0 [pid 6403] <... mmap resumed>) = 0x7f3feae00000 [pid 6402] <... openat resumed>) = 4 [pid 6401] <... openat resumed>) = 4 [pid 5077] rmdir("./261" [pid 6402] ioctl(4, LOOP_SET_FD, 3 [pid 6401] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... rmdir resumed>) = 0 [pid 6402] <... ioctl resumed>) = 0 [pid 5077] mkdir("./262", 0777) = 0 [pid 6403] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6402] close(3 [pid 6401] <... ioctl resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6402] <... close resumed>) = 0 [pid 6401] close(3) = 0 [pid 6402] close(4 [pid 6401] close(4 [pid 6402] <... close resumed>) = 0 [pid 6401] <... close resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 6402] mkdir("./file0", 0777 [pid 6401] mkdir("./file0", 0777 [pid 6402] <... mkdir resumed>) = 0 [pid 6401] <... mkdir resumed>) = 0 [pid 5080] close(3) = 0 [pid 6402] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [ 265.990513][ T6402] loop0: detected capacity change from 0 to 4096 [ 265.997545][ T6401] loop2: detected capacity change from 0 to 4096 [pid 6401] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6403] <... write resumed>) = 2097152 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6404 ./strace-static-x86_64: Process 6404 attached [pid 6404] set_robust_list(0x555556d3f660, 24) = 0 [pid 6404] chdir("./259") = 0 [pid 6404] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6404] setpgid(0, 0) = 0 [pid 6404] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6403] munmap(0x7f3feae00000, 138412032 [pid 6404] <... openat resumed>) = 3 [pid 6404] write(3, "1000", 4) = 4 [pid 6404] close(3) = 0 [pid 6404] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6403] <... munmap resumed>) = 0 [ 266.053038][ T6401] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 266.070580][ T6402] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6404] memfd_create("syzkaller", 0) = 3 [pid 6404] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6401] <... mount resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5077] close(3 [pid 6401] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5077] <... close resumed>) = 0 [pid 6403] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6401] chdir("./file0" [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6401] <... chdir resumed>) = 0 [pid 6403] <... openat resumed>) = 4 [pid 6401] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) ./strace-static-x86_64: Process 6405 attached [pid 6401] exit_group(0 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6405 [pid 6403] ioctl(4, LOOP_SET_FD, 3 [pid 6401] <... exit_group resumed>) = ? [pid 6405] set_robust_list(0x555556d3f660, 24 [pid 6403] <... ioctl resumed>) = 0 [pid 6405] <... set_robust_list resumed>) = 0 [pid 6401] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6401, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 6405] chdir("./262") = 0 [pid 6405] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5078] umount2("./263", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6403] close(3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./263", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6405] setpgid(0, 0 [pid 6403] <... close resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 6405] <... setpgid resumed>) = 0 [pid 6403] close(4 [pid 5078] newfstatat(3, "", [pid 6405] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6403] <... close resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6405] <... openat resumed>) = 3 [pid 6403] mkdir("./file0", 0777 [pid 5078] getdents64(3, [pid 6405] write(3, "1000", 4) = 4 [pid 6405] close(3 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6405] <... close resumed>) = 0 [pid 6403] <... mkdir resumed>) = 0 [pid 5078] umount2("./263/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6403] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [ 266.151094][ T6403] loop3: detected capacity change from 0 to 4096 [pid 6405] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6405] <... symlink resumed>) = 0 [pid 6405] memfd_create("syzkaller", 0) = 3 [pid 6405] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5078] newfstatat(AT_FDCWD, "./263/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./263/binderfs" [pid 6402] <... mount resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5078] umount2("./263/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6402] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6402] chdir("./file0") = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 6402] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6402] exit_group(0) = ? [pid 5078] umount2("./263/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./263/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./263/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 266.194075][ T6403] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5078] openat(AT_FDCWD, "./263/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6404] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6403] <... mount resumed>) = 0 [pid 6402] +++ exited with 0 +++ [pid 5078] <... openat resumed>) = 4 [pid 6403] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] newfstatat(4, "", [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6402, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 5078] getdents64(4, [pid 5076] <... restart_syscall resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, [pid 6403] <... openat resumed>) = 3 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6403] chdir("./file0" [pid 5078] close(4 [pid 5076] umount2("./259", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6403] <... chdir resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 6403] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] rmdir("./263/file0" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./259", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6403] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 6403] exit_group(0 [pid 5076] newfstatat(3, "", [pid 5078] getdents64(3, [pid 6403] <... exit_group resumed>) = ? [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] close(3 [pid 5076] getdents64(3, [pid 5078] <... close resumed>) = 0 [pid 5078] rmdir("./263" [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6403] +++ exited with 0 +++ [pid 5078] <... rmdir resumed>) = 0 [pid 5076] umount2("./259/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6403, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5078] mkdir("./264", 0777 [pid 5079] umount2("./260", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] <... mkdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./260", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] newfstatat(AT_FDCWD, "./259/binderfs", [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] getdents64(3, [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] unlink("./259/binderfs" [pid 5079] umount2("./260/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6405] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... unlink resumed>) = 0 [pid 5076] umount2("./259/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] newfstatat(AT_FDCWD, "./260/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./260/binderfs") = 0 [pid 5079] umount2("./260/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5079] umount2("./260/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./260/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./260/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./260/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... umount2 resumed>) = 0 [pid 5079] getdents64(4, [pid 5076] umount2("./259/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] close(4) = 0 [pid 5079] rmdir("./260/file0") = 0 [pid 5079] getdents64(3, [pid 5076] newfstatat(AT_FDCWD, "./259/file0", [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6404] <... write resumed>) = 2097152 [pid 5079] close(3 [pid 5076] umount2("./259/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./260" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6404] munmap(0x7f3feae00000, 138412032) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./259/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] mkdir("./261", 0777 [pid 5076] <... openat resumed>) = 4 [pid 5079] <... mkdir resumed>) = 0 [pid 5076] newfstatat(4, "", [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6404] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 6404] <... openat resumed>) = 4 [pid 5076] getdents64(4, [pid 6404] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6405] <... write resumed>) = 2097152 [pid 5078] close(3 [pid 5076] getdents64(4, [pid 6405] munmap(0x7f3feae00000, 138412032 [pid 5078] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] close(4 [pid 6404] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 6406 attached [pid 6405] <... munmap resumed>) = 0 [pid 6404] close(3 [pid 5076] <... close resumed>) = 0 [pid 6406] set_robust_list(0x555556d3f660, 24 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6406 [pid 5076] rmdir("./259/file0" [pid 6406] <... set_robust_list resumed>) = 0 [pid 6406] chdir("./264" [pid 5076] <... rmdir resumed>) = 0 [pid 6406] <... chdir resumed>) = 0 [pid 5076] getdents64(3, [pid 6406] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6405] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6406] <... prctl resumed>) = 0 [pid 6405] <... openat resumed>) = 4 [pid 6406] setpgid(0, 0 [pid 6405] ioctl(4, LOOP_SET_FD, 3 [pid 5076] close(3 [pid 6406] <... setpgid resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./259" [pid 6406] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6404] <... close resumed>) = 0 [pid 6406] <... openat resumed>) = 3 [pid 6404] close(4 [pid 5076] <... rmdir resumed>) = 0 [pid 6406] write(3, "1000", 4 [pid 6404] <... close resumed>) = 0 [pid 6406] <... write resumed>) = 4 [pid 6404] mkdir("./file0", 0777 [pid 6406] close(3 [pid 6404] <... mkdir resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 6406] <... close resumed>) = 0 [ 266.406539][ T6404] loop4: detected capacity change from 0 to 4096 [ 266.443273][ T6405] loop1: detected capacity change from 0 to 4096 [pid 6405] <... ioctl resumed>) = 0 [pid 5076] mkdir("./260", 0777 [pid 6406] symlink("/dev/binderfs", "./binderfs" [pid 6404] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6406] <... symlink resumed>) = 0 [pid 6405] close(3 [pid 5079] close(3 [pid 5076] <... mkdir resumed>) = 0 [pid 6405] <... close resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6405] close(4 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6405] <... close resumed>) = 0 [pid 6406] memfd_create("syzkaller", 0 [pid 6405] mkdir("./file0", 0777 [pid 6406] <... memfd_create resumed>) = 3 [pid 6406] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6405] <... mkdir resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6407 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6406] <... mmap resumed>) = 0x7f3feae00000 ./strace-static-x86_64: Process 6407 attached [pid 6405] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6407] set_robust_list(0x555556d3f660, 24) = 0 [pid 6407] chdir("./261") = 0 [pid 6407] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6407] setpgid(0, 0) = 0 [pid 6407] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 266.473158][ T6404] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 266.506343][ T6405] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6407] write(3, "1000", 4) = 4 [pid 6407] close(3) = 0 [pid 6407] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6407] memfd_create("syzkaller", 0 [pid 6406] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6405] <... mount resumed>) = 0 [pid 6407] <... memfd_create resumed>) = 3 [pid 6407] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6405] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6405] chdir("./file0") = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 5076] close(3 [pid 6405] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6404] <... mount resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 6404] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6405] <... openat resumed>) = -1 EBUSY (Device or resource busy) ./strace-static-x86_64: Process 6408 attached [pid 6405] exit_group(0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6408 [pid 6408] set_robust_list(0x555556d3f660, 24 [pid 6404] <... openat resumed>) = 3 [pid 6408] <... set_robust_list resumed>) = 0 [pid 6404] chdir("./file0" [pid 6408] chdir("./260" [pid 6406] <... write resumed>) = 2097152 [pid 6405] <... exit_group resumed>) = ? [pid 6404] <... chdir resumed>) = 0 [pid 6404] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6408] <... chdir resumed>) = 0 [pid 6408] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6404] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6408] <... prctl resumed>) = 0 [pid 6408] setpgid(0, 0 [pid 6404] exit_group(0 [pid 6408] <... setpgid resumed>) = 0 [pid 6404] <... exit_group resumed>) = ? [pid 6408] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6404] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6404, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 6408] <... openat resumed>) = 3 [pid 6406] munmap(0x7f3feae00000, 138412032 [pid 6405] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6405, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5077] umount2("./262", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6408] write(3, "1000", 4 [pid 6407] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6406] <... munmap resumed>) = 0 [pid 5080] umount2("./259", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] openat(AT_FDCWD, "./262", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6408] <... write resumed>) = 4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... openat resumed>) = 3 [pid 6408] close(3 [pid 5080] openat(AT_FDCWD, "./259", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] newfstatat(3, "", [pid 6408] <... close resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6408] symlink("/dev/binderfs", "./binderfs" [pid 5080] newfstatat(3, "", [pid 5077] getdents64(3, [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6408] <... symlink resumed>) = 0 [pid 5080] getdents64(3, [pid 5077] umount2("./262/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] umount2("./259/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] newfstatat(AT_FDCWD, "./262/binderfs", [pid 6406] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6406] <... openat resumed>) = 4 [pid 5080] newfstatat(AT_FDCWD, "./259/binderfs", [pid 5077] unlink("./262/binderfs" [pid 6406] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 5077] umount2("./262/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6408] memfd_create("syzkaller", 0 [pid 6406] <... ioctl resumed>) = 0 [pid 6408] <... memfd_create resumed>) = 3 [pid 5080] unlink("./259/binderfs" [pid 5077] <... umount2 resumed>) = 0 [pid 5077] umount2("./262/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... unlink resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6408] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6406] close(3 [pid 5080] umount2("./259/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] newfstatat(AT_FDCWD, "./262/file0", [pid 6408] <... mmap resumed>) = 0x7f3feae00000 [pid 6406] <... close resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6406] close(4 [pid 5080] <... umount2 resumed>) = 0 [pid 5077] umount2("./262/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./262/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6406] <... close resumed>) = 0 [pid 5077] <... openat resumed>) = 4 [pid 6406] mkdir("./file0", 0777 [pid 5080] umount2("./259/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] newfstatat(4, "", [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, [pid 6406] <... mkdir resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 6406] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5080] newfstatat(AT_FDCWD, "./259/file0", [ 266.716590][ T6406] loop2: detected capacity change from 0 to 4096 [pid 5077] rmdir("./262/file0" [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./262" [pid 6407] <... write resumed>) = 2097152 [pid 5077] <... rmdir resumed>) = 0 [pid 5077] mkdir("./263", 0777 [pid 5080] umount2("./259/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... mkdir resumed>) = 0 [pid 6407] munmap(0x7f3feae00000, 138412032 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6407] <... munmap resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./259/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... openat resumed>) = 4 [pid 5077] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6407] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] getdents64(4, [pid 6407] <... openat resumed>) = 4 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [ 266.771516][ T6406] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5080] close(4 [pid 6407] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./259/file0") = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./259" [pid 6408] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... rmdir resumed>) = 0 [pid 6407] <... ioctl resumed>) = 0 [pid 5080] mkdir("./260", 0777 [pid 6407] close(3) = 0 [pid 6407] close(4) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6407] mkdir("./file0", 0777 [pid 5080] <... openat resumed>) = 3 [ 266.817775][ T6407] loop3: detected capacity change from 0 to 4096 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6407] <... mkdir resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 6407] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6408] <... write resumed>) = 2097152 [pid 6408] munmap(0x7f3feae00000, 138412032 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6409 ./strace-static-x86_64: Process 6409 attached [pid 6408] <... munmap resumed>) = 0 [pid 6409] set_robust_list(0x555556d3f660, 24) = 0 [pid 6409] chdir("./263" [pid 6408] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6409] <... chdir resumed>) = 0 [pid 6408] <... openat resumed>) = 4 [pid 6409] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6408] ioctl(4, LOOP_SET_FD, 3 [pid 6409] <... prctl resumed>) = 0 [ 266.900147][ T6407] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6409] setpgid(0, 0) = 0 [pid 6409] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6409] write(3, "1000", 4) = 4 [pid 6408] <... ioctl resumed>) = 0 [pid 6406] <... mount resumed>) = 0 [pid 6409] close(3 [pid 6408] close(3 [pid 5080] <... ioctl resumed>) = 0 [pid 6409] <... close resumed>) = 0 [pid 6408] <... close resumed>) = 0 [pid 6409] symlink("/dev/binderfs", "./binderfs" [pid 6408] close(4 [pid 6409] <... symlink resumed>) = 0 [pid 6408] <... close resumed>) = 0 [pid 6406] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] close(3 [pid 6408] mkdir("./file0", 0777 [pid 6409] memfd_create("syzkaller", 0 [pid 6408] <... mkdir resumed>) = 0 [pid 6406] <... openat resumed>) = 3 [pid 5080] <... close resumed>) = 0 [pid 6406] chdir("./file0" [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6406] <... chdir resumed>) = 0 [ 266.954672][ T6408] loop0: detected capacity change from 0 to 4096 [pid 6408] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6406] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6409] <... memfd_create resumed>) = 3 [pid 6406] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6410 [pid 6409] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6406] exit_group(0./strace-static-x86_64: Process 6410 attached [pid 6409] <... mmap resumed>) = 0x7f3feae00000 [pid 6406] <... exit_group resumed>) = ? [pid 6410] set_robust_list(0x555556d3f660, 24 [pid 6406] +++ exited with 0 +++ [pid 6410] <... set_robust_list resumed>) = 0 [pid 6410] chdir("./260") = 0 [pid 6410] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6410] setpgid(0, 0) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6406, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 6410] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6410] write(3, "1000", 4) = 4 [pid 6410] close(3 [pid 5078] restart_syscall(<... resuming interrupted clone ...> [pid 6410] <... close resumed>) = 0 [pid 6410] symlink("/dev/binderfs", "./binderfs" [pid 6407] <... mount resumed>) = 0 [pid 5078] <... restart_syscall resumed>) = 0 [pid 6410] <... symlink resumed>) = 0 [pid 6407] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6410] memfd_create("syzkaller", 0 [pid 6407] <... openat resumed>) = 3 [pid 5078] umount2("./264", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6407] chdir("./file0" [pid 5078] openat(AT_FDCWD, "./264", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6407] <... chdir resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 6407] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5078] newfstatat(3, "", [pid 6407] exit_group(0 [pid 6410] <... memfd_create resumed>) = 3 [pid 6407] <... exit_group resumed>) = ? [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 267.023448][ T6408] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6410] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6407] +++ exited with 0 +++ [pid 6410] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] getdents64(3, [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6407, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5079] umount2("./261", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] umount2("./264/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] openat(AT_FDCWD, "./261", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(3, "", [pid 5078] newfstatat(AT_FDCWD, "./264/binderfs", [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] unlink("./264/binderfs") = 0 [pid 5078] umount2("./264/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] umount2("./261/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./261/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6408] <... mount resumed>) = 0 [pid 5079] unlink("./261/binderfs") = 0 [pid 6408] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5079] umount2("./261/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6408] chdir("./file0") = 0 [pid 6408] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6410] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6409] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6408] exit_group(0 [pid 5078] <... umount2 resumed>) = 0 [pid 6408] <... exit_group resumed>) = ? [pid 5079] <... umount2 resumed>) = 0 [pid 5078] umount2("./264/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6408] +++ exited with 0 +++ [pid 5079] umount2("./261/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./264/file0", [pid 5079] newfstatat(AT_FDCWD, "./261/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6408, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5079] umount2("./261/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] umount2("./264/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... restart_syscall resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./261/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... openat resumed>) = 4 [pid 5078] openat(AT_FDCWD, "./264/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... openat resumed>) = 4 [pid 5076] umount2("./260", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] getdents64(4, [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] newfstatat(4, "", [pid 5076] openat(AT_FDCWD, "./260", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] getdents64(4, [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] getdents64(4, [pid 5076] <... openat resumed>) = 3 [pid 5079] close(4 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] newfstatat(3, "", [pid 5079] <... close resumed>) = 0 [pid 5078] getdents64(4, [pid 5079] rmdir("./261/file0" [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, [pid 5079] <... rmdir resumed>) = 0 [pid 5078] close(4 [pid 5079] getdents64(3, [pid 5078] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] rmdir("./264/file0" [pid 5076] umount2("./260/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] close(3) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] rmdir("./261" [pid 5078] getdents64(3, [pid 5076] newfstatat(AT_FDCWD, "./260/binderfs", [pid 5079] <... rmdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] mkdir("./262", 0777 [pid 5078] close(3 [pid 5076] unlink("./260/binderfs") = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5076] umount2("./260/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] rmdir("./264" [pid 5079] <... openat resumed>) = 3 [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] mkdir("./265", 0777) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] umount2("./260/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] newfstatat(AT_FDCWD, "./260/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./260/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./260/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, [pid 6409] <... write resumed>) = 2097152 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 6410] <... write resumed>) = 2097152 [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./260/file0" [pid 6409] munmap(0x7f3feae00000, 138412032 [pid 6410] munmap(0x7f3feae00000, 138412032 [pid 6409] <... munmap resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3 [pid 6409] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6409] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... close resumed>) = 0 [pid 6409] <... ioctl resumed>) = 0 [pid 5076] rmdir("./260" [pid 6410] <... munmap resumed>) = 0 [pid 6410] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5076] <... rmdir resumed>) = 0 [pid 6410] ioctl(4, LOOP_SET_FD, 3 [pid 5076] mkdir("./261", 0777 [pid 6409] close(3) = 0 [pid 6409] close(4) = 0 [pid 6409] mkdir("./file0", 0777) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 6409] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 6410] <... ioctl resumed>) = 0 [pid 6410] close(3) = 0 [pid 6410] close(4) = 0 [pid 6410] mkdir("./file0", 0777) = 0 [ 267.259893][ T6409] loop1: detected capacity change from 0 to 4096 [ 267.273496][ T6410] loop4: detected capacity change from 0 to 4096 [ 267.296913][ T6409] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6410] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5078] <... ioctl resumed>) = 0 [pid 5078] close(3 [pid 5079] <... ioctl resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5079] close(3 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... close resumed>) = 0 ./strace-static-x86_64: Process 6411 attached [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6411 ./strace-static-x86_64: Process 6412 attached [pid 6411] set_robust_list(0x555556d3f660, 24 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6412 [pid 6411] <... set_robust_list resumed>) = 0 [ 267.320314][ T6410] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6411] chdir("./265" [pid 6412] set_robust_list(0x555556d3f660, 24 [pid 6411] <... chdir resumed>) = 0 [pid 6412] <... set_robust_list resumed>) = 0 [pid 6411] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6412] chdir("./262" [pid 6411] setpgid(0, 0 [pid 6412] <... chdir resumed>) = 0 [pid 6411] <... setpgid resumed>) = 0 [pid 6410] <... mount resumed>) = 0 [pid 6412] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6411] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6410] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6412] <... prctl resumed>) = 0 [pid 6411] <... openat resumed>) = 3 [pid 6410] <... openat resumed>) = 3 [pid 6412] setpgid(0, 0 [pid 6411] write(3, "1000", 4 [pid 6410] chdir("./file0" [pid 6411] <... write resumed>) = 4 [pid 6410] <... chdir resumed>) = 0 [pid 6411] close(3 [pid 6410] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6412] <... setpgid resumed>) = 0 [pid 6411] <... close resumed>) = 0 [pid 6410] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] <... ioctl resumed>) = 0 [pid 6412] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6411] symlink("/dev/binderfs", "./binderfs" [pid 6410] exit_group(0 [pid 6412] <... openat resumed>) = 3 [pid 6411] <... symlink resumed>) = 0 [pid 6410] <... exit_group resumed>) = ? [pid 5076] close(3 [pid 6412] write(3, "1000", 4 [pid 6411] memfd_create("syzkaller", 0 [pid 6410] +++ exited with 0 +++ [pid 5076] <... close resumed>) = 0 [pid 6412] <... write resumed>) = 4 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6410, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 6412] close(3) = 0 [pid 6412] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5080] umount2("./260", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6412] memfd_create("syzkaller", 0 [pid 6411] <... memfd_create resumed>) = 3 [pid 6409] <... mount resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6411] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6409] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] openat(AT_FDCWD, "./260", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6413 attached [pid 6411] <... mmap resumed>) = 0x7f3feae00000 [pid 6409] <... openat resumed>) = 3 [pid 5080] <... openat resumed>) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6409] chdir("./file0" [pid 5080] getdents64(3, [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6413 [pid 6413] set_robust_list(0x555556d3f660, 24 [pid 6412] <... memfd_create resumed>) = 3 [pid 6409] <... chdir resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6413] <... set_robust_list resumed>) = 0 [pid 6412] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6409] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] umount2("./260/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6413] chdir("./261" [pid 6412] <... mmap resumed>) = 0x7f3feae00000 [pid 6409] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6413] <... chdir resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./260/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6413] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6413] setpgid(0, 0) = 0 [pid 6409] exit_group(0 [pid 5080] unlink("./260/binderfs" [pid 6413] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5080] <... unlink resumed>) = 0 [pid 6413] write(3, "1000", 4 [pid 6409] <... exit_group resumed>) = ? [pid 5080] umount2("./260/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6413] <... write resumed>) = 4 [pid 6413] close(3 [pid 6409] +++ exited with 0 +++ [pid 6413] <... close resumed>) = 0 [pid 6413] symlink("/dev/binderfs", "./binderfs" [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6409, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5077] umount2("./263", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6413] <... symlink resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./263", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6413] memfd_create("syzkaller", 0 [pid 5077] newfstatat(3, "", [pid 5080] <... umount2 resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6413] <... memfd_create resumed>) = 3 [pid 5080] umount2("./260/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] getdents64(3, [pid 6413] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6411] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6413] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] newfstatat(AT_FDCWD, "./260/file0", [pid 5077] umount2("./263/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./263/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./263/binderfs" [pid 5080] umount2("./260/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... unlink resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] umount2("./263/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] openat(AT_FDCWD, "./260/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./260/file0") = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./260") = 0 [pid 5080] mkdir("./261", 0777) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] umount2("./263/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... openat resumed>) = 3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5077] newfstatat(AT_FDCWD, "./263/file0", [pid 5080] <... ioctl resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] close(3 [pid 5077] umount2("./263/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] openat(AT_FDCWD, "./263/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6414 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 6414 attached [pid 5077] getdents64(4, [pid 6414] set_robust_list(0x555556d3f660, 24 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6414] <... set_robust_list resumed>) = 0 [pid 5077] close(4 [pid 6414] chdir("./261" [pid 5077] <... close resumed>) = 0 [pid 6414] <... chdir resumed>) = 0 [pid 5077] rmdir("./263/file0" [pid 6414] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] <... rmdir resumed>) = 0 [pid 6414] <... prctl resumed>) = 0 [pid 6414] setpgid(0, 0) = 0 [pid 6414] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] getdents64(3, [pid 6414] <... openat resumed>) = 3 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6414] write(3, "1000", 4) = 4 [pid 5077] close(3 [pid 6414] close(3 [pid 5077] <... close resumed>) = 0 [pid 6414] <... close resumed>) = 0 [pid 6412] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] rmdir("./263" [pid 6414] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... rmdir resumed>) = 0 [pid 6414] <... symlink resumed>) = 0 [pid 5077] mkdir("./264", 0777 [pid 6414] memfd_create("syzkaller", 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6414] <... memfd_create resumed>) = 3 [pid 6414] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6413] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6411] <... write resumed>) = 2097152 [pid 6411] munmap(0x7f3feae00000, 138412032) = 0 [pid 6411] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6411] ioctl(4, LOOP_SET_FD, 3 [pid 6413] <... write resumed>) = 2097152 [pid 6413] munmap(0x7f3feae00000, 138412032 [pid 5077] <... ioctl resumed>) = 0 [pid 6413] <... munmap resumed>) = 0 [pid 6411] <... ioctl resumed>) = 0 [pid 6411] close(3) = 0 [pid 6411] close(4 [ 267.697434][ T6411] loop2: detected capacity change from 0 to 4096 [pid 5077] close(3 [pid 6413] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6412] <... write resumed>) = 2097152 [pid 6411] <... close resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 6411] mkdir("./file0", 0777 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6411] <... mkdir resumed>) = 0 [pid 6413] <... openat resumed>) = 4 [pid 6411] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6413] ioctl(4, LOOP_SET_FD, 3 [pid 6412] munmap(0x7f3feae00000, 138412032 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6415 [pid 6412] <... munmap resumed>) = 0 [pid 6414] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6412] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 6415 attached ) = 4 [pid 6415] set_robust_list(0x555556d3f660, 24 [pid 6412] ioctl(4, LOOP_SET_FD, 3 [pid 6415] <... set_robust_list resumed>) = 0 [pid 6415] chdir("./264" [pid 6412] <... ioctl resumed>) = 0 [pid 6415] <... chdir resumed>) = 0 [pid 6413] <... ioctl resumed>) = 0 [pid 6415] prctl(PR_SET_PDEATHSIG, SIGKILL [ 267.763679][ T6413] loop0: detected capacity change from 0 to 4096 [ 267.782093][ T6411] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 267.790557][ T6412] loop3: detected capacity change from 0 to 4096 [pid 6413] close(3 [pid 6415] <... prctl resumed>) = 0 [pid 6413] <... close resumed>) = 0 [pid 6415] setpgid(0, 0 [pid 6413] close(4) = 0 [pid 6413] mkdir("./file0", 0777 [pid 6415] <... setpgid resumed>) = 0 [pid 6413] <... mkdir resumed>) = 0 [pid 6413] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6415] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6412] close(3) = 0 [pid 6412] close(4) = 0 [pid 6415] write(3, "1000", 4) = 4 [pid 6415] close(3) = 0 [pid 6412] mkdir("./file0", 0777 [pid 6415] symlink("/dev/binderfs", "./binderfs" [pid 6412] <... mkdir resumed>) = 0 [pid 6415] <... symlink resumed>) = 0 [pid 6414] <... write resumed>) = 2097152 [pid 6412] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6415] memfd_create("syzkaller", 0 [pid 6414] munmap(0x7f3feae00000, 138412032) = 0 [pid 6415] <... memfd_create resumed>) = 3 [ 267.824773][ T6413] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 267.848176][ T6412] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6414] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6414] ioctl(4, LOOP_SET_FD, 3 [pid 6415] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6414] <... ioctl resumed>) = 0 [pid 6414] close(3) = 0 [pid 6414] close(4) = 0 [pid 6414] mkdir("./file0", 0777) = 0 [pid 6412] <... mount resumed>) = 0 [ 267.877458][ T6414] loop4: detected capacity change from 0 to 4096 [pid 6414] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6411] <... mount resumed>) = 0 [pid 6411] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6412] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6411] <... openat resumed>) = 3 [pid 6412] <... openat resumed>) = 3 [pid 6412] chdir("./file0" [pid 6411] chdir("./file0") = 0 [pid 6412] <... chdir resumed>) = 0 [pid 6412] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6411] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6412] exit_group(0 [pid 6411] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6411] exit_group(0) = ? [pid 6412] <... exit_group resumed>) = ? [pid 6411] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6411, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5078] umount2("./265", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./265", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6412] +++ exited with 0 +++ [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./265/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6412, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=9 /* 0.09 s */} --- [pid 5078] newfstatat(AT_FDCWD, "./265/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6413] <... mount resumed>) = 0 [pid 5079] restart_syscall(<... resuming interrupted clone ...> [ 267.932568][ T6414] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5078] unlink("./265/binderfs" [pid 5079] <... restart_syscall resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5078] umount2("./265/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6413] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] umount2("./262", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./262", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6413] <... openat resumed>) = 3 [pid 5079] <... openat resumed>) = 3 [pid 5078] umount2("./265/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] newfstatat(3, "", [pid 6413] chdir("./file0" [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6413] <... chdir resumed>) = 0 [pid 5079] getdents64(3, [pid 5078] newfstatat(AT_FDCWD, "./265/file0", [pid 6413] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6413] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] umount2("./262/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] umount2("./265/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6413] exit_group(0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./262/binderfs", [pid 6413] <... exit_group resumed>) = ? [pid 6413] +++ exited with 0 +++ [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./262/binderfs" [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6413, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 6415] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] <... unlink resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./265/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] umount2("./261", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./261", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... openat resumed>) = 4 [pid 5076] <... openat resumed>) = 3 [pid 5078] newfstatat(4, "", [pid 5076] newfstatat(3, "", [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] umount2("./262/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./261/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./261/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./261/binderfs" [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... unlink resumed>) = 0 [pid 5076] umount2("./261/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./265/file0") = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./265" [pid 5079] <... umount2 resumed>) = 0 [pid 6414] <... mount resumed>) = 0 [pid 5079] umount2("./262/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./261/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] newfstatat(AT_FDCWD, "./262/file0", [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6414] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] mkdir("./266", 0777 [pid 5076] newfstatat(AT_FDCWD, "./261/file0", [pid 5079] umount2("./262/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6414] <... openat resumed>) = 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... mkdir resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] openat(AT_FDCWD, "./262/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] umount2("./261/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6414] chdir("./file0" [pid 5079] <... openat resumed>) = 4 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(4, "", [pid 5076] openat(AT_FDCWD, "./261/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6414] <... chdir resumed>) = 0 [pid 5079] getdents64(4, [pid 5078] <... openat resumed>) = 3 [pid 5076] <... openat resumed>) = 4 [pid 6414] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] newfstatat(4, "", [pid 6414] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] getdents64(4, [pid 6414] exit_group(0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6414] <... exit_group resumed>) = ? [pid 5079] close(4 [pid 6414] +++ exited with 0 +++ [pid 5076] getdents64(4, [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6414, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5079] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] rmdir("./262/file0" [pid 5076] getdents64(4, [pid 5079] <... rmdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] umount2("./261", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] close(4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./261", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] getdents64(3, [pid 5076] <... close resumed>) = 0 [pid 5080] newfstatat(3, "", [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] rmdir("./261/file0" [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] close(3 [pid 5076] <... rmdir resumed>) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] <... close resumed>) = 0 [pid 5076] getdents64(3, [pid 5080] umount2("./261/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] rmdir("./262" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./261/binderfs", [pid 5076] close(3 [pid 5079] mkdir("./263", 0777 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] unlink("./261/binderfs" [pid 5076] rmdir("./261" [pid 5080] <... unlink resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5076] <... rmdir resumed>) = 0 [pid 6415] <... write resumed>) = 2097152 [pid 5076] mkdir("./262", 0777) = 0 [pid 6415] munmap(0x7f3feae00000, 138412032 [pid 5080] umount2("./261/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6415] <... munmap resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6415] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... umount2 resumed>) = 0 [pid 5078] close(3 [pid 5080] umount2("./261/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... close resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] newfstatat(AT_FDCWD, "./261/file0", [pid 6415] <... openat resumed>) = 4 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6415] ioctl(4, LOOP_SET_FD, 3 [pid 5080] umount2("./261/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6416 [pid 5080] openat(AT_FDCWD, "./261/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6415] <... ioctl resumed>) = 0 [pid 5080] newfstatat(4, "", [pid 6415] close(3) = 0 [pid 6415] close(4) = 0 ./strace-static-x86_64: Process 6416 attached [pid 6415] mkdir("./file0", 0777 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 6416] set_robust_list(0x555556d3f660, 24 [pid 6415] <... mkdir resumed>) = 0 [pid 5080] getdents64(4, [pid 5079] close(3 [pid 6416] <... set_robust_list resumed>) = 0 [pid 6415] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6416] chdir("./266" [pid 5079] <... close resumed>) = 0 [pid 5080] getdents64(4, [pid 6416] <... chdir resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4 [pid 6416] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] <... close resumed>) = 0 [pid 6416] <... prctl resumed>) = 0 [pid 5080] rmdir("./261/file0" [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6417 [pid 6416] setpgid(0, 0) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 6416] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3./strace-static-x86_64: Process 6417 attached [pid 6416] <... openat resumed>) = 3 [pid 5080] <... close resumed>) = 0 [pid 6417] set_robust_list(0x555556d3f660, 24) = 0 [pid 6417] chdir("./263") = 0 [pid 6416] write(3, "1000", 4 [pid 5080] rmdir("./261" [pid 6417] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] <... rmdir resumed>) = 0 [pid 6417] <... prctl resumed>) = 0 [pid 6416] <... write resumed>) = 4 [pid 6417] setpgid(0, 0 [pid 6416] close(3 [pid 5080] mkdir("./262", 0777 [pid 6416] <... close resumed>) = 0 [pid 6416] symlink("/dev/binderfs", "./binderfs" [pid 6417] <... setpgid resumed>) = 0 [pid 6417] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6416] <... symlink resumed>) = 0 [ 268.163258][ T6415] loop1: detected capacity change from 0 to 4096 [ 268.197541][ T6415] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6417] write(3, "1000", 4) = 4 [pid 5080] <... mkdir resumed>) = 0 [pid 6417] close(3) = 0 [pid 6417] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6417] memfd_create("syzkaller", 0 [pid 6416] memfd_create("syzkaller", 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6416] <... memfd_create resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6417] <... memfd_create resumed>) = 3 [pid 6416] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6417] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5076] <... ioctl resumed>) = 0 [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6415] <... mount resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6418 ./strace-static-x86_64: Process 6418 attached [pid 6415] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6418] set_robust_list(0x555556d3f660, 24) = 0 [pid 6418] chdir("./262") = 0 [pid 6418] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6418] setpgid(0, 0) = 0 [pid 6418] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6418] write(3, "1000", 4 [pid 6415] <... openat resumed>) = 3 [pid 6415] chdir("./file0" [pid 6418] <... write resumed>) = 4 [pid 6418] close(3 [pid 6415] <... chdir resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 6418] <... close resumed>) = 0 [pid 6415] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6418] symlink("/dev/binderfs", "./binderfs" [pid 6417] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6416] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6415] exit_group(0 [pid 6418] <... symlink resumed>) = 0 [pid 6415] <... exit_group resumed>) = ? [pid 6418] memfd_create("syzkaller", 0 [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6418] <... memfd_create resumed>) = 3 [pid 6418] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6415] +++ exited with 0 +++ ./strace-static-x86_64: Process 6419 attached [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6419 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6415, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 6419] set_robust_list(0x555556d3f660, 24) = 0 [pid 6419] chdir("./262" [pid 5077] umount2("./264", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6419] <... chdir resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6419] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] openat(AT_FDCWD, "./264", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6419] <... prctl resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 6419] setpgid(0, 0) = 0 [pid 5077] newfstatat(3, "", [pid 6419] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6419] <... openat resumed>) = 3 [pid 5077] getdents64(3, [pid 6419] write(3, "1000", 4 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6419] <... write resumed>) = 4 [pid 6419] close(3 [pid 5077] umount2("./264/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6419] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6419] symlink("/dev/binderfs", "./binderfs" [pid 5077] newfstatat(AT_FDCWD, "./264/binderfs", [pid 6419] <... symlink resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6419] memfd_create("syzkaller", 0 [pid 5077] unlink("./264/binderfs") = 0 [pid 5077] umount2("./264/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6419] <... memfd_create resumed>) = 3 [pid 6416] <... write resumed>) = 2097152 [pid 5077] <... umount2 resumed>) = 0 [pid 6419] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6416] munmap(0x7f3feae00000, 138412032 [pid 5077] umount2("./264/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6419] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6416] <... munmap resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./264/file0", [pid 6417] <... write resumed>) = 2097152 [pid 6416] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6417] munmap(0x7f3feae00000, 138412032 [pid 6416] <... openat resumed>) = 4 [pid 5077] umount2("./264/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6416] ioctl(4, LOOP_SET_FD, 3 [pid 5077] openat(AT_FDCWD, "./264/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", [pid 6417] <... munmap resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6418] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6417] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6416] <... ioctl resumed>) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6416] close(3) = 0 [pid 6416] close(4) = 0 [pid 5077] getdents64(4, [pid 6417] <... openat resumed>) = 4 [pid 6416] mkdir("./file0", 0777 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./264/file0") = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./264") = 0 [pid 6416] <... mkdir resumed>) = 0 [ 268.440057][ T6416] loop2: detected capacity change from 0 to 4096 [pid 6417] ioctl(4, LOOP_SET_FD, 3 [pid 6416] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5077] mkdir("./265", 0777) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 6419] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6418] <... write resumed>) = 2097152 [pid 6417] <... ioctl resumed>) = 0 [pid 6417] close(3) = 0 [pid 6417] close(4) = 0 [pid 6418] munmap(0x7f3feae00000, 138412032 [pid 6417] mkdir("./file0", 0777) = 0 [ 268.482104][ T6417] loop3: detected capacity change from 0 to 4096 [ 268.496204][ T6416] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6417] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6418] <... munmap resumed>) = 0 [pid 6418] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6418] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6418] close(3) = 0 [pid 6418] close(4) = 0 [pid 6418] mkdir("./file0", 0777) = 0 [pid 6418] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5077] <... ioctl resumed>) = 0 [pid 6417] <... mount resumed>) = 0 [pid 6416] <... mount resumed>) = 0 [ 268.529445][ T6417] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 268.564903][ T6418] loop0: detected capacity change from 0 to 4096 [pid 6417] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6416] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6417] <... openat resumed>) = 3 [pid 6416] <... openat resumed>) = 3 [pid 6417] chdir("./file0" [pid 6416] chdir("./file0" [pid 6417] <... chdir resumed>) = 0 [pid 6416] <... chdir resumed>) = 0 [pid 6417] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6416] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6417] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6416] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] close(3 [pid 6419] <... write resumed>) = 2097152 [pid 6417] exit_group(0 [pid 6416] exit_group(0 [pid 5077] <... close resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6419] munmap(0x7f3feae00000, 138412032 [pid 6417] <... exit_group resumed>) = ? [pid 6416] <... exit_group resumed>) = ? [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6420 [pid 6416] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6416, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5078] restart_syscall(<... resuming interrupted clone ...>) = 0 ./strace-static-x86_64: Process 6420 attached [pid 6420] set_robust_list(0x555556d3f660, 24) = 0 [pid 5078] umount2("./266", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6420] chdir("./265" [pid 6417] +++ exited with 0 +++ [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6420] <... chdir resumed>) = 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6417, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} --- [pid 5078] openat(AT_FDCWD, "./266", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6420] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] restart_syscall(<... resuming interrupted clone ...> [pid 6420] <... prctl resumed>) = 0 [pid 5079] <... restart_syscall resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 6420] setpgid(0, 0 [pid 6419] <... munmap resumed>) = 0 [pid 5078] newfstatat(3, "", [pid 6420] <... setpgid resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] umount2("./263", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] getdents64(3, [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6420] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] openat(AT_FDCWD, "./263", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] umount2("./266/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... openat resumed>) = 3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 268.605860][ T6418] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6420] <... openat resumed>) = 3 [pid 6419] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] newfstatat(3, "", [pid 5078] newfstatat(AT_FDCWD, "./266/binderfs", [pid 6420] write(3, "1000", 4) = 4 [pid 6419] <... openat resumed>) = 4 [pid 6420] close(3 [pid 6419] ioctl(4, LOOP_SET_FD, 3 [pid 6420] <... close resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] getdents64(3, [pid 5078] unlink("./266/binderfs" [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] <... unlink resumed>) = 0 [pid 5079] umount2("./263/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] umount2("./266/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6420] symlink("/dev/binderfs", "./binderfs" [pid 5079] newfstatat(AT_FDCWD, "./263/binderfs", [pid 5078] <... umount2 resumed>) = 0 [pid 6420] <... symlink resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./263/binderfs") = 0 [pid 5079] umount2("./263/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6419] <... ioctl resumed>) = 0 [pid 6420] memfd_create("syzkaller", 0 [pid 6419] close(3 [pid 6420] <... memfd_create resumed>) = 3 [pid 6419] <... close resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 6420] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6419] close(4 [pid 5078] umount2("./266/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6420] <... mmap resumed>) = 0x7f3feae00000 [pid 6419] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./266/file0", [pid 6419] mkdir("./file0", 0777 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./263/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] umount2("./266/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6419] <... mkdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./266/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6419] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5079] newfstatat(AT_FDCWD, "./263/file0", [pid 5078] <... openat resumed>) = 4 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./263/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] newfstatat(4, "", [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] openat(AT_FDCWD, "./263/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] getdents64(4, [pid 5079] <... openat resumed>) = 4 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] newfstatat(4, "", [pid 5078] getdents64(4, [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./266/file0" [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] <... rmdir resumed>) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] getdents64(3, [pid 5079] close(4) = 0 [pid 5079] rmdir("./263/file0" [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] close(3) = 0 [pid 5079] getdents64(3, [pid 5078] rmdir("./266") = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] mkdir("./267", 0777 [pid 5079] close(3 [pid 5078] <... mkdir resumed>) = 0 [pid 5079] <... close resumed>) = 0 [ 268.672549][ T6419] loop4: detected capacity change from 0 to 4096 [ 268.709820][ T6419] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5079] rmdir("./263") = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] mkdir("./264", 0777 [pid 5078] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5079] <... mkdir resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6419] <... mount resumed>) = 0 [pid 6418] <... mount resumed>) = 0 [pid 6419] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6418] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6419] <... openat resumed>) = 3 [pid 6418] <... openat resumed>) = 3 [pid 6419] chdir("./file0" [pid 6418] chdir("./file0" [pid 6419] <... chdir resumed>) = 0 [pid 6418] <... chdir resumed>) = 0 [pid 6419] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6418] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6419] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6418] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6419] exit_group(0 [pid 6418] exit_group(0 [pid 6420] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6419] <... exit_group resumed>) = ? [pid 6418] <... exit_group resumed>) = ? [pid 6419] +++ exited with 0 +++ [pid 6418] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6418, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6419, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5080] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5080] umount2("./262", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./262", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./262/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./262/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./262/binderfs") = 0 [pid 5080] umount2("./262/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] umount2("./262", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6420] <... write resumed>) = 2097152 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./262", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, [pid 6420] munmap(0x7f3feae00000, 138412032 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./262/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6420] <... munmap resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./262/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 6420] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... umount2 resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5076] unlink("./262/binderfs" [pid 6420] <... openat resumed>) = 4 [pid 5080] umount2("./262/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] close(3 [pid 5078] close(3 [pid 6420] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... close resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./262/file0", [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./262/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] umount2("./262/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] openat(AT_FDCWD, "./262/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6421 attached ) = 4 [pid 6421] set_robust_list(0x555556d3f660, 24 [pid 5080] newfstatat(4, "", [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6421 [pid 6421] <... set_robust_list resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6421] chdir("./264" [pid 5080] getdents64(4, [pid 6421] <... chdir resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6421] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] getdents64(4, [pid 6421] <... prctl resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6421] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 6422 attached [pid 5080] close(4 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6422 [pid 5076] <... umount2 resumed>) = 0 [pid 6421] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... close resumed>) = 0 [pid 6422] set_robust_list(0x555556d3f660, 24 [pid 6421] <... openat resumed>) = 3 [pid 5080] rmdir("./262/file0" [pid 5076] umount2("./262/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6422] <... set_robust_list resumed>) = 0 [pid 6420] <... ioctl resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6422] chdir("./267" [pid 6421] write(3, "1000", 4 [pid 6420] close(3 [pid 5076] newfstatat(AT_FDCWD, "./262/file0", [pid 6422] <... chdir resumed>) = 0 [pid 6421] <... write resumed>) = 4 [pid 6420] <... close resumed>) = 0 [pid 5080] getdents64(3, [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6422] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6420] close(4 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6420] <... close resumed>) = 0 [pid 5080] close(3 [pid 6422] <... prctl resumed>) = 0 [pid 6420] mkdir("./file0", 0777 [pid 5080] <... close resumed>) = 0 [pid 6422] setpgid(0, 0 [pid 6421] close(3 [pid 5080] rmdir("./262" [pid 5076] umount2("./262/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6422] <... setpgid resumed>) = 0 [pid 6421] <... close resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 6422] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6420] <... mkdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6421] symlink("/dev/binderfs", "./binderfs" [pid 6422] <... openat resumed>) = 3 [pid 6420] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5080] mkdir("./263", 0777 [pid 6421] <... symlink resumed>) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./262/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6422] write(3, "1000", 4 [pid 5076] <... openat resumed>) = 4 [pid 6422] <... write resumed>) = 4 [pid 5076] newfstatat(4, "", [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6421] memfd_create("syzkaller", 0 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6422] close(3) = 0 [pid 5076] getdents64(4, [pid 6422] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6422] memfd_create("syzkaller", 0 [pid 6421] <... memfd_create resumed>) = 3 [pid 5076] getdents64(4, [pid 6421] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6422] <... memfd_create resumed>) = 3 [pid 6422] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5076] close(4) = 0 [pid 5076] rmdir("./262/file0") = 0 [pid 6421] <... mmap resumed>) = 0x7f3feae00000 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./262") = 0 [pid 5076] mkdir("./263", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 268.884477][ T6420] loop1: detected capacity change from 0 to 4096 [ 268.920782][ T6420] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6421] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6420] <... mount resumed>) = 0 [pid 6420] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6420] chdir("./file0") = 0 [pid 6420] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5080] <... ioctl resumed>) = 0 [pid 6420] exit_group(0) = ? [pid 6420] +++ exited with 0 +++ [pid 5080] close(3 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6420, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5080] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] umount2("./265", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./265", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6423 attached ) = 3 [pid 6423] set_robust_list(0x555556d3f660, 24 [pid 5077] newfstatat(3, "", [pid 6423] <... set_robust_list resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6423 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6423] chdir("./263") = 0 [pid 5077] umount2("./265/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6423] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6423] setpgid(0, 0) = 0 [pid 6421] <... write resumed>) = 2097152 [pid 6423] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6423] <... openat resumed>) = 3 [pid 5077] newfstatat(AT_FDCWD, "./265/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./265/binderfs" [pid 6423] write(3, "1000", 4) = 4 [pid 6423] close(3) = 0 [pid 6422] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6421] munmap(0x7f3feae00000, 138412032 [pid 5077] <... unlink resumed>) = 0 [pid 6423] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6423] memfd_create("syzkaller", 0 [pid 5077] umount2("./265/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6423] <... memfd_create resumed>) = 3 [pid 6421] <... munmap resumed>) = 0 [pid 6423] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5076] <... ioctl resumed>) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 5077] umount2("./265/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] close(3 [pid 6421] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... close resumed>) = 0 [pid 6421] <... openat resumed>) = 4 [pid 5077] newfstatat(AT_FDCWD, "./265/file0", [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6421] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./265/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./265/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 6424 attached [pid 6424] set_robust_list(0x555556d3f660, 24 [pid 6422] <... write resumed>) = 2097152 [pid 6421] <... ioctl resumed>) = 0 [pid 5077] getdents64(4, [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6424 [pid 6422] munmap(0x7f3feae00000, 138412032 [pid 6421] close(3 [pid 6424] <... set_robust_list resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6424] chdir("./263" [pid 6421] <... close resumed>) = 0 [pid 5077] getdents64(4, [pid 6424] <... chdir resumed>) = 0 [pid 6421] close(4 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6424] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6421] <... close resumed>) = 0 [pid 6424] <... prctl resumed>) = 0 [pid 6424] setpgid(0, 0) = 0 [pid 6424] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6424] write(3, "1000", 4 [pid 6423] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6421] mkdir("./file0", 0777 [pid 5077] close(4 [pid 6424] <... write resumed>) = 4 [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./265/file0" [pid 6424] close(3) = 0 [pid 6424] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6421] <... mkdir resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 6422] <... munmap resumed>) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [ 269.106621][ T6421] loop3: detected capacity change from 0 to 4096 [pid 5077] close(3 [pid 6424] memfd_create("syzkaller", 0 [pid 6422] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6421] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5077] <... close resumed>) = 0 [pid 6422] <... openat resumed>) = 4 [pid 5077] rmdir("./265" [pid 6424] <... memfd_create resumed>) = 3 [pid 6424] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6422] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... rmdir resumed>) = 0 [pid 5077] mkdir("./266", 0777) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6422] <... ioctl resumed>) = 0 [pid 6422] close(3 [pid 5077] <... openat resumed>) = 3 [pid 6422] <... close resumed>) = 0 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6422] close(4) = 0 [pid 6422] mkdir("./file0", 0777) = 0 [ 269.154654][ T6422] loop2: detected capacity change from 0 to 4096 [ 269.165677][ T6421] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6422] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6423] <... write resumed>) = 2097152 [pid 6423] munmap(0x7f3feae00000, 138412032) = 0 [pid 6421] <... mount resumed>) = 0 [pid 6424] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6423] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6421] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6423] <... openat resumed>) = 4 [pid 6421] <... openat resumed>) = 3 [pid 6423] ioctl(4, LOOP_SET_FD, 3 [pid 6422] <... mount resumed>) = 0 [pid 6421] chdir("./file0" [pid 5077] <... ioctl resumed>) = 0 [pid 6421] <... chdir resumed>) = 0 [ 269.199769][ T6422] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6421] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6423] <... ioctl resumed>) = 0 [pid 6422] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6421] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] close(3) = 0 [pid 6422] <... openat resumed>) = 3 [pid 6423] close(3 [pid 6421] exit_group(0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6423] <... close resumed>) = 0 [pid 6423] close(4 [pid 6422] chdir("./file0" [pid 6421] <... exit_group resumed>) = ? [pid 6423] <... close resumed>) = 0 [pid 6422] <... chdir resumed>) = 0 [pid 6421] +++ exited with 0 +++ [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6425 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6421, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5079] restart_syscall(<... resuming interrupted clone ...> [pid 6423] mkdir("./file0", 0777 [pid 6422] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6423] <... mkdir resumed>) = 0 [pid 6422] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... restart_syscall resumed>) = 0 ./strace-static-x86_64: Process 6425 attached [pid 6423] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6422] exit_group(0 [pid 6425] set_robust_list(0x555556d3f660, 24) = 0 [ 269.259558][ T6423] loop4: detected capacity change from 0 to 4096 [pid 6422] <... exit_group resumed>) = ? [pid 5079] umount2("./264", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6425] chdir("./266" [pid 6422] +++ exited with 0 +++ [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6425] <... chdir resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./264", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6425] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... openat resumed>) = 3 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6422, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 6425] <... prctl resumed>) = 0 [pid 5079] newfstatat(3, "", [pid 5078] umount2("./267", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6425] setpgid(0, 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6425] <... setpgid resumed>) = 0 [pid 5079] getdents64(3, [pid 5078] openat(AT_FDCWD, "./267", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6425] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] <... openat resumed>) = 3 [pid 5079] umount2("./264/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] newfstatat(3, "", [pid 6425] <... openat resumed>) = 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] newfstatat(AT_FDCWD, "./264/binderfs", [pid 5078] getdents64(3, [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6425] write(3, "1000", 4 [pid 5079] unlink("./264/binderfs" [pid 5078] umount2("./267/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6425] <... write resumed>) = 4 [pid 5079] <... unlink resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6425] close(3 [pid 5079] umount2("./264/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] newfstatat(AT_FDCWD, "./267/binderfs", [pid 6425] <... close resumed>) = 0 [pid 6424] <... write resumed>) = 2097152 [pid 5079] <... umount2 resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6425] symlink("/dev/binderfs", "./binderfs" [pid 5079] umount2("./264/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6425] <... symlink resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] unlink("./267/binderfs" [pid 5079] newfstatat(AT_FDCWD, "./264/file0", [pid 5078] <... unlink resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6425] memfd_create("syzkaller", 0 [pid 6424] munmap(0x7f3feae00000, 138412032 [pid 5079] umount2("./264/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] umount2("./267/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6425] <... memfd_create resumed>) = 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 269.317463][ T6423] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6425] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6423] <... mount resumed>) = 0 [pid 6425] <... mmap resumed>) = 0x7f3feae00000 [pid 6424] <... munmap resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./264/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... umount2 resumed>) = 0 [pid 6423] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] umount2("./267/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6424] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6423] <... openat resumed>) = 3 [pid 5079] <... openat resumed>) = 4 [pid 6424] <... openat resumed>) = 4 [pid 6423] chdir("./file0" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6424] ioctl(4, LOOP_SET_FD, 3 [pid 6423] <... chdir resumed>) = 0 [pid 5079] newfstatat(4, "", [pid 6423] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6423] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] getdents64(4, [pid 6423] exit_group(0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6423] <... exit_group resumed>) = ? [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4 [pid 5078] newfstatat(AT_FDCWD, "./267/file0", [pid 5079] <... close resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] rmdir("./264/file0" [pid 5078] umount2("./267/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... rmdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./267/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 6424] <... ioctl resumed>) = 0 [pid 5079] rmdir("./264" [pid 6424] close(3 [pid 6423] +++ exited with 0 +++ [pid 5079] <... rmdir resumed>) = 0 [pid 5078] <... openat resumed>) = 4 [pid 6424] <... close resumed>) = 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6423, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 6424] close(4 [pid 5078] newfstatat(4, "", [pid 6424] <... close resumed>) = 0 [pid 6424] mkdir("./file0", 0777 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] umount2("./263", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] mkdir("./265", 0777 [pid 6424] <... mkdir resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... mkdir resumed>) = 0 [pid 5078] getdents64(4, [pid 6424] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5080] openat(AT_FDCWD, "./263", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4 [pid 5080] <... openat resumed>) = 3 [pid 5079] <... openat resumed>) = 3 [pid 5080] newfstatat(3, "", [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./263/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./263/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./263/binderfs") = 0 [pid 5080] umount2("./263/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5078] <... close resumed>) = 0 [pid 5080] umount2("./263/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./263/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./263/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./263/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] rmdir("./267/file0" [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./263/file0") = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6425] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] close(3 [pid 5078] getdents64(3, [pid 5080] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3 [pid 5080] rmdir("./263" [pid 5078] <... close resumed>) = 0 [pid 5078] rmdir("./267" [pid 5080] <... rmdir resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5078] mkdir("./268", 0777 [ 269.382779][ T6424] loop0: detected capacity change from 0 to 4096 [ 269.415294][ T6424] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5080] mkdir("./264", 0777) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 6425] <... write resumed>) = 2097152 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6425] munmap(0x7f3feae00000, 138412032 [pid 5080] <... openat resumed>) = 3 [pid 5078] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5079] <... ioctl resumed>) = 0 [pid 6425] <... munmap resumed>) = 0 [pid 6425] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6424] <... mount resumed>) = 0 [pid 5079] close(3 [pid 5078] <... ioctl resumed>) = 0 [pid 6425] <... openat resumed>) = 4 [pid 6425] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... close resumed>) = 0 [pid 6424] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] close(3 [pid 6424] <... openat resumed>) = 3 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... close resumed>) = 0 [pid 6424] chdir("./file0" [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6424] <... chdir resumed>) = 0 [pid 6424] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6427 ./strace-static-x86_64: Process 6426 attached [pid 6424] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6426 [pid 6424] exit_group(0) = ? ./strace-static-x86_64: Process 6427 attached [pid 6426] set_robust_list(0x555556d3f660, 24 [pid 6424] +++ exited with 0 +++ [pid 5080] <... ioctl resumed>) = 0 [pid 6427] set_robust_list(0x555556d3f660, 24 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6424, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 6427] <... set_robust_list resumed>) = 0 [pid 6427] chdir("./268" [pid 5076] umount2("./263", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6427] <... chdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6427] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] openat(AT_FDCWD, "./263", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6427] <... prctl resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 6427] setpgid(0, 0 [pid 5076] newfstatat(3, "", [pid 6427] <... setpgid resumed>) = 0 [pid 6427] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6427] <... openat resumed>) = 3 [pid 5076] getdents64(3, [pid 6427] write(3, "1000", 4) = 4 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6427] close(3 [pid 5076] umount2("./263/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6427] <... close resumed>) = 0 [pid 6426] <... set_robust_list resumed>) = 0 [pid 6427] symlink("/dev/binderfs", "./binderfs" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6427] <... symlink resumed>) = 0 [pid 6427] memfd_create("syzkaller", 0 [pid 5076] newfstatat(AT_FDCWD, "./263/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6425] <... ioctl resumed>) = 0 [pid 5076] unlink("./263/binderfs" [pid 6425] close(3 [pid 5076] <... unlink resumed>) = 0 [pid 6425] <... close resumed>) = 0 [pid 5076] umount2("./263/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6425] close(4 [pid 6427] <... memfd_create resumed>) = 3 [pid 6426] chdir("./265" [pid 6425] <... close resumed>) = 0 [pid 6426] <... chdir resumed>) = 0 [pid 6425] mkdir("./file0", 0777 [pid 6427] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6425] <... mkdir resumed>) = 0 [ 269.525173][ T6425] loop1: detected capacity change from 0 to 4096 [pid 6426] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5080] close(3 [pid 6426] setpgid(0, 0 [pid 5080] <... close resumed>) = 0 [pid 6426] <... setpgid resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6426] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6427] <... mmap resumed>) = 0x7f3feae00000 [pid 6426] <... openat resumed>) = 3 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6428 [pid 6426] write(3, "1000", 4 [pid 6425] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6426] <... write resumed>) = 4 ./strace-static-x86_64: Process 6428 attached [pid 6426] close(3 [pid 5076] <... umount2 resumed>) = 0 [pid 6426] <... close resumed>) = 0 [pid 5076] umount2("./263/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6428] set_robust_list(0x555556d3f660, 24 [pid 6426] symlink("/dev/binderfs", "./binderfs" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6428] <... set_robust_list resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./263/file0", [pid 6428] chdir("./264" [pid 6426] <... symlink resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6428] <... chdir resumed>) = 0 [pid 5076] umount2("./263/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6428] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6428] <... prctl resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./263/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6428] setpgid(0, 0) = 0 [pid 6428] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] <... openat resumed>) = 4 [pid 6428] <... openat resumed>) = 3 [pid 6428] write(3, "1000", 4 [pid 5076] newfstatat(4, "", [pid 6428] <... write resumed>) = 4 [pid 6428] close(3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6428] <... close resumed>) = 0 [pid 6428] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6428] memfd_create("syzkaller", 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./263/file0") = 0 [pid 5076] getdents64(3, [pid 6428] <... memfd_create resumed>) = 3 [pid 6426] memfd_create("syzkaller", 0 [pid 6428] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./263" [pid 6426] <... memfd_create resumed>) = 3 [pid 5076] <... rmdir resumed>) = 0 [pid 5076] mkdir("./264", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6426] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... openat resumed>) = 3 [pid 6426] <... mmap resumed>) = 0x7f3feae00000 [pid 5076] ioctl(3, LOOP_CLR_FD [ 269.604975][ T6425] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6427] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6428] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6427] <... write resumed>) = 2097152 [pid 6426] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] <... ioctl resumed>) = 0 [pid 6427] munmap(0x7f3feae00000, 138412032 [pid 6425] <... mount resumed>) = 0 [pid 6427] <... munmap resumed>) = 0 [pid 6425] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5076] close(3) = 0 [pid 6425] chdir("./file0" [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6427] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6425] <... chdir resumed>) = 0 [pid 6427] <... openat resumed>) = 4 [pid 6425] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6425] exit_group(0 [pid 6427] ioctl(4, LOOP_SET_FD, 3 [pid 6425] <... exit_group resumed>) = ? [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6429 ./strace-static-x86_64: Process 6429 attached [pid 6425] +++ exited with 0 +++ [pid 6429] set_robust_list(0x555556d3f660, 24) = 0 [pid 6429] chdir("./264" [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6425, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5077] umount2("./266", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6429] <... chdir resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./266", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6429] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] newfstatat(3, "", [pid 6429] <... prctl resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6429] setpgid(0, 0) = 0 [pid 5077] getdents64(3, [pid 6429] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./266/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./266/binderfs", [pid 6426] <... write resumed>) = 2097152 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6429] <... openat resumed>) = 3 [pid 6427] <... ioctl resumed>) = 0 [pid 5077] unlink("./266/binderfs" [pid 6429] write(3, "1000", 4 [pid 6427] close(3 [pid 6426] munmap(0x7f3feae00000, 138412032 [pid 5077] <... unlink resumed>) = 0 [pid 6429] <... write resumed>) = 4 [pid 6427] <... close resumed>) = 0 [pid 5077] umount2("./266/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6429] close(3 [pid 6427] close(4 [ 269.789955][ T6427] loop2: detected capacity change from 0 to 4096 [pid 6429] <... close resumed>) = 0 [pid 6428] <... write resumed>) = 2097152 [pid 6427] <... close resumed>) = 0 [pid 6426] <... munmap resumed>) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 6429] symlink("/dev/binderfs", "./binderfs" [pid 6427] mkdir("./file0", 0777 [pid 6429] <... symlink resumed>) = 0 [pid 6427] <... mkdir resumed>) = 0 [pid 6426] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6426] ioctl(4, LOOP_SET_FD, 3 [pid 6427] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5077] umount2("./266/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6428] munmap(0x7f3feae00000, 138412032 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./266/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6426] <... ioctl resumed>) = 0 [pid 6426] close(3) = 0 [pid 6426] close(4) = 0 [pid 6429] memfd_create("syzkaller", 0 [pid 6428] <... munmap resumed>) = 0 [pid 5077] umount2("./266/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6428] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./266/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6428] <... openat resumed>) = 4 [pid 5077] <... openat resumed>) = 4 [pid 6428] ioctl(4, LOOP_SET_FD, 3 [pid 6429] <... memfd_create resumed>) = 3 [pid 5077] newfstatat(4, "", [pid 6426] mkdir("./file0", 0777) = 0 [pid 6426] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6429] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6428] <... ioctl resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6428] close(3 [pid 6429] <... mmap resumed>) = 0x7f3feae00000 [pid 6428] <... close resumed>) = 0 [pid 5077] getdents64(4, [pid 6428] close(4 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6428] <... close resumed>) = 0 [pid 6428] mkdir("./file0", 0777 [pid 5077] getdents64(4, [pid 6428] <... mkdir resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./266/file0") = 0 [ 269.832220][ T6426] loop3: detected capacity change from 0 to 4096 [ 269.844863][ T6427] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 269.865232][ T6428] loop4: detected capacity change from 0 to 4096 [ 269.871085][ T6426] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5077] getdents64(3, [pid 6428] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./266") = 0 [pid 5077] mkdir("./267", 0777) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6427] <... mount resumed>) = 0 [pid 6427] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6427] chdir("./file0") = 0 [ 269.899120][ T6428] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6427] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6427] exit_group(0) = ? [pid 6427] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6427, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 6426] <... mount resumed>) = 0 [pid 5078] umount2("./268", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6429] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6426] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6426] <... openat resumed>) = 3 [pid 5078] openat(AT_FDCWD, "./268", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6426] chdir("./file0") = 0 [pid 5078] newfstatat(3, "", [pid 6426] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6426] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6426] exit_group(0) = ? [pid 5078] getdents64(3, [pid 6426] +++ exited with 0 +++ [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] <... ioctl resumed>) = 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6426, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5079] umount2("./265", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] umount2("./268/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] openat(AT_FDCWD, "./265", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(3, "", [pid 5078] newfstatat(AT_FDCWD, "./268/binderfs", [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] close(3 [pid 5079] getdents64(3, [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./268/binderfs" [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./265/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./265/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./265/binderfs" [pid 5078] <... unlink resumed>) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 5078] umount2("./268/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... close resumed>) = 0 [pid 5079] umount2("./265/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6430 attached [pid 6430] set_robust_list(0x555556d3f660, 24) = 0 [pid 6430] chdir("./267") = 0 [pid 6430] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6430 [pid 6430] <... prctl resumed>) = 0 [pid 6430] setpgid(0, 0) = 0 [pid 6430] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6430] write(3, "1000", 4) = 4 [pid 5079] <... umount2 resumed>) = 0 [pid 5079] umount2("./265/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./265/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./265/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./265/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6430] close(3 [pid 5079] <... openat resumed>) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6430] <... close resumed>) = 0 [pid 5079] getdents64(4, [pid 6430] symlink("/dev/binderfs", "./binderfs" [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6430] <... symlink resumed>) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./265/file0" [pid 6430] memfd_create("syzkaller", 0 [pid 6428] <... mount resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5078] umount2("./268/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6428] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6428] <... openat resumed>) = 3 [pid 5079] getdents64(3, [pid 5078] newfstatat(AT_FDCWD, "./268/file0", [pid 6428] chdir("./file0" [pid 6430] <... memfd_create resumed>) = 3 [pid 6428] <... chdir resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6428] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] umount2("./268/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6430] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6429] <... write resumed>) = 2097152 [pid 6428] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] close(3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6430] <... mmap resumed>) = 0x7f3feae00000 [pid 6428] exit_group(0 [pid 5078] openat(AT_FDCWD, "./268/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6429] munmap(0x7f3feae00000, 138412032 [pid 6428] <... exit_group resumed>) = ? [pid 5079] <... close resumed>) = 0 [pid 5078] <... openat resumed>) = 4 [pid 5079] rmdir("./265" [pid 5078] newfstatat(4, "", [pid 5079] <... rmdir resumed>) = 0 [pid 5079] mkdir("./266", 0777) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6429] <... munmap resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6428] +++ exited with 0 +++ [pid 5078] getdents64(4, [pid 6429] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6428, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 6429] <... openat resumed>) = 4 [pid 5080] restart_syscall(<... resuming interrupted clone ...> [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6429] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... restart_syscall resumed>) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./268/file0") = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./268") = 0 [pid 5078] mkdir("./269", 0777) = 0 [pid 6429] <... ioctl resumed>) = 0 [pid 5080] umount2("./264", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... ioctl resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./264", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6430] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6429] close(3 [pid 5080] <... openat resumed>) = 3 [pid 5079] close(3 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6429] <... close resumed>) = 0 [pid 5080] newfstatat(3, "", [pid 5079] <... close resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 6429] close(4 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6429] <... close resumed>) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6429] mkdir("./file0", 0777 [pid 5080] umount2("./264/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6429] <... mkdir resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6429] mount("/dev/loop0", "./file0", "ntfs3", 0, ""./strace-static-x86_64: Process 6431 attached [pid 5080] newfstatat(AT_FDCWD, "./264/binderfs", [pid 6431] set_robust_list(0x555556d3f660, 24 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 270.103225][ T6429] loop0: detected capacity change from 0 to 4096 [pid 6431] <... set_robust_list resumed>) = 0 [pid 5080] unlink("./264/binderfs" [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6431 [pid 5080] <... unlink resumed>) = 0 [pid 6431] chdir("./266" [pid 5080] umount2("./264/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6431] <... chdir resumed>) = 0 [pid 6431] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] <... umount2 resumed>) = 0 [pid 6431] <... prctl resumed>) = 0 [pid 6431] setpgid(0, 0 [pid 5080] umount2("./264/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6431] <... setpgid resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6431] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] newfstatat(AT_FDCWD, "./264/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6431] <... openat resumed>) = 3 [pid 5080] umount2("./264/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./264/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6431] write(3, "1000", 4 [pid 5080] <... openat resumed>) = 4 [pid 6431] <... write resumed>) = 4 [pid 5080] newfstatat(4, "", [pid 6431] close(3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6431] <... close resumed>) = 0 [pid 5080] getdents64(4, [ 270.155569][ T6429] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6431] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6431] memfd_create("syzkaller", 0) = 3 [pid 6430] <... write resumed>) = 2097152 [pid 5080] getdents64(4, [pid 6431] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6430] munmap(0x7f3feae00000, 138412032 [pid 6431] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] close(4 [pid 6430] <... munmap resumed>) = 0 [pid 6430] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... close resumed>) = 0 [pid 6430] <... openat resumed>) = 4 [pid 6430] ioctl(4, LOOP_SET_FD, 3 [pid 5080] rmdir("./264/file0") = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5080] rmdir("./264") = 0 [pid 5078] close(3 [pid 5080] mkdir("./265", 0777 [pid 5078] <... close resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] <... mkdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6430] <... ioctl resumed>) = 0 [pid 6429] <... mount resumed>) = 0 [pid 5080] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6432 attached [pid 6430] close(3 [pid 6429] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6432] set_robust_list(0x555556d3f660, 24 [pid 6430] <... close resumed>) = 0 [pid 6429] <... openat resumed>) = 3 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6432 [pid 6432] <... set_robust_list resumed>) = 0 [pid 6430] close(4 [pid 6429] chdir("./file0" [pid 6430] <... close resumed>) = 0 [pid 6429] <... chdir resumed>) = 0 [pid 6430] mkdir("./file0", 0777 [pid 6429] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6430] <... mkdir resumed>) = 0 [pid 6429] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6429] exit_group(0) = ? [pid 6432] chdir("./269" [pid 6429] +++ exited with 0 +++ [pid 6432] <... chdir resumed>) = 0 [pid 6430] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6429, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 6432] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 6432] <... prctl resumed>) = 0 [pid 5076] <... restart_syscall resumed>) = 0 [ 270.242938][ T6430] loop1: detected capacity change from 0 to 4096 [pid 6432] setpgid(0, 0) = 0 [pid 6431] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] umount2("./264", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./264", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./264/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./264/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./264/binderfs") = 0 [pid 5076] umount2("./264/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6432] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] <... umount2 resumed>) = 0 [pid 5076] umount2("./264/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6432] <... openat resumed>) = 3 [pid 6432] write(3, "1000", 4 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./264/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./264/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./264/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6432] <... write resumed>) = 4 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 6432] close(3 [pid 5076] <... close resumed>) = 0 [pid 6432] <... close resumed>) = 0 [pid 6432] symlink("/dev/binderfs", "./binderfs" [pid 5076] rmdir("./264/file0" [pid 6432] <... symlink resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6432] memfd_create("syzkaller", 0 [pid 5076] close(3 [pid 6432] <... memfd_create resumed>) = 3 [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./264") = 0 [pid 5076] mkdir("./265", 0777) = 0 [pid 6432] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [ 270.290830][ T6430] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5080] <... ioctl resumed>) = 0 [pid 6431] <... write resumed>) = 2097152 [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6431] munmap(0x7f3feae00000, 138412032 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6433 ./strace-static-x86_64: Process 6433 attached [pid 6433] set_robust_list(0x555556d3f660, 24 [pid 6431] <... munmap resumed>) = 0 [pid 6430] <... mount resumed>) = 0 [pid 6433] <... set_robust_list resumed>) = 0 [pid 6433] chdir("./265") = 0 [pid 6431] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6433] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6433] setpgid(0, 0 [pid 6432] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6431] <... openat resumed>) = 4 [pid 6433] <... setpgid resumed>) = 0 [pid 6430] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6433] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6431] ioctl(4, LOOP_SET_FD, 3 [pid 6430] chdir("./file0") = 0 [pid 6430] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6431] <... ioctl resumed>) = 0 [pid 6430] exit_group(0 [pid 6433] <... openat resumed>) = 3 [pid 6430] <... exit_group resumed>) = ? [pid 6433] write(3, "1000", 4 [pid 6430] +++ exited with 0 +++ [pid 6433] <... write resumed>) = 4 [pid 6433] close(3 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6430, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 6433] <... close resumed>) = 0 [pid 6431] close(3 [pid 5077] restart_syscall(<... resuming interrupted clone ...> [pid 6431] <... close resumed>) = 0 [pid 5077] <... restart_syscall resumed>) = 0 [pid 6431] close(4) = 0 [pid 5077] umount2("./267", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./267", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./267/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6433] symlink("/dev/binderfs", "./binderfs" [pid 6431] mkdir("./file0", 0777 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... ioctl resumed>) = 0 [pid 6433] <... symlink resumed>) = 0 [pid 6431] <... mkdir resumed>) = 0 [ 270.439901][ T6431] loop3: detected capacity change from 0 to 4096 [pid 5077] newfstatat(AT_FDCWD, "./267/binderfs", [pid 6431] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5076] close(3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./267/binderfs" [pid 5076] <... close resumed>) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6433] memfd_create("syzkaller", 0 [pid 5077] umount2("./267/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6433] <... memfd_create resumed>) = 3 [pid 6433] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 6434 attached ) = 0x7f3feae00000 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6434 [pid 6434] set_robust_list(0x555556d3f660, 24) = 0 [pid 6434] chdir("./265") = 0 [pid 6434] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6434] setpgid(0, 0 [pid 6432] <... write resumed>) = 2097152 [pid 5077] <... umount2 resumed>) = 0 [pid 6434] <... setpgid resumed>) = 0 [pid 6434] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5077] umount2("./267/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6434] write(3, "1000", 4 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6434] <... write resumed>) = 4 [ 270.486280][ T6431] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5077] newfstatat(AT_FDCWD, "./267/file0", [pid 6434] close(3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6434] <... close resumed>) = 0 [pid 5077] umount2("./267/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6434] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6434] <... symlink resumed>) = 0 [pid 5077] openat(AT_FDCWD, "./267/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", [pid 6434] memfd_create("syzkaller", 0 [pid 6432] munmap(0x7f3feae00000, 138412032 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./267/file0") = 0 [pid 6434] <... memfd_create resumed>) = 3 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 6434] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] rmdir("./267" [pid 6434] <... mmap resumed>) = 0x7f3feae00000 [pid 6432] <... munmap resumed>) = 0 [pid 6431] <... mount resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 6432] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6431] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6432] <... openat resumed>) = 4 [pid 5077] mkdir("./268", 0777 [pid 6432] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... mkdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6432] <... ioctl resumed>) = 0 [pid 6432] close(3) = 0 [pid 6432] close(4) = 0 [pid 6431] <... openat resumed>) = 3 [pid 6432] mkdir("./file0", 0777 [pid 6431] chdir("./file0" [pid 6433] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6432] <... mkdir resumed>) = 0 [pid 6431] <... chdir resumed>) = 0 [pid 6431] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6432] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6431] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6431] exit_group(0) = ? [pid 6431] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6431, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5079] umount2("./266", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./266", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, [pid 6433] <... write resumed>) = 2097152 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./266/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 270.571325][ T6432] loop2: detected capacity change from 0 to 4096 [ 270.604216][ T6432] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5079] newfstatat(AT_FDCWD, "./266/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6433] munmap(0x7f3feae00000, 138412032 [pid 5079] unlink("./266/binderfs") = 0 [pid 5079] umount2("./266/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6434] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6433] <... munmap resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6435 ./strace-static-x86_64: Process 6435 attached [pid 6435] set_robust_list(0x555556d3f660, 24) = 0 [pid 6435] chdir("./268") = 0 [pid 6435] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6435] setpgid(0, 0) = 0 [pid 6435] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6433] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6435] <... openat resumed>) = 3 [pid 6433] ioctl(4, LOOP_SET_FD, 3 [pid 6435] write(3, "1000", 4) = 4 [pid 6435] close(3 [pid 5079] <... umount2 resumed>) = 0 [pid 5079] umount2("./266/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6432] <... mount resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./266/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./266/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6432] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6435] <... close resumed>) = 0 [pid 6432] <... openat resumed>) = 3 [pid 5079] openat(AT_FDCWD, "./266/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6435] symlink("/dev/binderfs", "./binderfs" [pid 6432] chdir("./file0" [pid 5079] <... openat resumed>) = 4 [pid 6435] <... symlink resumed>) = 0 [pid 6432] <... chdir resumed>) = 0 [pid 5079] newfstatat(4, "", [pid 6432] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6435] memfd_create("syzkaller", 0 [pid 6433] <... ioctl resumed>) = 0 [pid 6432] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] getdents64(4, [pid 6433] close(3 [pid 6432] exit_group(0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6433] <... close resumed>) = 0 [pid 6432] <... exit_group resumed>) = ? [pid 5079] getdents64(4, [pid 6433] close(4 [pid 6432] +++ exited with 0 +++ [pid 6433] <... close resumed>) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6432, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=7 /* 0.07 s */} --- [pid 6435] <... memfd_create resumed>) = 3 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] umount2("./269", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6435] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6433] mkdir("./file0", 0777 [pid 5079] close(4 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6435] <... mmap resumed>) = 0x7f3feae00000 [pid 5079] <... close resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./269", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 270.696418][ T6433] loop4: detected capacity change from 0 to 4096 [pid 5079] rmdir("./266/file0" [pid 6433] <... mkdir resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 6433] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5078] newfstatat(3, "", [pid 5079] getdents64(3, [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] getdents64(3, [pid 5079] close(3) = 0 [pid 5079] rmdir("./266") = 0 [pid 5079] mkdir("./267", 0777) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] <... openat resumed>) = 3 [pid 5078] umount2("./269/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./269/binderfs", [pid 6434] <... write resumed>) = 2097152 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./269/binderfs") = 0 [pid 6434] munmap(0x7f3feae00000, 138412032 [pid 5078] umount2("./269/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6434] <... munmap resumed>) = 0 [pid 6434] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] <... umount2 resumed>) = 0 [pid 6434] <... openat resumed>) = 4 [pid 5078] umount2("./269/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6434] ioctl(4, LOOP_SET_FD, 3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./269/file0", [pid 6434] <... ioctl resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6434] close(3 [pid 5078] umount2("./269/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6434] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6434] close(4 [pid 5078] openat(AT_FDCWD, "./269/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6434] <... close resumed>) = 0 [pid 6434] mkdir("./file0", 0777 [pid 5078] <... openat resumed>) = 4 [pid 6434] <... mkdir resumed>) = 0 [pid 5078] newfstatat(4, "", [pid 6434] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 270.758448][ T6433] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 270.789002][ T6434] loop0: detected capacity change from 0 to 4096 [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./269/file0") = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./269") = 0 [pid 5078] mkdir("./270", 0777) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5079] <... ioctl resumed>) = 0 [ 270.807775][ T6434] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5079] close(3 [pid 6435] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6433] <... mount resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 6433] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6433] <... openat resumed>) = 3 [pid 6433] chdir("./file0") = 0 [pid 6433] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6433] exit_group(0) = ? [pid 6433] +++ exited with 0 +++ [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6436 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6433, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5080] restart_syscall(<... resuming interrupted clone ...>) = 0 ./strace-static-x86_64: Process 6436 attached [pid 6436] set_robust_list(0x555556d3f660, 24) = 0 [pid 6434] <... mount resumed>) = 0 [pid 5080] umount2("./265", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6436] chdir("./267" [pid 6434] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... ioctl resumed>) = 0 [pid 6434] <... openat resumed>) = 3 [pid 5080] openat(AT_FDCWD, "./265", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6436] <... chdir resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 6436] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6436] <... prctl resumed>) = 0 [pid 5080] getdents64(3, [pid 6436] setpgid(0, 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./265/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6436] <... setpgid resumed>) = 0 [pid 6434] chdir("./file0" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6434] <... chdir resumed>) = 0 [pid 5078] close(3 [pid 6434] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6436] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] newfstatat(AT_FDCWD, "./265/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./265/binderfs") = 0 [pid 6436] <... openat resumed>) = 3 [pid 5080] umount2("./265/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6434] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... umount2 resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 6436] write(3, "1000", 4) = 4 [pid 6436] close(3) = 0 [pid 6436] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6434] exit_group(0 [pid 5080] umount2("./265/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6434] <... exit_group resumed>) = ? [pid 6436] memfd_create("syzkaller", 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./265/file0", [pid 6434] +++ exited with 0 +++ [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6437 attached [pid 5080] umount2("./265/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6437 [pid 6437] set_robust_list(0x555556d3f660, 24 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./265/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6434, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 6437] <... set_robust_list resumed>) = 0 [pid 6436] <... memfd_create resumed>) = 3 [pid 5080] <... openat resumed>) = 4 [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 6437] chdir("./270" [pid 6436] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] newfstatat(4, "", [pid 5076] <... restart_syscall resumed>) = 0 [pid 6436] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6437] <... chdir resumed>) = 0 [pid 5080] getdents64(4, [pid 6437] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] umount2("./265", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6437] <... prctl resumed>) = 0 [pid 5080] getdents64(4, [pid 6435] <... write resumed>) = 2097152 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] close(4 [pid 6437] setpgid(0, 0 [pid 5076] openat(AT_FDCWD, "./265", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6435] munmap(0x7f3feae00000, 138412032 [pid 5080] <... close resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 6437] <... setpgid resumed>) = 0 [pid 5080] rmdir("./265/file0" [pid 5076] newfstatat(3, "", [pid 5080] <... rmdir resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6437] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] getdents64(3, [pid 5076] getdents64(3, [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] close(3 [pid 5076] umount2("./265/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6437] <... openat resumed>) = 3 [pid 5080] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] rmdir("./265" [pid 5076] newfstatat(AT_FDCWD, "./265/binderfs", [pid 6437] write(3, "1000", 4 [pid 5080] <... rmdir resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./265/binderfs") = 0 [pid 6437] <... write resumed>) = 4 [pid 5080] mkdir("./266", 0777 [pid 5076] umount2("./265/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6437] close(3 [pid 5080] <... mkdir resumed>) = 0 [pid 6437] <... close resumed>) = 0 [pid 6435] <... munmap resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 6437] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6437] memfd_create("syzkaller", 0 [pid 6436] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6435] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] umount2("./265/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6437] <... memfd_create resumed>) = 3 [pid 6435] <... openat resumed>) = 4 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6437] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] newfstatat(AT_FDCWD, "./265/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6437] <... mmap resumed>) = 0x7f3feae00000 [pid 6435] ioctl(4, LOOP_SET_FD, 3 [pid 6436] <... write resumed>) = 2097152 [pid 5076] umount2("./265/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./265/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./265/file0") = 0 [pid 6436] munmap(0x7f3feae00000, 138412032 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./265") = 0 [pid 6435] <... ioctl resumed>) = 0 [pid 6435] close(3) = 0 [pid 6436] <... munmap resumed>) = 0 [pid 5076] mkdir("./266", 0777 [pid 6435] close(4 [pid 6436] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6436] ioctl(4, LOOP_SET_FD, 3 [pid 6435] <... close resumed>) = 0 [pid 6435] mkdir("./file0", 0777 [pid 5076] <... mkdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6435] <... mkdir resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6435] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6436] <... ioctl resumed>) = 0 [pid 6436] close(3) = 0 [ 271.034808][ T6435] loop1: detected capacity change from 0 to 4096 [ 271.057234][ T6436] loop3: detected capacity change from 0 to 4096 [ 271.075865][ T6435] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6436] close(4) = 0 [pid 6436] mkdir("./file0", 0777) = 0 [pid 6436] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5080] <... ioctl resumed>) = 0 [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6438 attached [pid 6437] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6438 [pid 5076] <... ioctl resumed>) = 0 [pid 6438] set_robust_list(0x555556d3f660, 24) = 0 [pid 5076] close(3 [pid 6438] chdir("./266" [pid 5076] <... close resumed>) = 0 [pid 6438] <... chdir resumed>) = 0 [pid 6438] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6438] <... prctl resumed>) = 0 [pid 6438] setpgid(0, 0./strace-static-x86_64: Process 6439 attached ) = 0 [pid 6439] set_robust_list(0x555556d3f660, 24 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6439 [pid 6439] <... set_robust_list resumed>) = 0 [pid 6439] chdir("./266") = 0 [ 271.094563][ T6436] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6438] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6439] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6438] <... openat resumed>) = 3 [pid 6439] <... prctl resumed>) = 0 [pid 6438] write(3, "1000", 4 [pid 6439] setpgid(0, 0 [pid 6438] <... write resumed>) = 4 [pid 6438] close(3) = 0 [pid 6438] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6438] memfd_create("syzkaller", 0) = 3 [pid 6438] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6439] <... setpgid resumed>) = 0 [pid 6439] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6439] write(3, "1000", 4) = 4 [pid 6439] close(3) = 0 [pid 6439] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6439] memfd_create("syzkaller", 0) = 3 [pid 6439] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6435] <... mount resumed>) = 0 [pid 6437] <... write resumed>) = 2097152 [pid 6436] <... mount resumed>) = 0 [pid 6435] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6436] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6435] chdir("./file0" [pid 6436] <... openat resumed>) = 3 [pid 6435] <... chdir resumed>) = 0 [pid 6436] chdir("./file0" [pid 6435] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6436] <... chdir resumed>) = 0 [pid 6435] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6436] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6435] exit_group(0) = ? [pid 6436] exit_group(0) = ? [pid 6437] munmap(0x7f3feae00000, 138412032 [pid 6436] +++ exited with 0 +++ [pid 6435] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6436, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6435, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=10 /* 0.10 s */} --- [pid 5079] umount2("./267", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6437] <... munmap resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] umount2("./268", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./267", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", [pid 5077] openat(AT_FDCWD, "./268", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, [pid 5079] getdents64(3, [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./268/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] umount2("./267/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./268/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./268/binderfs" [pid 6437] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] <... unlink resumed>) = 0 [pid 6437] <... openat resumed>) = 4 [pid 5079] newfstatat(AT_FDCWD, "./267/binderfs", [pid 5077] umount2("./268/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6437] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./267/binderfs") = 0 [pid 5079] umount2("./267/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6437] <... ioctl resumed>) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 6438] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6437] close(3 [pid 5079] <... umount2 resumed>) = 0 [pid 6437] <... close resumed>) = 0 [pid 5079] umount2("./267/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] umount2("./268/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6439] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6437] close(4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./268/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6437] <... close resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./267/file0", [pid 5077] umount2("./268/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6437] mkdir("./file0", 0777 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6437] <... mkdir resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] openat(AT_FDCWD, "./268/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] umount2("./267/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... openat resumed>) = 4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(4, "", [pid 5079] openat(AT_FDCWD, "./267/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... openat resumed>) = 4 [pid 5077] getdents64(4, [pid 5079] newfstatat(4, "", [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, [ 271.280994][ T6437] loop2: detected capacity change from 0 to 4096 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] getdents64(4, [pid 5077] close(4 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] <... close resumed>) = 0 [pid 5079] close(4 [pid 5077] rmdir("./268/file0" [pid 6437] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5079] <... close resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5079] rmdir("./267/file0") = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5079] close(3 [pid 5077] rmdir("./268" [pid 5079] <... close resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5079] rmdir("./267" [pid 5077] mkdir("./269", 0777 [pid 5079] <... rmdir resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] mkdir("./268", 0777 [pid 5077] <... openat resumed>) = 3 [pid 5079] <... mkdir resumed>) = 0 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6439] <... write resumed>) = 2097152 [pid 6439] munmap(0x7f3feae00000, 138412032 [pid 6438] <... write resumed>) = 2097152 [ 271.335241][ T6437] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6438] munmap(0x7f3feae00000, 138412032 [pid 6439] <... munmap resumed>) = 0 [pid 6438] <... munmap resumed>) = 0 [pid 6437] <... mount resumed>) = 0 [pid 6439] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6438] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6439] <... openat resumed>) = 4 [pid 6437] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6438] <... openat resumed>) = 4 [pid 6437] <... openat resumed>) = 3 [pid 6439] ioctl(4, LOOP_SET_FD, 3 [pid 6438] ioctl(4, LOOP_SET_FD, 3 [pid 6437] chdir("./file0") = 0 [pid 6437] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6439] <... ioctl resumed>) = 0 [pid 6437] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6439] close(3 [pid 6437] exit_group(0 [pid 6439] <... close resumed>) = 0 [pid 6439] close(4) = 0 [pid 6437] <... exit_group resumed>) = ? [pid 6439] mkdir("./file0", 0777 [pid 6437] +++ exited with 0 +++ [pid 6439] <... mkdir resumed>) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6437, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5078] umount2("./270", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... ioctl resumed>) = 0 [pid 6439] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6438] <... ioctl resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6438] close(3 [pid 5078] openat(AT_FDCWD, "./270", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6438] <... close resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5077] close(3 [pid 6438] close(4 [pid 5078] newfstatat(3, "", [pid 5077] <... close resumed>) = 0 [ 271.423683][ T6439] loop0: detected capacity change from 0 to 4096 [ 271.425157][ T6438] loop4: detected capacity change from 0 to 4096 [pid 6438] <... close resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6440 ./strace-static-x86_64: Process 6440 attached [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6438] mkdir("./file0", 0777 [pid 6440] set_robust_list(0x555556d3f660, 24 [pid 5079] close(3 [pid 5078] getdents64(3, [pid 6440] <... set_robust_list resumed>) = 0 [pid 6440] chdir("./269" [pid 6438] <... mkdir resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 6438] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6440] <... chdir resumed>) = 0 [pid 5078] umount2("./270/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6440] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6440] setpgid(0, 0) = 0 [pid 6440] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 6441 attached ) = 3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6441 [pid 6441] set_robust_list(0x555556d3f660, 24) = 0 [pid 6440] write(3, "1000", 4 [pid 6441] chdir("./268" [pid 6440] <... write resumed>) = 4 [pid 5078] newfstatat(AT_FDCWD, "./270/binderfs", [pid 6441] <... chdir resumed>) = 0 [pid 6441] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6440] close(3 [pid 6441] <... prctl resumed>) = 0 [pid 6440] <... close resumed>) = 0 [pid 6441] setpgid(0, 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6441] <... setpgid resumed>) = 0 [pid 6440] symlink("/dev/binderfs", "./binderfs" [pid 5078] unlink("./270/binderfs" [pid 6440] <... symlink resumed>) = 0 [pid 6441] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] <... unlink resumed>) = 0 [pid 6441] <... openat resumed>) = 3 [pid 6440] memfd_create("syzkaller", 0 [pid 5078] umount2("./270/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6441] write(3, "1000", 4) = 4 [pid 6441] close(3 [pid 6440] <... memfd_create resumed>) = 3 [pid 6440] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6441] <... close resumed>) = 0 [pid 6440] <... mmap resumed>) = 0x7f3feae00000 [pid 6441] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... umount2 resumed>) = 0 [pid 6441] <... symlink resumed>) = 0 [pid 5078] umount2("./270/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./270/file0", [pid 6441] memfd_create("syzkaller", 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6441] <... memfd_create resumed>) = 3 [pid 6441] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [ 271.473495][ T6439] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 271.499773][ T6438] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5078] umount2("./270/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6441] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./270/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./270/file0") = 0 [pid 6438] <... mount resumed>) = 0 [pid 6440] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] getdents64(3, [pid 6438] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3 [pid 6438] <... openat resumed>) = 3 [pid 6438] chdir("./file0" [pid 5078] <... close resumed>) = 0 [pid 6438] <... chdir resumed>) = 0 [pid 6438] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] rmdir("./270") = 0 [pid 6438] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6438] exit_group(0 [pid 5078] mkdir("./271", 0777 [pid 6438] <... exit_group resumed>) = ? [pid 5078] <... mkdir resumed>) = 0 [pid 6438] +++ exited with 0 +++ [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6438, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5078] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5080] umount2("./266", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./266", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, [pid 6439] <... mount resumed>) = 0 [pid 6439] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6439] chdir("./file0") = 0 [pid 6439] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6440] <... write resumed>) = 2097152 [pid 6439] exit_group(0 [pid 6440] munmap(0x7f3feae00000, 138412032 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6439] <... exit_group resumed>) = ? [pid 5080] umount2("./266/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./266/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6440] <... munmap resumed>) = 0 [pid 5080] unlink("./266/binderfs") = 0 [pid 5080] umount2("./266/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6440] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6439] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6439, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 6441] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6440] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... umount2 resumed>) = 0 [pid 5076] umount2("./266", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6440] <... ioctl resumed>) = 0 [pid 5080] umount2("./266/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./266", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6441] <... write resumed>) = 2097152 [pid 5080] newfstatat(AT_FDCWD, "./266/file0", [pid 5076] <... openat resumed>) = 3 [pid 5076] newfstatat(3, "", [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6440] close(3 [pid 5076] getdents64(3, [pid 6441] munmap(0x7f3feae00000, 138412032 [pid 5080] umount2("./266/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... ioctl resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6440] <... close resumed>) = 0 [pid 5076] umount2("./266/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6440] close(4 [pid 6441] <... munmap resumed>) = 0 [pid 6440] <... close resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] close(3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./266/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] newfstatat(AT_FDCWD, "./266/binderfs", [pid 6440] mkdir("./file0", 0777) = 0 [pid 6440] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6441] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] <... openat resumed>) = 4 [pid 5078] <... close resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] newfstatat(4, "", [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] unlink("./266/binderfs") = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, [pid 6441] <... openat resumed>) = 4 [ 271.692052][ T6440] loop1: detected capacity change from 0 to 4096 [ 271.729693][ T6440] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6441] ioctl(4, LOOP_SET_FD, 3 [pid 5080] getdents64(4, [pid 5076] umount2("./266/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6442 attached [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6442 [pid 5080] close(4) = 0 [pid 5080] rmdir("./266/file0") = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6442] set_robust_list(0x555556d3f660, 24 [pid 5080] close(3 [pid 6442] <... set_robust_list resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 6442] chdir("./271" [pid 5080] rmdir("./266" [pid 6442] <... chdir resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5076] umount2("./266/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6442] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6441] <... ioctl resumed>) = 0 [pid 6440] <... mount resumed>) = 0 [pid 5080] mkdir("./267", 0777 [pid 5076] newfstatat(AT_FDCWD, "./266/file0", [pid 6442] <... prctl resumed>) = 0 [pid 6441] close(3 [pid 6442] setpgid(0, 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6442] <... setpgid resumed>) = 0 [pid 6441] <... close resumed>) = 0 [pid 6440] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] umount2("./266/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6442] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6441] close(4 [pid 6440] <... openat resumed>) = 3 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6441] <... close resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./266/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6442] <... openat resumed>) = 3 [pid 6441] mkdir("./file0", 0777 [pid 6440] chdir("./file0" [pid 5080] <... openat resumed>) = 3 [pid 5076] <... openat resumed>) = 4 [pid 5076] newfstatat(4, "", [pid 6441] <... mkdir resumed>) = 0 [pid 6440] <... chdir resumed>) = 0 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6442] write(3, "1000", 4 [pid 6441] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6440] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6442] <... write resumed>) = 4 [pid 6440] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] getdents64(4, [pid 6440] exit_group(0 [pid 6442] close(3 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6442] <... close resumed>) = 0 [pid 6440] <... exit_group resumed>) = ? [ 271.747208][ T6441] loop3: detected capacity change from 0 to 4096 [pid 6442] symlink("/dev/binderfs", "./binderfs" [pid 6440] +++ exited with 0 +++ [pid 5076] getdents64(4, [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6440, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 6442] <... symlink resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./266/file0" [pid 6442] memfd_create("syzkaller", 0 [pid 5076] <... rmdir resumed>) = 0 [pid 6442] <... memfd_create resumed>) = 3 [pid 5077] umount2("./269", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, [pid 6442] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] close(3 [pid 5077] openat(AT_FDCWD, "./269", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6442] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] <... openat resumed>) = 3 [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./266" [pid 5077] newfstatat(3, "", [pid 5076] <... rmdir resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] mkdir("./267", 0777 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... mkdir resumed>) = 0 [pid 5077] umount2("./269/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./269/binderfs", [pid 5076] <... openat resumed>) = 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5077] unlink("./269/binderfs") = 0 [ 271.807767][ T6441] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5077] umount2("./269/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5077] umount2("./269/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./269/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./269/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6442] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] openat(AT_FDCWD, "./269/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./269/file0") = 0 [pid 5077] getdents64(3, [pid 5080] <... ioctl resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5080] close(3 [pid 5077] rmdir("./269" [pid 5076] <... ioctl resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6443 attached [pid 6443] set_robust_list(0x555556d3f660, 24) = 0 [pid 6443] chdir("./267") = 0 [pid 6443] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6443] setpgid(0, 0 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6443 [pid 5077] <... rmdir resumed>) = 0 [pid 6443] <... setpgid resumed>) = 0 [pid 6443] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6443] write(3, "1000", 4) = 4 [pid 6443] close(3) = 0 [pid 6443] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6442] <... write resumed>) = 2097152 [pid 6441] <... mount resumed>) = 0 [pid 5077] mkdir("./270", 0777 [pid 5076] close(3 [pid 6441] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6442] munmap(0x7f3feae00000, 138412032 [pid 6441] <... openat resumed>) = 3 [pid 5077] <... mkdir resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 6443] memfd_create("syzkaller", 0 [pid 6441] chdir("./file0" [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6441] <... chdir resumed>) = 0 [pid 6441] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6443] <... memfd_create resumed>) = 3 [pid 6443] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6441] <... openat resumed>) = -1 EBUSY (Device or resource busy) ./strace-static-x86_64: Process 6444 attached [pid 6443] <... mmap resumed>) = 0x7f3feae00000 [pid 6442] <... munmap resumed>) = 0 [pid 6441] exit_group(0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6444 [pid 6444] set_robust_list(0x555556d3f660, 24 [pid 6441] <... exit_group resumed>) = ? [pid 6441] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6441, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 6444] <... set_robust_list resumed>) = 0 [pid 6442] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6444] chdir("./267") = 0 [pid 6442] <... openat resumed>) = 4 [pid 6444] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6442] ioctl(4, LOOP_SET_FD, 3 [pid 5079] umount2("./268", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6444] <... prctl resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./268", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./268/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./268/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6444] setpgid(0, 0 [pid 5079] unlink("./268/binderfs" [pid 6444] <... setpgid resumed>) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 5079] umount2("./268/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6444] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6442] <... ioctl resumed>) = 0 [pid 6444] <... openat resumed>) = 3 [pid 6442] close(3 [pid 6444] write(3, "1000", 4 [pid 6442] <... close resumed>) = 0 [pid 6444] <... write resumed>) = 4 [pid 5079] <... umount2 resumed>) = 0 [pid 6444] close(3 [pid 6442] close(4 [pid 5079] umount2("./268/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6444] <... close resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6444] symlink("/dev/binderfs", "./binderfs" [pid 5079] newfstatat(AT_FDCWD, "./268/file0", [pid 6444] <... symlink resumed>) = 0 [pid 6443] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6442] <... close resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6442] mkdir("./file0", 0777) = 0 [pid 5079] umount2("./268/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 271.994475][ T6442] loop2: detected capacity change from 0 to 4096 [pid 6442] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6444] memfd_create("syzkaller", 0 [pid 5079] openat(AT_FDCWD, "./268/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6444] <... memfd_create resumed>) = 3 [pid 5079] <... openat resumed>) = 4 [pid 6444] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6444] <... mmap resumed>) = 0x7f3feae00000 [pid 5079] getdents64(4, [pid 5077] <... ioctl resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] close(3 [pid 5079] getdents64(4, [pid 5077] <... close resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] close(4) = 0 [pid 5079] rmdir("./268/file0"./strace-static-x86_64: Process 6445 attached ) = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6445 [pid 6445] set_robust_list(0x555556d3f660, 24 [ 272.043193][ T6442] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5079] getdents64(3, [pid 6445] <... set_robust_list resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3 [pid 6445] chdir("./270") = 0 [pid 5079] <... close resumed>) = 0 [pid 6445] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] rmdir("./268" [pid 6445] <... prctl resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 6445] setpgid(0, 0 [pid 5079] mkdir("./269", 0777 [pid 6445] <... setpgid resumed>) = 0 [pid 6445] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6442] <... mount resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 6445] <... openat resumed>) = 3 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6442] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... openat resumed>) = 3 [pid 6445] write(3, "1000", 4 [pid 6442] <... openat resumed>) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6442] chdir("./file0" [pid 6445] <... write resumed>) = 4 [pid 6442] <... chdir resumed>) = 0 [pid 6442] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6442] exit_group(0 [pid 6443] <... write resumed>) = 2097152 [pid 6445] close(3 [pid 6443] munmap(0x7f3feae00000, 138412032 [pid 6445] <... close resumed>) = 0 [pid 6442] <... exit_group resumed>) = ? [pid 6445] symlink("/dev/binderfs", "./binderfs" [pid 6443] <... munmap resumed>) = 0 [pid 6442] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6442, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 6445] <... symlink resumed>) = 0 [pid 5078] umount2("./271", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6445] memfd_create("syzkaller", 0 [pid 5078] openat(AT_FDCWD, "./271", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6443] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] newfstatat(3, "", [pid 6445] <... memfd_create resumed>) = 3 [pid 6443] <... openat resumed>) = 4 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6445] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6443] ioctl(4, LOOP_SET_FD, 3 [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./271/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./271/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./271/binderfs") = 0 [pid 5078] umount2("./271/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6445] <... mmap resumed>) = 0x7f3feae00000 [pid 6443] <... ioctl resumed>) = 0 [pid 6443] close(3 [pid 5078] <... umount2 resumed>) = 0 [pid 5078] umount2("./271/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6444] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6443] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./271/file0", [pid 6443] close(4 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6443] <... close resumed>) = 0 [pid 5078] umount2("./271/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./271/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6443] mkdir("./file0", 0777 [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, [pid 6443] <... mkdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./271/file0" [ 272.146048][ T6443] loop4: detected capacity change from 0 to 4096 [pid 6443] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5078] <... rmdir resumed>) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./271") = 0 [pid 5078] mkdir("./272", 0777) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5079] <... ioctl resumed>) = 0 [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6446 attached , child_tidptr=0x555556d3f650) = 6446 [pid 6446] set_robust_list(0x555556d3f660, 24 [pid 6444] <... write resumed>) = 2097152 [pid 6446] <... set_robust_list resumed>) = 0 [pid 6444] munmap(0x7f3feae00000, 138412032 [pid 6446] chdir("./269") = 0 [pid 6446] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6446] setpgid(0, 0) = 0 [pid 6446] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6444] <... munmap resumed>) = 0 [pid 6446] write(3, "1000", 4 [ 272.193812][ T6443] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6444] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6446] <... write resumed>) = 4 [pid 6445] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6444] <... openat resumed>) = 4 [pid 6446] close(3) = 0 [pid 6446] symlink("/dev/binderfs", "./binderfs" [pid 6444] ioctl(4, LOOP_SET_FD, 3 [pid 6446] <... symlink resumed>) = 0 [pid 6446] memfd_create("syzkaller", 0 [pid 6443] <... mount resumed>) = 0 [pid 6446] <... memfd_create resumed>) = 3 [pid 6443] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6446] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6443] <... openat resumed>) = 3 [pid 6446] <... mmap resumed>) = 0x7f3feae00000 [pid 6443] chdir("./file0" [pid 5078] <... ioctl resumed>) = 0 [pid 6443] <... chdir resumed>) = 0 [pid 5078] close(3 [pid 6443] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] <... close resumed>) = 0 [pid 6444] <... ioctl resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6444] close(3) = 0 [pid 6444] close(4) = 0 [pid 6444] mkdir("./file0", 0777./strace-static-x86_64: Process 6447 attached [pid 6447] set_robust_list(0x555556d3f660, 24) = 0 [pid 6447] chdir("./272" [pid 6444] <... mkdir resumed>) = 0 [pid 6447] <... chdir resumed>) = 0 [pid 6447] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6447] setpgid(0, 0 [pid 6443] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 272.242672][ T6444] loop0: detected capacity change from 0 to 4096 [pid 6444] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6447 [pid 6447] <... setpgid resumed>) = 0 [pid 6447] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6447] write(3, "1000", 4) = 4 [pid 6447] close(3) = 0 [pid 6447] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6445] <... write resumed>) = 2097152 [pid 6443] exit_group(0) = ? [pid 6443] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6443, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 6447] memfd_create("syzkaller", 0 [pid 5080] umount2("./267", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./267", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6447] <... memfd_create resumed>) = 3 [pid 6446] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6445] munmap(0x7f3feae00000, 138412032 [pid 6447] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] umount2("./267/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 272.294484][ T6444] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5080] newfstatat(AT_FDCWD, "./267/binderfs", [pid 6447] <... mmap resumed>) = 0x7f3feae00000 [pid 6445] <... munmap resumed>) = 0 [pid 6444] <... mount resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./267/binderfs" [pid 6444] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6445] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... unlink resumed>) = 0 [pid 6445] <... openat resumed>) = 4 [pid 6445] ioctl(4, LOOP_SET_FD, 3 [pid 6444] chdir("./file0" [pid 5080] umount2("./267/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6444] <... chdir resumed>) = 0 [pid 6444] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6444] exit_group(0 [pid 5080] <... umount2 resumed>) = 0 [pid 6444] <... exit_group resumed>) = ? [pid 5080] umount2("./267/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./267/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./267/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6445] <... ioctl resumed>) = 0 [pid 6445] close(3) = 0 [pid 6445] close(4) = 0 [pid 6445] mkdir("./file0", 0777 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6445] <... mkdir resumed>) = 0 [pid 6444] +++ exited with 0 +++ [pid 5080] openat(AT_FDCWD, "./267/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6444, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5080] <... openat resumed>) = 4 [pid 5080] newfstatat(4, "", [pid 6445] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] umount2("./267", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] getdents64(4, [pid 5076] openat(AT_FDCWD, "./267", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] newfstatat(3, "", [pid 5080] getdents64(4, [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [ 272.360664][ T6445] loop1: detected capacity change from 0 to 4096 [pid 5080] close(4 [pid 5076] getdents64(3, [pid 6446] <... write resumed>) = 2097152 [pid 5080] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] rmdir("./267/file0" [pid 5076] umount2("./267/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6446] munmap(0x7f3feae00000, 138412032 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6446] <... munmap resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./267/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./267/binderfs" [pid 5080] <... rmdir resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5080] getdents64(3, [pid 6446] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6447] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] umount2("./267/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6446] <... openat resumed>) = 4 [ 272.403402][ T6445] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6446] ioctl(4, LOOP_SET_FD, 3 [pid 5080] close(3) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5080] rmdir("./267" [pid 5076] umount2("./267/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... rmdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./267/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] mkdir("./268", 0777 [pid 5076] umount2("./267/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./267/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] <... mkdir resumed>) = 0 [pid 5076] getdents64(4, [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5076] close(4) = 0 [pid 5076] rmdir("./267/file0" [pid 6445] <... mount resumed>) = 0 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] <... rmdir resumed>) = 0 [pid 6445] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6446] <... ioctl resumed>) = 0 [pid 6445] <... openat resumed>) = 3 [pid 5076] getdents64(3, [pid 6445] chdir("./file0" [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6445] <... chdir resumed>) = 0 [pid 6445] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] close(3 [pid 6446] close(3 [pid 6445] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6446] <... close resumed>) = 0 [pid 6445] exit_group(0 [pid 5076] <... close resumed>) = 0 [pid 6445] <... exit_group resumed>) = ? [pid 5076] rmdir("./267" [pid 6446] close(4) = 0 [pid 6447] <... write resumed>) = 2097152 [pid 5076] <... rmdir resumed>) = 0 [pid 6445] +++ exited with 0 +++ [pid 6447] munmap(0x7f3feae00000, 138412032 [pid 5076] mkdir("./268", 0777 [pid 6446] mkdir("./file0", 0777 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6445, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=9 /* 0.09 s */} --- [pid 6446] <... mkdir resumed>) = 0 [pid 5077] restart_syscall(<... resuming interrupted clone ...> [pid 5076] <... mkdir resumed>) = 0 [pid 5077] <... restart_syscall resumed>) = 0 [pid 5077] umount2("./270", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./270", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5077] <... openat resumed>) = 3 [pid 6446] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5077] newfstatat(3, "", [pid 5076] <... openat resumed>) = 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 272.448888][ T6446] loop3: detected capacity change from 0 to 4096 [pid 5077] getdents64(3, [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6447] <... munmap resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./270/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6447] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] newfstatat(AT_FDCWD, "./270/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6447] <... openat resumed>) = 4 [pid 5077] unlink("./270/binderfs" [pid 6447] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... unlink resumed>) = 0 [pid 5077] umount2("./270/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 6447] <... ioctl resumed>) = 0 [pid 6447] close(3 [pid 5077] umount2("./270/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6447] <... close resumed>) = 0 [pid 6447] close(4 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6447] <... close resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./270/file0", [pid 6447] mkdir("./file0", 0777 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./270/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6447] <... mkdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "./270/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./270/file0") = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./270") = 0 [ 272.501589][ T6446] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 272.517594][ T6447] loop2: detected capacity change from 0 to 4096 [pid 5077] mkdir("./271", 0777 [pid 6447] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5077] <... mkdir resumed>) = 0 [pid 6446] <... mount resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6446] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] <... ioctl resumed>) = 0 [pid 6446] <... openat resumed>) = 3 [pid 5080] close(3 [pid 5076] close(3 [pid 6446] chdir("./file0" [pid 5080] <... close resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 6446] <... chdir resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6446] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 6448 attached ) = -1 EBUSY (Device or resource busy) [pid 6448] set_robust_list(0x555556d3f660, 24 [pid 6446] exit_group(0 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6448 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6449 [pid 6448] <... set_robust_list resumed>) = 0 [pid 6446] <... exit_group resumed>) = ? ./strace-static-x86_64: Process 6449 attached [pid 6448] chdir("./268" [pid 6446] +++ exited with 0 +++ [pid 6449] set_robust_list(0x555556d3f660, 24 [pid 6448] <... chdir resumed>) = 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6446, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 6449] <... set_robust_list resumed>) = 0 [pid 6448] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6449] chdir("./268" [pid 6448] <... prctl resumed>) = 0 [pid 6449] <... chdir resumed>) = 0 [pid 5079] umount2("./269", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6449] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6448] setpgid(0, 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6448] <... setpgid resumed>) = 0 [pid 6449] <... prctl resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./269", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6449] setpgid(0, 0 [pid 6448] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... openat resumed>) = 3 [pid 5079] newfstatat(3, "", [pid 6449] <... setpgid resumed>) = 0 [pid 6448] <... openat resumed>) = 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6449] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6448] write(3, "1000", 4 [ 272.572814][ T6447] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5079] getdents64(3, [pid 6449] <... openat resumed>) = 3 [pid 6448] <... write resumed>) = 4 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6448] close(3 [pid 6449] write(3, "1000", 4 [pid 6448] <... close resumed>) = 0 [pid 6447] <... mount resumed>) = 0 [pid 5079] umount2("./269/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6448] symlink("/dev/binderfs", "./binderfs" [pid 6447] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6449] <... write resumed>) = 4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6449] close(3 [pid 6448] <... symlink resumed>) = 0 [pid 6447] <... openat resumed>) = 3 [pid 5079] newfstatat(AT_FDCWD, "./269/binderfs", [pid 6449] <... close resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6449] symlink("/dev/binderfs", "./binderfs" [pid 6447] chdir("./file0" [pid 5079] unlink("./269/binderfs" [pid 6449] <... symlink resumed>) = 0 [pid 6447] <... chdir resumed>) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 5079] umount2("./269/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6449] memfd_create("syzkaller", 0 [pid 6448] memfd_create("syzkaller", 0 [pid 6447] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6449] <... memfd_create resumed>) = 3 [pid 6448] <... memfd_create resumed>) = 3 [pid 6447] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... umount2 resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 6448] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6449] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6447] exit_group(0 [pid 5079] umount2("./269/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] close(3 [pid 6449] <... mmap resumed>) = 0x7f3feae00000 [pid 6448] <... mmap resumed>) = 0x7f3feae00000 [pid 6447] <... exit_group resumed>) = ? [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... close resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./269/file0", [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./269/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./269/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6450 [pid 5079] <... openat resumed>) = 4 [pid 5079] newfstatat(4, "", ./strace-static-x86_64: Process 6450 attached [pid 6447] +++ exited with 0 +++ [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6447, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 6450] set_robust_list(0x555556d3f660, 24) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] restart_syscall(<... resuming interrupted clone ...> [pid 6450] chdir("./271" [pid 5079] getdents64(4, [pid 5078] <... restart_syscall resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6450] <... chdir resumed>) = 0 [pid 5079] close(4 [pid 6450] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... close resumed>) = 0 [pid 5078] umount2("./272", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6450] <... prctl resumed>) = 0 [pid 6449] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] rmdir("./269/file0" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6450] setpgid(0, 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./272", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6450] <... setpgid resumed>) = 0 [pid 5079] getdents64(3, [pid 5078] <... openat resumed>) = 3 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] newfstatat(3, "", [pid 6450] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] close(3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6450] <... openat resumed>) = 3 [pid 5079] <... close resumed>) = 0 [pid 5078] getdents64(3, [pid 6450] write(3, "1000", 4 [pid 6448] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] rmdir("./269" [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6450] <... write resumed>) = 4 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] umount2("./272/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] mkdir("./270", 0777 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... mkdir resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./272/binderfs", [pid 6450] close(3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6450] <... close resumed>) = 0 [pid 5078] unlink("./272/binderfs" [pid 6450] symlink("/dev/binderfs", "./binderfs" [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] <... unlink resumed>) = 0 [pid 5078] umount2("./272/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6450] <... symlink resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5078] <... umount2 resumed>) = 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] umount2("./272/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6450] memfd_create("syzkaller", 0 [pid 6449] <... write resumed>) = 2097152 [pid 6449] munmap(0x7f3feae00000, 138412032 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6450] <... memfd_create resumed>) = 3 [pid 6449] <... munmap resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./272/file0", [pid 6450] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6449] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6450] <... mmap resumed>) = 0x7f3feae00000 [pid 6449] <... openat resumed>) = 4 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./272/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6449] ioctl(4, LOOP_SET_FD, 3 [pid 6448] <... write resumed>) = 2097152 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./272/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6449] <... ioctl resumed>) = 0 [pid 6448] munmap(0x7f3feae00000, 138412032 [pid 5078] <... openat resumed>) = 4 [pid 6448] <... munmap resumed>) = 0 [pid 5078] newfstatat(4, "", [pid 6449] close(3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6449] <... close resumed>) = 0 [pid 5078] getdents64(4, [pid 6449] close(4 [ 272.792565][ T6449] loop0: detected capacity change from 0 to 4096 [pid 6450] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6449] <... close resumed>) = 0 [pid 6448] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] <... ioctl resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6449] mkdir("./file0", 0777 [pid 5078] getdents64(4, [pid 6448] <... openat resumed>) = 4 [pid 6449] <... mkdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6449] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6448] ioctl(4, LOOP_SET_FD, 3 [pid 5078] close(4) = 0 [pid 6448] <... ioctl resumed>) = 0 [pid 5079] close(3 [pid 5078] rmdir("./272/file0") = 0 [pid 6448] close(3 [pid 5079] <... close resumed>) = 0 [pid 5078] getdents64(3, [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6448] <... close resumed>) = 0 [pid 5078] close(3) = 0 [pid 6448] close(4 [pid 5078] rmdir("./272" [pid 6448] <... close resumed>) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6451 ./strace-static-x86_64: Process 6451 attached [pid 6451] set_robust_list(0x555556d3f660, 24 [pid 6448] mkdir("./file0", 0777 [pid 5078] <... rmdir resumed>) = 0 [pid 6451] <... set_robust_list resumed>) = 0 [ 272.841600][ T6448] loop4: detected capacity change from 0 to 4096 [ 272.860485][ T6449] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6451] chdir("./270" [pid 6448] <... mkdir resumed>) = 0 [pid 5078] mkdir("./273", 0777 [pid 6451] <... chdir resumed>) = 0 [pid 6448] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6451] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] <... mkdir resumed>) = 0 [pid 6451] <... prctl resumed>) = 0 [pid 6451] setpgid(0, 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6451] <... setpgid resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 6451] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6451] <... openat resumed>) = 3 [pid 6450] <... write resumed>) = 2097152 [pid 6451] write(3, "1000", 4) = 4 [pid 6451] close(3 [pid 6450] munmap(0x7f3feae00000, 138412032 [pid 6451] <... close resumed>) = 0 [pid 6450] <... munmap resumed>) = 0 [pid 6451] symlink("/dev/binderfs", "./binderfs") = 0 [ 272.893630][ T6448] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6451] memfd_create("syzkaller", 0 [pid 6450] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6451] <... memfd_create resumed>) = 3 [pid 6450] <... openat resumed>) = 4 [pid 6450] ioctl(4, LOOP_SET_FD, 3 [pid 6451] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6449] <... mount resumed>) = 0 [pid 6451] <... mmap resumed>) = 0x7f3feae00000 [pid 6449] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6449] chdir("./file0") = 0 [pid 6449] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6449] exit_group(0) = ? [pid 6449] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6449, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5076] umount2("./268", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./268", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6448] <... mount resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6448] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] umount2("./268/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6448] <... openat resumed>) = 3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6448] chdir("./file0" [pid 5076] newfstatat(AT_FDCWD, "./268/binderfs", [pid 6448] <... chdir resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6448] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] unlink("./268/binderfs" [pid 6448] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6448] exit_group(0 [pid 5078] <... ioctl resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 6448] <... exit_group resumed>) = ? [ 272.964545][ T6450] loop1: detected capacity change from 0 to 4096 [pid 6450] <... ioctl resumed>) = 0 [pid 6448] +++ exited with 0 +++ [pid 5078] close(3 [pid 5076] umount2("./268/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6450] close(3 [pid 5078] <... close resumed>) = 0 [pid 6450] <... close resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6450] close(4 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6448, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5080] umount2("./268", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./268", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", [pid 6450] <... close resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, [pid 6450] mkdir("./file0", 0777 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./268/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./268/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./268/binderfs" [pid 6450] <... mkdir resumed>) = 0 [pid 5080] <... unlink resumed>) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6452 [pid 5076] <... umount2 resumed>) = 0 [pid 6450] mount("/dev/loop1", "./file0", "ntfs3", 0, ""./strace-static-x86_64: Process 6452 attached [pid 5080] umount2("./268/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] umount2("./268/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6452] set_robust_list(0x555556d3f660, 24 [pid 6451] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... umount2 resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6452] <... set_robust_list resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./268/file0", [pid 6452] chdir("./273" [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6452] <... chdir resumed>) = 0 [pid 5076] umount2("./268/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6452] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6452] <... prctl resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./268/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6452] setpgid(0, 0 [pid 5076] <... openat resumed>) = 4 [pid 6452] <... setpgid resumed>) = 0 [pid 5080] umount2("./268/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] newfstatat(4, "", [pid 6452] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, [pid 5080] newfstatat(AT_FDCWD, "./268/file0", [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6452] <... openat resumed>) = 3 [pid 5080] umount2("./268/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(4, [pid 6452] write(3, "1000", 4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6452] <... write resumed>) = 4 [pid 5080] openat(AT_FDCWD, "./268/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] close(4 [pid 6452] close(3 [pid 5080] <... openat resumed>) = 4 [pid 5076] <... close resumed>) = 0 [pid 6452] <... close resumed>) = 0 [pid 5080] newfstatat(4, "", [pid 5076] rmdir("./268/file0" [pid 6452] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 6452] <... symlink resumed>) = 0 [pid 6452] memfd_create("syzkaller", 0 [pid 5080] getdents64(4, [pid 5076] getdents64(3, [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [ 273.027099][ T6450] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5080] getdents64(4, [pid 5076] close(3 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] <... close resumed>) = 0 [pid 6452] <... memfd_create resumed>) = 3 [pid 5080] close(4 [pid 5076] rmdir("./268" [pid 5080] <... close resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 6452] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] rmdir("./268/file0") = 0 [pid 6452] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] getdents64(3, [pid 5076] mkdir("./269", 0777) = 0 [pid 6451] <... write resumed>) = 2097152 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] close(3 [pid 5076] <... openat resumed>) = 3 [pid 6451] munmap(0x7f3feae00000, 138412032 [pid 5080] <... close resumed>) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5080] rmdir("./268") = 0 [pid 6451] <... munmap resumed>) = 0 [pid 6450] <... mount resumed>) = 0 [pid 5080] mkdir("./269", 0777 [pid 6451] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6450] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... mkdir resumed>) = 0 [pid 6451] <... openat resumed>) = 4 [pid 6450] <... openat resumed>) = 3 [pid 6451] ioctl(4, LOOP_SET_FD, 3 [pid 6450] chdir("./file0") = 0 [pid 6450] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6450] exit_group(0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6450] <... exit_group resumed>) = ? [pid 5080] <... openat resumed>) = 3 [pid 6450] +++ exited with 0 +++ [pid 6451] <... ioctl resumed>) = 0 [pid 6451] close(3 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6450, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 6452] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6451] <... close resumed>) = 0 [pid 6451] close(4 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6451] <... close resumed>) = 0 [pid 5077] umount2("./271", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6451] mkdir("./file0", 0777 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6451] <... mkdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "./271", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", [pid 6451] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, [pid 5076] <... ioctl resumed>) = 0 [ 273.143217][ T6451] loop3: detected capacity change from 0 to 4096 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] close(3 [pid 5077] umount2("./271/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6453 attached [pid 5077] newfstatat(AT_FDCWD, "./271/binderfs", [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6453 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6453] set_robust_list(0x555556d3f660, 24) = 0 [pid 5077] unlink("./271/binderfs" [pid 6453] chdir("./269" [pid 5077] <... unlink resumed>) = 0 [pid 6453] <... chdir resumed>) = 0 [pid 5077] umount2("./271/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6453] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6452] <... write resumed>) = 2097152 [pid 6453] <... prctl resumed>) = 0 [pid 6453] setpgid(0, 0 [pid 6452] munmap(0x7f3feae00000, 138412032 [pid 6453] <... setpgid resumed>) = 0 [pid 6453] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6452] <... munmap resumed>) = 0 [pid 6453] write(3, "1000", 4 [pid 6452] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6453] <... write resumed>) = 4 [pid 6452] <... openat resumed>) = 4 [pid 6453] close(3 [pid 6452] ioctl(4, LOOP_SET_FD, 3 [pid 6453] <... close resumed>) = 0 [ 273.198022][ T6451] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5077] <... umount2 resumed>) = 0 [pid 6453] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5077] umount2("./271/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./271/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6453] memfd_create("syzkaller", 0) = 3 [pid 6452] <... ioctl resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5077] umount2("./271/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6453] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6452] close(3 [pid 6453] <... mmap resumed>) = 0x7f3feae00000 [pid 6452] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6452] close(4 [pid 5077] openat(AT_FDCWD, "./271/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6452] <... close resumed>) = 0 [pid 5080] close(3 [pid 5077] <... openat resumed>) = 4 [pid 6452] mkdir("./file0", 0777) = 0 [pid 5080] <... close resumed>) = 0 [pid 5077] newfstatat(4, "", [ 273.241389][ T6452] loop2: detected capacity change from 0 to 4096 [pid 6452] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, ./strace-static-x86_64: Process 6454 attached 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6454] set_robust_list(0x555556d3f660, 24 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6454 [pid 5077] getdents64(4, [pid 6454] <... set_robust_list resumed>) = 0 [pid 6454] chdir("./269" [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6454] <... chdir resumed>) = 0 [pid 6454] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6454] setpgid(0, 0 [pid 5077] close(4 [pid 6454] <... setpgid resumed>) = 0 [pid 6454] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./271/file0" [pid 6454] <... openat resumed>) = 3 [pid 5077] <... rmdir resumed>) = 0 [pid 5077] getdents64(3, [pid 6454] write(3, "1000", 4) = 4 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6451] <... mount resumed>) = 0 [pid 5077] close(3 [pid 6454] close(3 [pid 5077] <... close resumed>) = 0 [pid 6454] <... close resumed>) = 0 [pid 5077] rmdir("./271" [pid 6454] symlink("/dev/binderfs", "./binderfs" [pid 6451] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6454] <... symlink resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 6451] <... openat resumed>) = 3 [pid 5077] mkdir("./272", 0777 [pid 6451] chdir("./file0" [pid 5077] <... mkdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6454] memfd_create("syzkaller", 0 [pid 5077] <... openat resumed>) = 3 [ 273.287676][ T6452] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6451] <... chdir resumed>) = 0 [pid 6451] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6454] <... memfd_create resumed>) = 3 [pid 6451] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6454] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6451] exit_group(0) = ? [pid 6453] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6451] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6451, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=8 /* 0.08 s */} --- [pid 5079] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5079] umount2("./270", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./270", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./270/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./270/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./270/binderfs") = 0 [pid 5079] umount2("./270/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5079] umount2("./270/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./270/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./270/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./270/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./270/file0") = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5079] getdents64(3, [pid 6453] <... write resumed>) = 2097152 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./270" [pid 6453] munmap(0x7f3feae00000, 138412032 [pid 5079] <... rmdir resumed>) = 0 [pid 5079] mkdir("./271", 0777) = 0 [pid 6453] <... munmap resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6453] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6454] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6453] <... openat resumed>) = 4 [pid 6453] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6455 [pid 6453] close(3./strace-static-x86_64: Process 6455 attached [pid 6452] <... mount resumed>) = 0 [pid 6455] set_robust_list(0x555556d3f660, 24 [pid 6452] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6455] <... set_robust_list resumed>) = 0 [pid 6453] <... close resumed>) = 0 [pid 6452] <... openat resumed>) = 3 [pid 6455] chdir("./272" [pid 6452] chdir("./file0" [pid 6455] <... chdir resumed>) = 0 [pid 6452] <... chdir resumed>) = 0 [pid 6455] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6452] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6453] close(4 [pid 6455] <... prctl resumed>) = 0 [pid 6452] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6455] setpgid(0, 0 [pid 6453] <... close resumed>) = 0 [pid 6455] <... setpgid resumed>) = 0 [pid 6452] exit_group(0 [pid 6455] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6453] mkdir("./file0", 0777 [pid 6452] <... exit_group resumed>) = ? [pid 6453] <... mkdir resumed>) = 0 [ 273.439970][ T6453] loop0: detected capacity change from 0 to 4096 [pid 6453] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6455] <... openat resumed>) = 3 [pid 6452] +++ exited with 0 +++ [pid 6455] write(3, "1000", 4 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6452, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 6455] <... write resumed>) = 4 [pid 6455] close(3) = 0 [pid 6455] symlink("/dev/binderfs", "./binderfs" [pid 5078] umount2("./273", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6455] <... symlink resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./273", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6454] <... write resumed>) = 2097152 [pid 5078] <... openat resumed>) = 3 [pid 6455] memfd_create("syzkaller", 0 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./273/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./273/binderfs", [pid 6455] <... memfd_create resumed>) = 3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6455] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6454] munmap(0x7f3feae00000, 138412032 [pid 5079] <... ioctl resumed>) = 0 [pid 5078] unlink("./273/binderfs") = 0 [pid 5078] umount2("./273/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 6455] <... mmap resumed>) = 0x7f3feae00000 [ 273.494875][ T6453] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] umount2("./273/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6456 attached [pid 6456] set_robust_list(0x555556d3f660, 24 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6456 [pid 6456] <... set_robust_list resumed>) = 0 [pid 6456] chdir("./271") = 0 [pid 6454] <... munmap resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6456] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6454] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] newfstatat(AT_FDCWD, "./273/file0", [pid 6456] <... prctl resumed>) = 0 [pid 6454] <... openat resumed>) = 4 [pid 6453] <... mount resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6454] ioctl(4, LOOP_SET_FD, 3 [pid 5078] umount2("./273/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6456] setpgid(0, 0) = 0 [pid 6453] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6456] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6453] <... openat resumed>) = 3 [pid 6456] <... openat resumed>) = 3 [pid 6453] chdir("./file0") = 0 [pid 6456] write(3, "1000", 4 [pid 6453] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6456] <... write resumed>) = 4 [pid 6454] <... ioctl resumed>) = 0 [pid 6453] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./273/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", [pid 6456] close(3) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6454] close(3 [pid 6456] symlink("/dev/binderfs", "./binderfs" [pid 6454] <... close resumed>) = 0 [pid 6453] exit_group(0 [pid 5078] getdents64(4, [pid 6456] <... symlink resumed>) = 0 [pid 6454] close(4 [pid 6453] <... exit_group resumed>) = ? [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6456] memfd_create("syzkaller", 0 [pid 6454] <... close resumed>) = 0 [pid 6453] +++ exited with 0 +++ [pid 5078] getdents64(4, [pid 6454] mkdir("./file0", 0777 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6453, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5078] close(4 [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 5078] <... close resumed>) = 0 [pid 5076] <... restart_syscall resumed>) = 0 [pid 6454] <... mkdir resumed>) = 0 [pid 5078] rmdir("./273/file0" [pid 6454] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6456] <... memfd_create resumed>) = 3 [pid 5078] <... rmdir resumed>) = 0 [pid 5076] umount2("./269", MNT_FORCE|UMOUNT_NOFOLLOW [ 273.580561][ T6454] loop4: detected capacity change from 0 to 4096 [pid 6456] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] getdents64(3, [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6456] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] openat(AT_FDCWD, "./269", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./269/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./269/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./269/binderfs") = 0 [pid 5076] umount2("./269/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] close(3 [pid 5076] <... umount2 resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5076] umount2("./269/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./269/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6455] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] rmdir("./273" [pid 5076] umount2("./269/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... rmdir resumed>) = 0 [pid 5078] mkdir("./274", 0777) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./269/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./269/file0") = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./269") = 0 [pid 5076] mkdir("./270", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 273.624282][ T6454] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6455] <... write resumed>) = 2097152 [pid 6455] munmap(0x7f3feae00000, 138412032 [pid 6456] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6455] <... munmap resumed>) = 0 [pid 6455] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6454] <... mount resumed>) = 0 [pid 6455] <... openat resumed>) = 4 [pid 6454] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6455] ioctl(4, LOOP_SET_FD, 3 [pid 5078] <... ioctl resumed>) = 0 [pid 6454] chdir("./file0" [pid 5078] close(3) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6454] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 6457 attached [pid 6454] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6457] set_robust_list(0x555556d3f660, 24 [pid 6454] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6457] <... set_robust_list resumed>) = 0 [pid 6454] exit_group(0 [pid 6457] chdir("./274" [pid 6455] <... ioctl resumed>) = 0 [pid 6454] <... exit_group resumed>) = ? [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6457 [pid 6457] <... chdir resumed>) = 0 [pid 6455] close(3 [pid 6457] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6454] +++ exited with 0 +++ [pid 5076] <... ioctl resumed>) = 0 [pid 6457] <... prctl resumed>) = 0 [pid 6455] <... close resumed>) = 0 [pid 6457] setpgid(0, 0 [pid 6455] close(4 [pid 6457] <... setpgid resumed>) = 0 [pid 6457] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6455] <... close resumed>) = 0 [pid 6457] <... openat resumed>) = 3 [pid 6455] mkdir("./file0", 0777 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6454, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 6457] write(3, "1000", 4 [pid 5080] umount2("./269", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6457] <... write resumed>) = 4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] close(3 [pid 6457] close(3 [pid 6456] <... write resumed>) = 2097152 [pid 6455] <... mkdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./269", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... close resumed>) = 0 [pid 6457] <... close resumed>) = 0 [pid 6455] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5080] <... openat resumed>) = 3 [ 273.743528][ T6455] loop1: detected capacity change from 0 to 4096 [pid 6457] symlink("/dev/binderfs", "./binderfs" [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6457] <... symlink resumed>) = 0 [pid 6457] memfd_create("syzkaller", 0 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, [pid 6456] munmap(0x7f3feae00000, 138412032 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6457] <... memfd_create resumed>) = 3 [pid 6456] <... munmap resumed>) = 0 [pid 5080] umount2("./269/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6457] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6457] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] newfstatat(AT_FDCWD, "./269/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./269/binderfs") = 0 [pid 5080] umount2("./269/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6456] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6456] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 6458 attached [pid 6458] set_robust_list(0x555556d3f660, 24 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6458 [pid 6458] <... set_robust_list resumed>) = 0 [pid 6458] chdir("./270") = 0 [pid 6458] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6458] setpgid(0, 0 [pid 5080] <... umount2 resumed>) = 0 [pid 6458] <... setpgid resumed>) = 0 [pid 6455] <... mount resumed>) = 0 [pid 6458] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6455] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6458] <... openat resumed>) = 3 [pid 6455] <... openat resumed>) = 3 [pid 6458] write(3, "1000", 4 [pid 6455] chdir("./file0" [pid 6458] <... write resumed>) = 4 [pid 6455] <... chdir resumed>) = 0 [pid 6458] close(3 [pid 6455] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6458] <... close resumed>) = 0 [pid 6455] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] umount2("./269/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6458] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6455] exit_group(0 [pid 5080] newfstatat(AT_FDCWD, "./269/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6456] <... ioctl resumed>) = 0 [pid 5080] umount2("./269/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6458] <... symlink resumed>) = 0 [pid 6456] close(3 [pid 6455] <... exit_group resumed>) = ? [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6456] <... close resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./269/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6456] close(4 [pid 5080] <... openat resumed>) = 4 [pid 6456] <... close resumed>) = 0 [pid 5080] newfstatat(4, "", [pid 6456] mkdir("./file0", 0777 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6456] <... mkdir resumed>) = 0 [pid 5080] getdents64(4, [pid 6456] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [ 273.793123][ T6455] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 273.824936][ T6456] loop3: detected capacity change from 0 to 4096 [pid 5080] rmdir("./269/file0") = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./269") = 0 [pid 5080] mkdir("./270", 0777 [pid 6458] memfd_create("syzkaller", 0 [pid 6455] +++ exited with 0 +++ [pid 5080] <... mkdir resumed>) = 0 [pid 6458] <... memfd_create resumed>) = 3 [pid 6458] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6455, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] umount2("./272", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./272", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... openat resumed>) = 3 [pid 5077] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./272/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./272/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./272/binderfs") = 0 [pid 5077] umount2("./272/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 6457] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] umount2("./272/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./272/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./272/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./272/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [ 273.880169][ T6456] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5077] rmdir("./272/file0") = 0 [pid 5077] getdents64(3, [pid 6456] <... mount resumed>) = 0 [pid 6456] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6456] <... openat resumed>) = 3 [pid 5077] close(3 [pid 6456] chdir("./file0") = 0 [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./272" [pid 6456] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... rmdir resumed>) = 0 [pid 6456] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6456] exit_group(0) = ? [pid 5077] mkdir("./273", 0777) = 0 [pid 6458] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6456] +++ exited with 0 +++ [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6456, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- [pid 5077] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5079] umount2("./271", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./271", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./271/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./271/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./271/binderfs" [pid 5080] <... ioctl resumed>) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 5079] umount2("./271/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 6457] <... write resumed>) = 2097152 [pid 5080] close(3) = 0 [pid 5079] umount2("./271/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./271/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./271/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./271/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, ./strace-static-x86_64: Process 6459 attached 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6459] set_robust_list(0x555556d3f660, 24 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6459 [pid 5079] getdents64(4, [pid 6457] munmap(0x7f3feae00000, 138412032 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6459] <... set_robust_list resumed>) = 0 [pid 5079] close(4 [pid 6459] chdir("./270") = 0 [pid 6459] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6459] setpgid(0, 0) = 0 [pid 6459] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./271/file0" [pid 6459] <... openat resumed>) = 3 [pid 5079] <... rmdir resumed>) = 0 [pid 5079] getdents64(3, [pid 6459] write(3, "1000", 4 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3 [pid 6459] <... write resumed>) = 4 [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./271" [pid 6459] close(3 [pid 6457] <... munmap resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 6457] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6457] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6459] <... close resumed>) = 0 [pid 5079] mkdir("./272", 0777 [pid 6459] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 6458] <... write resumed>) = 2097152 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6458] munmap(0x7f3feae00000, 138412032 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6459] memfd_create("syzkaller", 0 [pid 6457] close(3 [pid 6459] <... memfd_create resumed>) = 3 [pid 6459] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6457] <... close resumed>) = 0 [pid 6457] close(4 [pid 5077] close(3 [pid 6457] <... close resumed>) = 0 [pid 6457] mkdir("./file0", 0777 [pid 5077] <... close resumed>) = 0 [pid 6457] <... mkdir resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6458] <... munmap resumed>) = 0 [pid 6458] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6457] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6458] <... openat resumed>) = 4 [pid 6458] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6460 ./strace-static-x86_64: Process 6460 attached [ 274.042134][ T6457] loop2: detected capacity change from 0 to 4096 [ 274.080103][ T6457] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6460] set_robust_list(0x555556d3f660, 24) = 0 [pid 6460] chdir("./273") = 0 [pid 6460] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6460] setpgid(0, 0) = 0 [pid 6460] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6458] <... ioctl resumed>) = 0 [pid 6458] close(3 [pid 6460] write(3, "1000", 4 [pid 6458] <... close resumed>) = 0 [pid 6460] <... write resumed>) = 4 [pid 6458] close(4 [pid 6460] close(3 [pid 6458] <... close resumed>) = 0 [pid 6460] <... close resumed>) = 0 [pid 6458] mkdir("./file0", 0777 [pid 6460] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6460] memfd_create("syzkaller", 0) = 3 [pid 6460] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6458] <... mkdir resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [ 274.091630][ T6458] loop0: detected capacity change from 0 to 4096 [pid 6458] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6461 [pid 6459] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152./strace-static-x86_64: Process 6461 attached [pid 6461] set_robust_list(0x555556d3f660, 24) = 0 [pid 6461] chdir("./272") = 0 [pid 6461] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6461] setpgid(0, 0 [pid 6460] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6461] <... setpgid resumed>) = 0 [pid 6461] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6461] write(3, "1000", 4) = 4 [pid 6461] close(3) = 0 [ 274.144225][ T6458] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6461] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6461] memfd_create("syzkaller", 0 [pid 6458] <... mount resumed>) = 0 [pid 6457] <... mount resumed>) = 0 [pid 6457] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6461] <... memfd_create resumed>) = 3 [pid 6458] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6461] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6458] <... openat resumed>) = 3 [pid 6457] chdir("./file0" [pid 6458] chdir("./file0" [pid 6457] <... chdir resumed>) = 0 [pid 6458] <... chdir resumed>) = 0 [pid 6457] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6458] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6457] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6457] exit_group(0) = ? [pid 6458] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6457] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6457, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 6458] exit_group(0) = ? [pid 5078] umount2("./274", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./274", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", [pid 6459] <... write resumed>) = 2097152 [pid 6459] munmap(0x7f3feae00000, 138412032 [pid 6458] +++ exited with 0 +++ [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6458, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5078] getdents64(3, [pid 5076] umount2("./270", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./270", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] umount2("./274/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] getdents64(3, [pid 5078] newfstatat(AT_FDCWD, "./274/binderfs", [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./270/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] unlink("./274/binderfs") = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] umount2("./274/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] newfstatat(AT_FDCWD, "./270/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6461] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6460] <... write resumed>) = 2097152 [pid 6459] <... munmap resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5076] unlink("./270/binderfs" [pid 6460] munmap(0x7f3feae00000, 138412032 [pid 5078] umount2("./274/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... unlink resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./274/file0", [pid 5076] umount2("./270/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5078] umount2("./274/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] umount2("./270/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./274/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] newfstatat(AT_FDCWD, "./270/file0", [pid 5078] <... openat resumed>) = 4 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] newfstatat(4, "", [pid 5076] umount2("./270/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./270/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... openat resumed>) = 4 [pid 6459] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] getdents64(4, [pid 5076] newfstatat(4, "", [pid 6459] <... openat resumed>) = 4 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6459] ioctl(4, LOOP_SET_FD, 3 [pid 5076] getdents64(4, [pid 6460] <... munmap resumed>) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] close(4) = 0 [pid 5076] getdents64(4, [pid 5078] rmdir("./274/file0" [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./270/file0") = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./270" [pid 6460] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5076] mkdir("./271", 0777) = 0 [pid 6460] <... openat resumed>) = 4 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5078] getdents64(3, [pid 6460] ioctl(4, LOOP_SET_FD, 3 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6459] <... ioctl resumed>) = 0 [pid 6459] close(3) = 0 [pid 6459] close(4) = 0 [pid 6460] <... ioctl resumed>) = 0 [pid 5078] close(3) = 0 [pid 6459] mkdir("./file0", 0777 [pid 5078] rmdir("./274" [pid 6460] close(3) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 6460] close(4 [pid 5078] mkdir("./275", 0777 [pid 6460] <... close resumed>) = 0 [pid 6460] mkdir("./file0", 0777) = 0 [ 274.324388][ T6459] loop4: detected capacity change from 0 to 4096 [ 274.344080][ T6460] loop1: detected capacity change from 0 to 4096 [pid 6459] <... mkdir resumed>) = 0 [pid 6461] <... write resumed>) = 2097152 [pid 6460] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5078] <... mkdir resumed>) = 0 [pid 6459] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6461] munmap(0x7f3feae00000, 138412032 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 6461] <... munmap resumed>) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6461] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] <... ioctl resumed>) = 0 [ 274.377940][ T6460] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 274.383104][ T6459] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6461] <... openat resumed>) = 4 [pid 6460] <... mount resumed>) = 0 [pid 5076] close(3 [pid 6461] ioctl(4, LOOP_SET_FD, 3 [pid 6460] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] <... close resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6462 ./strace-static-x86_64: Process 6462 attached [pid 6462] set_robust_list(0x555556d3f660, 24) = 0 [pid 6462] chdir("./271") = 0 [pid 6462] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6462] setpgid(0, 0) = 0 [pid 6462] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6462] write(3, "1000", 4) = 4 [pid 6462] close(3) = 0 [pid 6462] symlink("/dev/binderfs", "./binderfs" [pid 6460] <... openat resumed>) = 3 [pid 6460] chdir("./file0" [pid 6462] <... symlink resumed>) = 0 [pid 6460] <... chdir resumed>) = 0 [pid 6460] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6460] exit_group(0 [pid 6461] <... ioctl resumed>) = 0 [pid 6460] <... exit_group resumed>) = ? [pid 6462] memfd_create("syzkaller", 0 [pid 6461] close(3 [pid 6460] +++ exited with 0 +++ [pid 6461] <... close resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6460, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 6461] close(4 [pid 5078] close(3 [pid 6462] <... memfd_create resumed>) = 3 [ 274.443474][ T6461] loop3: detected capacity change from 0 to 4096 [pid 6461] <... close resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 6462] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] umount2("./273", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6462] <... mmap resumed>) = 0x7f3feae00000 [pid 6461] mkdir("./file0", 0777 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6461] <... mkdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "./273", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6461] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 6463 attached [pid 5077] umount2("./273/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6463 [pid 6463] set_robust_list(0x555556d3f660, 24 [pid 5077] newfstatat(AT_FDCWD, "./273/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./273/binderfs" [pid 6463] <... set_robust_list resumed>) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 5077] umount2("./273/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6463] chdir("./275" [pid 6459] <... mount resumed>) = 0 [pid 6459] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6463] <... chdir resumed>) = 0 [pid 6459] <... openat resumed>) = 3 [pid 6459] chdir("./file0" [pid 6463] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6459] <... chdir resumed>) = 0 [pid 6463] <... prctl resumed>) = 0 [pid 6463] setpgid(0, 0 [pid 6459] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6463] <... setpgid resumed>) = 0 [pid 6459] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] <... umount2 resumed>) = 0 [pid 6459] exit_group(0 [pid 6463] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6459] <... exit_group resumed>) = ? [pid 5077] umount2("./273/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6463] <... openat resumed>) = 3 [pid 6461] <... mount resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6463] write(3, "1000", 4 [pid 5077] newfstatat(AT_FDCWD, "./273/file0", [pid 6463] <... write resumed>) = 4 [pid 6463] close(3 [pid 6461] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 274.520824][ T6461] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6459] +++ exited with 0 +++ [pid 6461] <... openat resumed>) = 3 [pid 5077] umount2("./273/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./273/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6463] <... close resumed>) = 0 [pid 6461] chdir("./file0") = 0 [pid 5077] <... openat resumed>) = 4 [pid 6463] symlink("/dev/binderfs", "./binderfs" [pid 6461] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6459, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5077] newfstatat(4, "", [pid 6461] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6463] <... symlink resumed>) = 0 [pid 5077] getdents64(4, [pid 5080] umount2("./270", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6461] exit_group(0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6461] <... exit_group resumed>) = ? [pid 5080] openat(AT_FDCWD, "./270", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] getdents64(4, [pid 5080] <... openat resumed>) = 3 [pid 5080] newfstatat(3, "", [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] close(4 [pid 5080] getdents64(3, [pid 5077] <... close resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] rmdir("./273/file0" [pid 5080] umount2("./270/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./270/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5080] unlink("./270/binderfs" [pid 6463] memfd_create("syzkaller", 0 [pid 5080] <... unlink resumed>) = 0 [pid 5077] getdents64(3, [pid 5080] umount2("./270/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3 [pid 6463] <... memfd_create resumed>) = 3 [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./273" [pid 6463] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6461] +++ exited with 0 +++ [pid 5080] <... umount2 resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6461, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5077] mkdir("./274", 0777 [pid 5080] umount2("./270/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... mkdir resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./270/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./272", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./272", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5080] umount2("./270/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... openat resumed>) = 3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(3, "", [pid 5080] openat(AT_FDCWD, "./270/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... openat resumed>) = 4 [pid 5080] newfstatat(4, "", [pid 5079] getdents64(3, [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] umount2("./272/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6462] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./270/file0" [pid 5079] newfstatat(AT_FDCWD, "./272/binderfs", [pid 5080] <... rmdir resumed>) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./270") = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./272/binderfs") = 0 [pid 5079] umount2("./272/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] mkdir("./271", 0777) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] <... umount2 resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5079] umount2("./272/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./272/file0", [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6463] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] umount2("./272/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./272/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", [pid 6462] <... write resumed>) = 2097152 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, [pid 6462] munmap(0x7f3feae00000, 138412032) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6462] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6462] ioctl(4, LOOP_SET_FD, 3 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 6462] <... ioctl resumed>) = 0 [pid 6462] close(3) = 0 [pid 6462] close(4) = 0 [pid 6462] mkdir("./file0", 0777) = 0 [pid 5079] rmdir("./272/file0" [pid 6462] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5077] <... ioctl resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5077] close(3 [pid 6463] <... write resumed>) = 2097152 [pid 5079] getdents64(3, [pid 5077] <... close resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6463] munmap(0x7f3feae00000, 138412032 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6464 [pid 5079] close(3 [pid 6463] <... munmap resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./272") = 0 [ 274.665945][ T6462] loop0: detected capacity change from 0 to 4096 [ 274.701017][ T6462] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5079] mkdir("./273", 0777) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 6464 attached [pid 6464] set_robust_list(0x555556d3f660, 24 [pid 5079] <... openat resumed>) = 3 [pid 6464] <... set_robust_list resumed>) = 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6464] chdir("./274") = 0 [pid 6464] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6463] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6464] <... prctl resumed>) = 0 [pid 6464] setpgid(0, 0 [pid 6463] <... openat resumed>) = 4 [pid 5080] <... ioctl resumed>) = 0 [pid 5080] close(3 [pid 6464] <... setpgid resumed>) = 0 [pid 6463] ioctl(4, LOOP_SET_FD, 3 [pid 6464] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5080] <... close resumed>) = 0 [pid 6464] write(3, "1000", 4 [pid 6463] <... ioctl resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6464] <... write resumed>) = 4 [pid 6463] close(3 [pid 6464] close(3 [pid 6463] <... close resumed>) = 0 [pid 6464] <... close resumed>) = 0 [pid 6463] close(4./strace-static-x86_64: Process 6465 attached [pid 6464] symlink("/dev/binderfs", "./binderfs" [pid 6463] <... close resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 6463] mkdir("./file0", 0777 [pid 6464] <... symlink resumed>) = 0 [pid 6463] <... mkdir resumed>) = 0 [pid 5079] close(3 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6465 [pid 5079] <... close resumed>) = 0 [pid 6465] set_robust_list(0x555556d3f660, 24 [pid 6464] memfd_create("syzkaller", 0 [pid 6463] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6462] <... mount resumed>) = 0 [pid 6462] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6462] chdir("./file0") = 0 [ 274.771557][ T6463] loop2: detected capacity change from 0 to 4096 [pid 6462] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6462] exit_group(0) = ? [pid 6462] +++ exited with 0 +++ ./strace-static-x86_64: Process 6466 attached [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6462, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=5 /* 0.05 s */} --- [pid 6466] set_robust_list(0x555556d3f660, 24 [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 6466] <... set_robust_list resumed>) = 0 [pid 6466] chdir("./273" [pid 5076] <... restart_syscall resumed>) = 0 [pid 5076] umount2("./271", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./271", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./271/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./271/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./271/binderfs" [pid 6466] <... chdir resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 6466] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] umount2("./271/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6466] <... prctl resumed>) = 0 [pid 6466] setpgid(0, 0 [pid 6465] <... set_robust_list resumed>) = 0 [pid 6464] <... memfd_create resumed>) = 3 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6466 [pid 5076] <... umount2 resumed>) = 0 [pid 6464] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6466] <... setpgid resumed>) = 0 [pid 6465] chdir("./271" [pid 6464] <... mmap resumed>) = 0x7f3feae00000 [pid 5076] umount2("./271/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6465] <... chdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./271/file0", [pid 6466] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./271/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6466] <... openat resumed>) = 3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6465] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] openat(AT_FDCWD, "./271/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6466] write(3, "1000", 4 [pid 5076] <... openat resumed>) = 4 [pid 6466] <... write resumed>) = 4 [pid 6465] <... prctl resumed>) = 0 [pid 5076] newfstatat(4, "", [pid 6466] close(3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6465] setpgid(0, 0 [pid 6466] <... close resumed>) = 0 [pid 6465] <... setpgid resumed>) = 0 [pid 5076] getdents64(4, [pid 6466] symlink("/dev/binderfs", "./binderfs" [pid 6465] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6466] <... symlink resumed>) = 0 [pid 5076] getdents64(4, [pid 6466] memfd_create("syzkaller", 0 [pid 6465] <... openat resumed>) = 3 [ 274.831966][ T6463] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6465] write(3, "1000", 4 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6465] <... write resumed>) = 4 [pid 6465] close(3 [pid 6463] <... mount resumed>) = 0 [pid 6466] <... memfd_create resumed>) = 3 [pid 6465] <... close resumed>) = 0 [pid 6463] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] close(4) = 0 [pid 6466] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5076] rmdir("./271/file0" [pid 6463] <... openat resumed>) = 3 [pid 6465] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6464] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6463] chdir("./file0" [pid 5076] <... rmdir resumed>) = 0 [pid 6465] memfd_create("syzkaller", 0 [pid 6463] <... chdir resumed>) = 0 [pid 5076] getdents64(3, [pid 6463] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./271" [pid 6463] exit_group(0 [pid 6465] <... memfd_create resumed>) = 3 [pid 6463] <... exit_group resumed>) = ? [pid 5076] <... rmdir resumed>) = 0 [pid 6465] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5076] mkdir("./272", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6463] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6463, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5078] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5078] umount2("./275", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./275", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, [pid 6466] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./275/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./275/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./275/binderfs") = 0 [pid 5078] umount2("./275/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6464] <... write resumed>) = 2097152 [pid 5078] <... umount2 resumed>) = 0 [pid 5078] umount2("./275/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6464] munmap(0x7f3feae00000, 138412032 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./275/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./275/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./275/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, [pid 6466] <... write resumed>) = 2097152 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./275/file0") = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./275") = 0 [pid 5078] mkdir("./276", 0777 [pid 6464] <... munmap resumed>) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 6464] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6466] munmap(0x7f3feae00000, 138412032 [pid 6465] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] <... ioctl resumed>) = 0 [pid 6464] <... openat resumed>) = 4 [pid 5078] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6466] <... munmap resumed>) = 0 [pid 6464] ioctl(4, LOOP_SET_FD, 3 [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6467 attached , child_tidptr=0x555556d3f650) = 6467 [pid 6464] <... ioctl resumed>) = 0 [pid 6467] set_robust_list(0x555556d3f660, 24 [pid 6464] close(3) = 0 [pid 6464] close(4 [pid 6467] <... set_robust_list resumed>) = 0 [pid 6464] <... close resumed>) = 0 [pid 6467] chdir("./272" [pid 6464] mkdir("./file0", 0777 [pid 6467] <... chdir resumed>) = 0 [pid 6467] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6464] <... mkdir resumed>) = 0 [pid 6467] <... prctl resumed>) = 0 [pid 6464] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6467] setpgid(0, 0) = 0 [pid 6467] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6466] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6467] write(3, "1000", 4) = 4 [pid 6466] <... openat resumed>) = 4 [pid 6465] <... write resumed>) = 2097152 [pid 6466] ioctl(4, LOOP_SET_FD, 3 [pid 6467] close(3 [pid 6465] munmap(0x7f3feae00000, 138412032) = 0 [pid 6467] <... close resumed>) = 0 [pid 6467] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6466] <... ioctl resumed>) = 0 [pid 6466] close(3) = 0 [pid 6467] memfd_create("syzkaller", 0 [ 275.041017][ T6464] loop1: detected capacity change from 0 to 4096 [ 275.060927][ T6464] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 275.082823][ T6466] loop3: detected capacity change from 0 to 4096 [pid 6466] close(4 [pid 6467] <... memfd_create resumed>) = 3 [pid 6466] <... close resumed>) = 0 [pid 6465] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6465] ioctl(4, LOOP_SET_FD, 3 [pid 6466] mkdir("./file0", 0777 [pid 6465] <... ioctl resumed>) = 0 [pid 6467] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6466] <... mkdir resumed>) = 0 [pid 6467] <... mmap resumed>) = 0x7f3feae00000 [pid 6466] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6464] <... mount resumed>) = 0 [pid 6464] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] <... ioctl resumed>) = 0 [pid 6465] close(3) = 0 [pid 6465] close(4) = 0 [pid 6465] mkdir("./file0", 0777) = 0 [pid 6465] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5078] close(3 [pid 6464] <... openat resumed>) = 3 [pid 6464] chdir("./file0" [pid 5078] <... close resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6464] <... chdir resumed>) = 0 [pid 6464] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6468 ./strace-static-x86_64: Process 6468 attached [pid 6468] set_robust_list(0x555556d3f660, 24) = 0 [pid 6468] chdir("./276") = 0 [pid 6468] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6468] setpgid(0, 0) = 0 [pid 6464] exit_group(0 [pid 6468] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6468] write(3, "1000", 4) = 4 [pid 6468] close(3) = 0 [pid 6468] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6468] memfd_create("syzkaller", 0) = 3 [pid 6468] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [ 275.111714][ T6465] loop4: detected capacity change from 0 to 4096 [ 275.137241][ T6466] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 275.151862][ T6465] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6464] <... exit_group resumed>) = ? [pid 6468] <... mmap resumed>) = 0x7f3feae00000 [pid 6464] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6464, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5077] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5077] umount2("./274", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./274", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./274/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6466] <... mount resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./274/binderfs", [pid 6466] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6466] <... openat resumed>) = 3 [pid 5077] unlink("./274/binderfs" [pid 6466] chdir("./file0" [pid 6467] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6466] <... chdir resumed>) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 6466] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5077] umount2("./274/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6466] exit_group(0) = ? [pid 6465] <... mount resumed>) = 0 [pid 6466] +++ exited with 0 +++ [pid 5077] <... umount2 resumed>) = 0 [pid 6465] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6466, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 6465] <... openat resumed>) = 3 [pid 5077] umount2("./274/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6465] chdir("./file0") = 0 [pid 5079] umount2("./273", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6465] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./274/file0", [pid 6465] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] openat(AT_FDCWD, "./273", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6465] exit_group(0 [pid 5079] <... openat resumed>) = 3 [pid 5077] umount2("./274/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6465] <... exit_group resumed>) = ? [pid 5079] newfstatat(3, "", [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6467] <... write resumed>) = 2097152 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] openat(AT_FDCWD, "./274/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] getdents64(3, [pid 6467] munmap(0x7f3feae00000, 138412032 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] <... openat resumed>) = 4 [pid 5079] umount2("./273/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] newfstatat(4, "", [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] newfstatat(AT_FDCWD, "./273/binderfs", [pid 5077] getdents64(4, [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] unlink("./273/binderfs" [pid 5077] getdents64(4, [pid 6465] +++ exited with 0 +++ [pid 5079] <... unlink resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] umount2("./273/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] close(4 [pid 6468] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6467] <... munmap resumed>) = 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6465, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=5 /* 0.05 s */} --- [pid 5079] <... umount2 resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5080] umount2("./271", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] rmdir("./274/file0" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./271", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] <... rmdir resumed>) = 0 [pid 5080] umount2("./271/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] getdents64(3, [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6467] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] newfstatat(AT_FDCWD, "./271/binderfs", [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6467] <... openat resumed>) = 4 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./273/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6467] ioctl(4, LOOP_SET_FD, 3 [pid 5080] unlink("./271/binderfs" [pid 5077] close(3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... close resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./273/file0", [pid 5077] rmdir("./274" [pid 5080] <... unlink resumed>) = 0 [pid 5080] umount2("./271/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... rmdir resumed>) = 0 [pid 5077] mkdir("./275", 0777 [pid 5080] <... umount2 resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5080] umount2("./271/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6468] <... write resumed>) = 2097152 [pid 6467] <... ioctl resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] umount2("./273/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] newfstatat(AT_FDCWD, "./271/file0", [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6468] munmap(0x7f3feae00000, 138412032 [pid 6467] close(3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] openat(AT_FDCWD, "./273/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... openat resumed>) = 3 [pid 6467] <... close resumed>) = 0 [pid 5080] umount2("./271/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6467] close(4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6468] <... munmap resumed>) = 0 [pid 6467] <... close resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./271/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... openat resumed>) = 4 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6468] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6467] mkdir("./file0", 0777 [pid 5080] <... openat resumed>) = 4 [pid 5079] newfstatat(4, "", [pid 6468] <... openat resumed>) = 4 [ 275.317640][ T6467] loop0: detected capacity change from 0 to 4096 [ 275.355518][ T6468] loop2: detected capacity change from 0 to 4096 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6467] <... mkdir resumed>) = 0 [pid 5080] newfstatat(4, "", [pid 6468] ioctl(4, LOOP_SET_FD, 3 [pid 6467] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./273/file0") = 0 [pid 6468] <... ioctl resumed>) = 0 [pid 5080] getdents64(4, [pid 5079] getdents64(3, [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./273") = 0 [pid 6468] close(3) = 0 [pid 6468] close(4) = 0 [pid 5080] getdents64(4, [pid 5079] mkdir("./274", 0777 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5080] close(4) = 0 [pid 6468] mkdir("./file0", 0777 [ 275.356140][ T6467] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5080] rmdir("./271/file0" [pid 6468] <... mkdir resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6468] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./271") = 0 [pid 5080] mkdir("./272", 0777) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5077] <... ioctl resumed>) = 0 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5077] close(3) = 0 [ 275.421874][ T6468] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6467] <... mount resumed>) = 0 [pid 6467] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6469 ./strace-static-x86_64: Process 6469 attached [pid 6469] set_robust_list(0x555556d3f660, 24) = 0 [pid 6467] <... openat resumed>) = 3 [pid 6467] chdir("./file0" [pid 6469] chdir("./275" [pid 6468] <... mount resumed>) = 0 [pid 6467] <... chdir resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 6469] <... chdir resumed>) = 0 [pid 6468] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6469] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6468] chdir("./file0" [pid 6469] setpgid(0, 0 [pid 6468] <... chdir resumed>) = 0 [pid 6468] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6469] <... setpgid resumed>) = 0 [pid 6468] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6469] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6468] exit_group(0 [pid 6469] <... openat resumed>) = 3 [pid 6468] <... exit_group resumed>) = ? [pid 6469] write(3, "1000", 4 [pid 6468] +++ exited with 0 +++ [pid 6469] <... write resumed>) = 4 [pid 6469] close(3) = 0 [pid 6469] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6468, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 6469] memfd_create("syzkaller", 0 [pid 6467] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] close(3 [pid 6469] <... memfd_create resumed>) = 3 [pid 6467] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6467] exit_group(0 [pid 5079] <... close resumed>) = 0 [pid 5078] umount2("./276", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6469] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6469] <... mmap resumed>) = 0x7f3feae00000 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6467] <... exit_group resumed>) = ? [pid 5078] openat(AT_FDCWD, "./276", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6470 [pid 6467] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6467, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- ./strace-static-x86_64: Process 6470 attached [pid 6470] set_robust_list(0x555556d3f660, 24 [pid 5078] <... openat resumed>) = 3 [pid 5076] umount2("./272", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6470] <... set_robust_list resumed>) = 0 [pid 6470] chdir("./274" [pid 5078] newfstatat(3, "", [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6470] <... chdir resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6470] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] openat(AT_FDCWD, "./272", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6470] <... prctl resumed>) = 0 [pid 5078] getdents64(3, [pid 5076] <... openat resumed>) = 3 [pid 6470] setpgid(0, 0 [pid 5076] newfstatat(3, "", [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6470] <... setpgid resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6470] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] getdents64(3, [pid 6470] <... openat resumed>) = 3 [pid 6470] write(3, "1000", 4 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6470] <... write resumed>) = 4 [pid 5076] umount2("./272/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6470] close(3) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6470] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... ioctl resumed>) = 0 [pid 5078] umount2("./276/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] newfstatat(AT_FDCWD, "./272/binderfs", [pid 6470] <... symlink resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] unlink("./272/binderfs") = 0 [pid 5076] umount2("./272/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] newfstatat(AT_FDCWD, "./276/binderfs", [pid 5080] close(3) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6469] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152./strace-static-x86_64: Process 6471 attached [pid 6470] memfd_create("syzkaller", 0 [pid 5078] unlink("./276/binderfs" [pid 5076] <... umount2 resumed>) = 0 [pid 6471] set_robust_list(0x555556d3f660, 24 [pid 5076] umount2("./272/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6471] <... set_robust_list resumed>) = 0 [pid 6470] <... memfd_create resumed>) = 3 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6471 [pid 5078] <... unlink resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6470] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] newfstatat(AT_FDCWD, "./272/file0", [pid 6470] <... mmap resumed>) = 0x7f3feae00000 [pid 6471] chdir("./272" [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6471] <... chdir resumed>) = 0 [pid 6471] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6471] setpgid(0, 0) = 0 [pid 6471] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] umount2("./276/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] umount2("./272/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6471] <... openat resumed>) = 3 [pid 6471] write(3, "1000", 4) = 4 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6471] close(3 [pid 5076] openat(AT_FDCWD, "./272/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6471] <... close resumed>) = 0 [pid 6471] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... umount2 resumed>) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5076] newfstatat(4, "", [pid 5078] umount2("./276/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] getdents64(4, [pid 6471] <... symlink resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./276/file0", [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] umount2("./276/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] close(4 [pid 6471] memfd_create("syzkaller", 0 [pid 5076] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] rmdir("./272/file0" [pid 5078] openat(AT_FDCWD, "./276/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, [pid 6471] <... memfd_create resumed>) = 3 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6471] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] <... openat resumed>) = 4 [pid 5076] close(3 [pid 6471] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] newfstatat(4, "", [pid 6470] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... close resumed>) = 0 [pid 5078] getdents64(4, [pid 5076] rmdir("./272") = 0 [pid 5076] mkdir("./273", 0777 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... mkdir resumed>) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./276/file0") = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./276") = 0 [pid 6469] <... write resumed>) = 2097152 [pid 5078] mkdir("./277", 0777 [pid 6469] munmap(0x7f3feae00000, 138412032 [pid 6471] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6469] <... munmap resumed>) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 6470] <... write resumed>) = 2097152 [pid 6469] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6470] munmap(0x7f3feae00000, 138412032 [pid 6469] <... openat resumed>) = 4 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6469] ioctl(4, LOOP_SET_FD, 3 [pid 5078] <... openat resumed>) = 3 [pid 6470] <... munmap resumed>) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6470] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6469] <... ioctl resumed>) = 0 [pid 6470] <... openat resumed>) = 4 [pid 6469] close(3 [pid 6471] <... write resumed>) = 2097152 [pid 6469] <... close resumed>) = 0 [pid 6469] close(4 [pid 6470] ioctl(4, LOOP_SET_FD, 3 [pid 6469] <... close resumed>) = 0 [pid 6471] munmap(0x7f3feae00000, 138412032 [pid 6469] mkdir("./file0", 0777) = 0 [ 275.678067][ T6469] loop1: detected capacity change from 0 to 4096 [ 275.713297][ T6470] loop3: detected capacity change from 0 to 4096 [pid 6469] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6470] <... ioctl resumed>) = 0 [pid 6471] <... munmap resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 6471] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6471] ioctl(4, LOOP_SET_FD, 3 [pid 5076] close(3 [pid 6470] close(3) = 0 [pid 6470] close(4) = 0 [pid 5076] <... close resumed>) = 0 [pid 6471] <... ioctl resumed>) = 0 [pid 6470] mkdir("./file0", 0777 [pid 5078] <... ioctl resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6471] close(3 [pid 5078] close(3 [pid 6470] <... mkdir resumed>) = 0 [pid 6470] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6472 [pid 6471] <... close resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 6471] close(4 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6473 attached ./strace-static-x86_64: Process 6472 attached [pid 6471] <... close resumed>) = 0 [pid 6472] set_robust_list(0x555556d3f660, 24 [pid 6471] mkdir("./file0", 0777 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6473 [pid 6473] set_robust_list(0x555556d3f660, 24) = 0 [pid 6472] <... set_robust_list resumed>) = 0 [pid 6473] chdir("./277" [pid 6472] chdir("./273" [pid 6473] <... chdir resumed>) = 0 [pid 6472] <... chdir resumed>) = 0 [pid 6473] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6472] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6473] <... prctl resumed>) = 0 [pid 6472] <... prctl resumed>) = 0 [pid 6473] setpgid(0, 0 [pid 6472] setpgid(0, 0 [pid 6473] <... setpgid resumed>) = 0 [pid 6472] <... setpgid resumed>) = 0 [pid 6473] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6472] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6473] write(3, "1000", 4 [pid 6469] <... mount resumed>) = 0 [pid 6473] <... write resumed>) = 4 [ 275.737721][ T6469] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 275.757760][ T6471] loop4: detected capacity change from 0 to 4096 [ 275.778518][ T6470] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6473] close(3 [pid 6472] <... openat resumed>) = 3 [pid 6471] <... mkdir resumed>) = 0 [pid 6469] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6473] <... close resumed>) = 0 [pid 6472] write(3, "1000", 4 [pid 6471] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6473] symlink("/dev/binderfs", "./binderfs" [pid 6472] <... write resumed>) = 4 [pid 6472] close(3) = 0 [pid 6473] <... symlink resumed>) = 0 [pid 6472] symlink("/dev/binderfs", "./binderfs" [pid 6469] <... openat resumed>) = 3 [pid 6472] <... symlink resumed>) = 0 [pid 6472] memfd_create("syzkaller", 0 [pid 6469] chdir("./file0") = 0 [pid 6472] <... memfd_create resumed>) = 3 [pid 6469] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6472] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6469] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6472] <... mmap resumed>) = 0x7f3feae00000 [pid 6473] memfd_create("syzkaller", 0 [pid 6469] exit_group(0 [pid 6473] <... memfd_create resumed>) = 3 [pid 6469] <... exit_group resumed>) = ? [pid 6473] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6469] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6469, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=8 /* 0.08 s */} --- [pid 5077] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5077] umount2("./275", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./275", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 275.824525][ T6471] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./275/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./275/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./275/binderfs") = 0 [pid 5077] umount2("./275/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5077] umount2("./275/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./275/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./275/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./275/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6470] <... mount resumed>) = 0 [pid 5077] getdents64(4, [pid 6470] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6472] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6470] <... openat resumed>) = 3 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, [pid 6470] chdir("./file0" [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6470] <... chdir resumed>) = 0 [pid 5077] close(4 [pid 6470] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... close resumed>) = 0 [pid 6470] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] rmdir("./275/file0" [pid 6470] exit_group(0 [pid 6473] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6471] <... mount resumed>) = 0 [pid 6470] <... exit_group resumed>) = ? [pid 5077] <... rmdir resumed>) = 0 [pid 5077] getdents64(3, [pid 6470] +++ exited with 0 +++ [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6471] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5077] close(3 [pid 6471] <... openat resumed>) = 3 [pid 6471] chdir("./file0") = 0 [pid 6471] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6471] exit_group(0) = ? [pid 6471] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6470, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./275" [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6471, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [pid 5077] <... rmdir resumed>) = 0 [pid 5077] mkdir("./276", 0777 [pid 5080] umount2("./272", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./272", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] <... mkdir resumed>) = 0 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./274", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] umount2("./272/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./272/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5080] unlink("./272/binderfs") = 0 [pid 5080] umount2("./272/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5079] openat(AT_FDCWD, "./274", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] <... umount2 resumed>) = 0 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, [pid 5080] umount2("./272/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6473] <... write resumed>) = 2097152 [pid 6472] <... write resumed>) = 2097152 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] umount2("./274/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6473] munmap(0x7f3feae00000, 138412032 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6472] munmap(0x7f3feae00000, 138412032 [pid 5080] newfstatat(AT_FDCWD, "./272/file0", [pid 6472] <... munmap resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] newfstatat(AT_FDCWD, "./274/binderfs", [pid 5080] umount2("./272/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./272/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6473] <... munmap resumed>) = 0 [pid 6472] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./274/binderfs" [pid 6473] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6472] <... openat resumed>) = 4 [pid 5080] newfstatat(4, "", [pid 5077] <... ioctl resumed>) = 0 [pid 6472] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 5077] close(3) = 0 [pid 6473] <... openat resumed>) = 4 [pid 6472] <... ioctl resumed>) = 0 [pid 5080] getdents64(4, [pid 5079] umount2("./274/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6473] ioctl(4, LOOP_SET_FD, 3 [pid 6472] close(3 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./272/file0") = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./272" [pid 6472] <... close resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5080] mkdir("./273", 0777 [pid 6472] close(4) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6474 [pid 6472] mkdir("./file0", 0777./strace-static-x86_64: Process 6474 attached [pid 6474] set_robust_list(0x555556d3f660, 24) = 0 [pid 6474] chdir("./276" [pid 6473] <... ioctl resumed>) = 0 [pid 6472] <... mkdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] umount2("./274/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6472] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5080] <... openat resumed>) = 3 [pid 6474] <... chdir resumed>) = 0 [pid 6473] close(3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6474] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6473] <... close resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./274/file0", [pid 6474] <... prctl resumed>) = 0 [pid 6473] close(4 [pid 6474] setpgid(0, 0 [pid 6473] <... close resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6474] <... setpgid resumed>) = 0 [pid 6473] mkdir("./file0", 0777 [pid 5079] umount2("./274/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6474] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6473] <... mkdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 276.034227][ T6472] loop0: detected capacity change from 0 to 4096 [ 276.052682][ T6473] loop2: detected capacity change from 0 to 4096 [pid 6474] <... openat resumed>) = 3 [pid 5079] openat(AT_FDCWD, "./274/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", [pid 6474] write(3, "1000", 4 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6474] <... write resumed>) = 4 [pid 6473] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6474] close(3 [pid 5079] getdents64(4, [pid 6474] <... close resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6474] symlink("/dev/binderfs", "./binderfs" [pid 5079] getdents64(4, [pid 6474] <... symlink resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 6474] memfd_create("syzkaller", 0 [pid 5079] rmdir("./274/file0") = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./274" [pid 6474] <... memfd_create resumed>) = 3 [pid 5079] <... rmdir resumed>) = 0 [pid 6474] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5079] mkdir("./275", 0777) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [ 276.082102][ T6472] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 276.100124][ T6473] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6473] <... mount resumed>) = 0 [pid 6473] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6472] <... mount resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 6473] chdir("./file0" [pid 6472] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6473] <... chdir resumed>) = 0 [pid 6473] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6472] <... openat resumed>) = 3 [pid 6472] chdir("./file0") = 0 [pid 6473] exit_group(0 [pid 6472] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6473] <... exit_group resumed>) = ? [pid 6472] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] close(3 [pid 6472] exit_group(0 [pid 5080] <... close resumed>) = 0 [pid 6474] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6473] +++ exited with 0 +++ [pid 6472] <... exit_group resumed>) = ? [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6472] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6473, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6472, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- ./strace-static-x86_64: Process 6475 attached [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6475 [pid 5079] <... ioctl resumed>) = 0 [pid 6475] set_robust_list(0x555556d3f660, 24 [pid 5078] umount2("./277", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./273", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] openat(AT_FDCWD, "./277", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... openat resumed>) = 3 [pid 5078] newfstatat(3, "", [pid 5076] openat(AT_FDCWD, "./273", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6475] <... set_robust_list resumed>) = 0 [pid 5079] close(3 [pid 5078] getdents64(3, [pid 5076] <... openat resumed>) = 3 [pid 6475] chdir("./273" [pid 5079] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] newfstatat(3, "", [pid 6475] <... chdir resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] umount2("./277/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6475] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6476 attached [pid 6475] <... prctl resumed>) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6476 [pid 5078] newfstatat(AT_FDCWD, "./277/binderfs", [pid 5076] getdents64(3, [pid 6476] set_robust_list(0x555556d3f660, 24 [pid 6475] setpgid(0, 0 [pid 6476] <... set_robust_list resumed>) = 0 [pid 6475] <... setpgid resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6476] chdir("./275" [pid 6475] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] unlink("./277/binderfs" [pid 5076] umount2("./273/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6476] <... chdir resumed>) = 0 [pid 6475] <... openat resumed>) = 3 [pid 5078] <... unlink resumed>) = 0 [pid 6476] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6475] write(3, "1000", 4 [pid 5078] umount2("./277/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6476] <... prctl resumed>) = 0 [pid 6475] <... write resumed>) = 4 [pid 5076] newfstatat(AT_FDCWD, "./273/binderfs", [pid 6476] setpgid(0, 0 [pid 6475] close(3 [pid 6476] <... setpgid resumed>) = 0 [pid 6475] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./277/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] unlink("./273/binderfs" [pid 6475] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... unlink resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./277/file0", [pid 5076] umount2("./273/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6475] <... symlink resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./277/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6476] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6475] memfd_create("syzkaller", 0 [pid 6474] <... write resumed>) = 2097152 [pid 5076] <... umount2 resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./277/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] umount2("./273/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6476] <... openat resumed>) = 3 [pid 5078] <... openat resumed>) = 4 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6474] munmap(0x7f3feae00000, 138412032 [pid 6476] write(3, "1000", 4 [pid 5078] newfstatat(4, "", [pid 5076] newfstatat(AT_FDCWD, "./273/file0", [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] getdents64(4, [pid 5076] umount2("./273/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6476] <... write resumed>) = 4 [pid 6475] <... memfd_create resumed>) = 3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6476] close(3 [pid 6475] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6476] <... close resumed>) = 0 [pid 6475] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] getdents64(4, [pid 5076] openat(AT_FDCWD, "./273/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6476] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5078] close(4) = 0 [pid 5076] newfstatat(4, "", [pid 5078] rmdir("./277/file0" [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6476] <... symlink resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] getdents64(3, [pid 5076] close(4 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] <... close resumed>) = 0 [pid 5078] close(3 [pid 5076] rmdir("./273/file0" [pid 5078] <... close resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5078] rmdir("./277") = 0 [pid 5076] getdents64(3, [pid 5078] mkdir("./278", 0777 [pid 6476] memfd_create("syzkaller", 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6476] <... memfd_create resumed>) = 3 [pid 6474] <... munmap resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6476] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6474] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] close(3 [pid 6476] <... mmap resumed>) = 0x7f3feae00000 [pid 6474] <... openat resumed>) = 4 [pid 6474] ioctl(4, LOOP_SET_FD, 3 [pid 5078] <... openat resumed>) = 3 [pid 5076] <... close resumed>) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] rmdir("./273") = 0 [pid 5076] mkdir("./274", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6474] <... ioctl resumed>) = 0 [pid 6475] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6476] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6474] close(3) = 0 [pid 6474] close(4) = 0 [ 276.326279][ T6474] loop1: detected capacity change from 0 to 4096 [pid 6474] mkdir("./file0", 0777) = 0 [pid 6474] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5078] <... ioctl resumed>) = 0 [pid 6476] <... write resumed>) = 2097152 [pid 5076] <... ioctl resumed>) = 0 [pid 6476] munmap(0x7f3feae00000, 138412032 [pid 6475] <... write resumed>) = 2097152 [pid 5078] close(3 [pid 5076] close(3 [pid 5078] <... close resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [ 276.390972][ T6474] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6475] munmap(0x7f3feae00000, 138412032) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6478 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6477 ./strace-static-x86_64: Process 6477 attached [pid 6477] set_robust_list(0x555556d3f660, 24 [pid 6476] <... munmap resumed>) = 0 [pid 6477] <... set_robust_list resumed>) = 0 [pid 6477] chdir("./278" [pid 6476] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6477] <... chdir resumed>) = 0 [pid 6476] <... openat resumed>) = 4 [pid 6475] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6477] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6476] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 6478 attached [pid 6477] <... prctl resumed>) = 0 [pid 6475] <... openat resumed>) = 4 [pid 6474] <... mount resumed>) = 0 [pid 6478] set_robust_list(0x555556d3f660, 24 [pid 6474] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6477] setpgid(0, 0) = 0 [pid 6475] ioctl(4, LOOP_SET_FD, 3 [pid 6478] <... set_robust_list resumed>) = 0 [pid 6474] chdir("./file0") = 0 [pid 6477] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6478] chdir("./274" [pid 6476] <... ioctl resumed>) = 0 [pid 6475] <... ioctl resumed>) = 0 [pid 6477] <... openat resumed>) = 3 [pid 6478] <... chdir resumed>) = 0 [pid 6476] close(3 [pid 6474] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6477] write(3, "1000", 4 [pid 6476] <... close resumed>) = 0 [pid 6477] <... write resumed>) = 4 [pid 6476] close(4 [pid 6477] close(3 [pid 6476] <... close resumed>) = 0 [pid 6474] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6477] <... close resumed>) = 0 [pid 6478] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6476] mkdir("./file0", 0777 [pid 6474] exit_group(0 [pid 6477] symlink("/dev/binderfs", "./binderfs" [pid 6478] <... prctl resumed>) = 0 [pid 6476] <... mkdir resumed>) = 0 [pid 6475] close(3 [pid 6477] <... symlink resumed>) = 0 [pid 6478] setpgid(0, 0 [ 276.467457][ T6476] loop3: detected capacity change from 0 to 4096 [ 276.478551][ T6475] loop4: detected capacity change from 0 to 4096 [pid 6476] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6475] <... close resumed>) = 0 [pid 6474] <... exit_group resumed>) = ? [pid 6477] memfd_create("syzkaller", 0 [pid 6478] <... setpgid resumed>) = 0 [pid 6478] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6475] close(4 [pid 6474] +++ exited with 0 +++ [pid 6475] <... close resumed>) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6474, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 6477] <... memfd_create resumed>) = 3 [pid 6477] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5077] umount2("./276", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6478] <... openat resumed>) = 3 [pid 6475] mkdir("./file0", 0777 [pid 5077] openat(AT_FDCWD, "./276", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6475] <... mkdir resumed>) = 0 [pid 6478] write(3, "1000", 4 [pid 6475] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./276/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./276/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./276/binderfs") = 0 [pid 5077] umount2("./276/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6478] <... write resumed>) = 4 [pid 5077] <... umount2 resumed>) = 0 [pid 6478] close(3) = 0 [pid 6478] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5077] umount2("./276/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6478] memfd_create("syzkaller", 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./276/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./276/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./276/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", [pid 6478] <... memfd_create resumed>) = 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6478] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] getdents64(4, [pid 6478] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./276/file0") = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [ 276.510152][ T6476] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 276.534197][ T6475] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5077] rmdir("./276") = 0 [pid 5077] mkdir("./277", 0777) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6475] <... mount resumed>) = 0 [pid 6475] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6477] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6475] <... openat resumed>) = 3 [pid 6475] chdir("./file0") = 0 [pid 6475] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6475] exit_group(0) = ? [pid 6476] <... mount resumed>) = 0 [pid 6476] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6476] chdir("./file0") = 0 [pid 6476] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6476] exit_group(0 [pid 6475] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6475, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 6476] <... exit_group resumed>) = ? [pid 6478] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] umount2("./273", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./273", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", [pid 6477] <... write resumed>) = 2097152 [pid 6476] +++ exited with 0 +++ [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5080] getdents64(3, [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6476, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5079] umount2("./275", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./275", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] <... openat resumed>) = 3 [pid 5079] newfstatat(3, "", [pid 5077] close(3 [pid 5080] umount2("./273/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] newfstatat(AT_FDCWD, "./273/binderfs", [pid 5079] umount2("./275/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... close resumed>) = 0 [pid 6477] munmap(0x7f3feae00000, 138412032 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6477] <... munmap resumed>) = 0 [pid 5080] unlink("./273/binderfs" [pid 5079] newfstatat(AT_FDCWD, "./275/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./275/binderfs" [pid 5080] <... unlink resumed>) = 0 [pid 5080] umount2("./273/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... unlink resumed>) = 0 [pid 5079] umount2("./275/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6477] openat(AT_FDCWD, "/dev/loop2", O_RDWR./strace-static-x86_64: Process 6479 attached [pid 6478] <... write resumed>) = 2097152 [pid 5080] <... umount2 resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 6479] set_robust_list(0x555556d3f660, 24) = 0 [pid 6477] <... openat resumed>) = 4 [pid 6478] munmap(0x7f3feae00000, 138412032 [pid 5080] umount2("./273/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] umount2("./275/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6479 [pid 6477] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6479] chdir("./277") = 0 [pid 6478] <... munmap resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./273/file0", [pid 5079] newfstatat(AT_FDCWD, "./275/file0", [pid 6479] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6477] <... ioctl resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6478] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6479] setpgid(0, 0 [pid 6477] close(3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./275/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6479] <... setpgid resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6479] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6479] write(3, "1000", 4) = 4 [pid 6479] close(3) = 0 [pid 6479] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6479] memfd_create("syzkaller", 0 [pid 6477] <... close resumed>) = 0 [pid 6478] <... openat resumed>) = 4 [pid 5080] umount2("./273/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] openat(AT_FDCWD, "./275/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6477] close(4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6479] <... memfd_create resumed>) = 3 [pid 6477] <... close resumed>) = 0 [pid 6478] ioctl(4, LOOP_SET_FD, 3 [pid 5080] openat(AT_FDCWD, "./273/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... openat resumed>) = 4 [pid 6479] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6477] mkdir("./file0", 0777 [pid 6478] <... ioctl resumed>) = 0 [pid 5080] <... openat resumed>) = 4 [pid 5079] newfstatat(4, "", [pid 6479] <... mmap resumed>) = 0x7f3feae00000 [pid 6477] <... mkdir resumed>) = 0 [pid 5080] newfstatat(4, "", [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6477] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6478] close(3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, [pid 6478] <... close resumed>) = 0 [ 276.730498][ T6477] loop2: detected capacity change from 0 to 4096 [ 276.761945][ T6478] loop0: detected capacity change from 0 to 4096 [pid 6478] close(4 [pid 5080] getdents64(4, [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6478] <... close resumed>) = 0 [pid 6478] mkdir("./file0", 0777) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, [pid 5079] getdents64(4, [pid 6478] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4 [pid 5079] close(4 [pid 5080] <... close resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 6479] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] rmdir("./273/file0") = 0 [pid 5079] rmdir("./275/file0" [pid 5080] getdents64(3, [pid 5079] <... rmdir resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] getdents64(3, [pid 5080] close(3 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] <... close resumed>) = 0 [pid 5079] close(3) = 0 [pid 5080] rmdir("./273" [pid 5079] rmdir("./275" [pid 5080] <... rmdir resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5080] mkdir("./274", 0777 [pid 5079] mkdir("./276", 0777 [pid 5080] <... mkdir resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] <... openat resumed>) = 3 [pid 5079] <... openat resumed>) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [ 276.786511][ T6477] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 276.809765][ T6478] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6477] <... mount resumed>) = 0 [pid 6477] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6477] chdir("./file0") = 0 [pid 6477] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6479] <... write resumed>) = 2097152 [pid 6479] munmap(0x7f3feae00000, 138412032 [pid 6477] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6477] exit_group(0 [pid 5080] <... ioctl resumed>) = 0 [pid 6477] <... exit_group resumed>) = ? [pid 5080] close(3 [pid 6478] <... mount resumed>) = 0 [pid 6479] <... munmap resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6479] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6478] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6479] <... openat resumed>) = 4 [pid 6477] +++ exited with 0 +++ [pid 6478] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6480 attached [pid 6478] chdir("./file0" [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6480 [pid 6478] <... chdir resumed>) = 0 [pid 6478] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6480] set_robust_list(0x555556d3f660, 24 [pid 6479] ioctl(4, LOOP_SET_FD, 3 [pid 6478] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6480] <... set_robust_list resumed>) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6477, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5079] <... ioctl resumed>) = 0 [pid 6478] exit_group(0 [pid 6480] chdir("./274" [pid 5078] umount2("./278", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6480] <... chdir resumed>) = 0 [pid 6478] <... exit_group resumed>) = ? [pid 5079] close(3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6480] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... close resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./278", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... openat resumed>) = 3 [pid 6479] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 6481 attached [pid 6480] <... prctl resumed>) = 0 [pid 6478] +++ exited with 0 +++ [pid 5078] newfstatat(3, "", [pid 6480] setpgid(0, 0 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6481 [pid 6481] set_robust_list(0x555556d3f660, 24 [pid 6480] <... setpgid resumed>) = 0 [pid 6479] close(3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6478, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 6481] <... set_robust_list resumed>) = 0 [pid 6479] <... close resumed>) = 0 [pid 6481] chdir("./276" [pid 6480] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6479] close(4 [pid 5078] getdents64(3, [pid 6481] <... chdir resumed>) = 0 [pid 5076] umount2("./274", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6481] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6481] <... prctl resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./274", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", [pid 6481] setpgid(0, 0 [pid 6479] <... close resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./274/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] umount2("./278/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] newfstatat(AT_FDCWD, "./274/binderfs", [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6480] <... openat resumed>) = 3 [pid 5078] newfstatat(AT_FDCWD, "./278/binderfs", [pid 5076] unlink("./274/binderfs" [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5078] unlink("./278/binderfs") = 0 [pid 6481] <... setpgid resumed>) = 0 [pid 6480] write(3, "1000", 4 [pid 5078] umount2("./278/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] umount2("./274/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6481] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6480] <... write resumed>) = 4 [pid 6479] mkdir("./file0", 0777 [pid 6480] close(3 [pid 6481] <... openat resumed>) = 3 [pid 6480] <... close resumed>) = 0 [pid 6480] symlink("/dev/binderfs", "./binderfs" [pid 6481] write(3, "1000", 4 [pid 6480] <... symlink resumed>) = 0 [pid 6479] <... mkdir resumed>) = 0 [ 276.933074][ T6479] loop1: detected capacity change from 0 to 4096 [pid 6481] <... write resumed>) = 4 [pid 6479] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6481] close(3) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5076] umount2("./274/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6480] memfd_create("syzkaller", 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6480] <... memfd_create resumed>) = 3 [pid 5076] newfstatat(AT_FDCWD, "./274/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6480] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5076] umount2("./274/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6481] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./274/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, [pid 6481] memfd_create("syzkaller", 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, [pid 5078] umount2("./278/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] close(4 [pid 5078] newfstatat(AT_FDCWD, "./278/file0", [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./274/file0" [pid 6481] <... memfd_create resumed>) = 3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 6481] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5078] umount2("./278/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] getdents64(3, [pid 5078] openat(AT_FDCWD, "./278/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] <... openat resumed>) = 4 [pid 5076] close(3 [pid 5078] newfstatat(4, "", [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./274" [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./278/file0") = 0 [pid 5078] getdents64(3, [pid 5076] mkdir("./275", 0777) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./278") = 0 [ 276.990729][ T6479] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5078] mkdir("./279", 0777) = 0 [pid 6480] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6479] <... mount resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6479] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] <... openat resumed>) = 3 [pid 6479] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6479] chdir("./file0") = 0 [pid 6479] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6479] exit_group(0) = ? [pid 6479] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6479, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5077] umount2("./277", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6481] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./277", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./277/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./277/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./277/binderfs") = 0 [pid 5077] umount2("./277/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5077] umount2("./277/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./277/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./277/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./277/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6480] <... write resumed>) = 2097152 [pid 5077] getdents64(4, [pid 6480] munmap(0x7f3feae00000, 138412032 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6480] <... munmap resumed>) = 0 [pid 5077] close(4) = 0 [pid 6480] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5077] rmdir("./277/file0" [pid 6480] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 5077] getdents64(3, [pid 6480] close(3 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6480] <... close resumed>) = 0 [pid 6480] close(4 [pid 5077] close(3) = 0 [pid 5077] rmdir("./277" [pid 6480] <... close resumed>) = 0 [pid 6480] mkdir("./file0", 0777 [pid 5077] <... rmdir resumed>) = 0 [pid 6480] <... mkdir resumed>) = 0 [pid 5077] mkdir("./278", 0777 [pid 5076] close(3 [pid 6480] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5076] <... close resumed>) = 0 [pid 6481] <... write resumed>) = 2097152 [pid 5078] <... ioctl resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6481] munmap(0x7f3feae00000, 138412032./strace-static-x86_64: Process 6482 attached [pid 6482] set_robust_list(0x555556d3f660, 24 [pid 5077] <... openat resumed>) = 3 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6482 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6482] <... set_robust_list resumed>) = 0 [pid 6482] chdir("./275") = 0 [pid 6482] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6482] setpgid(0, 0 [pid 5078] close(3 [pid 6482] <... setpgid resumed>) = 0 [pid 6482] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6481] <... munmap resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6482] <... openat resumed>) = 3 [pid 6482] write(3, "1000", 4) = 4 [pid 6482] close(3) = 0 [pid 6482] symlink("/dev/binderfs", "./binderfs") = 0 ./strace-static-x86_64: Process 6483 attached [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6483 [pid 6483] set_robust_list(0x555556d3f660, 24 [pid 6482] memfd_create("syzkaller", 0 [pid 6481] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6483] <... set_robust_list resumed>) = 0 [pid 6483] chdir("./279" [pid 6481] <... openat resumed>) = 4 [pid 6483] <... chdir resumed>) = 0 [pid 6481] ioctl(4, LOOP_SET_FD, 3 [ 277.131694][ T6480] loop4: detected capacity change from 0 to 4096 [ 277.157919][ T6480] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6483] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6482] <... memfd_create resumed>) = 3 [pid 6482] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6483] setpgid(0, 0 [pid 6482] <... mmap resumed>) = 0x7f3feae00000 [pid 6483] <... setpgid resumed>) = 0 [pid 6481] <... ioctl resumed>) = 0 [pid 6483] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6481] close(3) = 0 [pid 6481] close(4) = 0 [pid 6481] mkdir("./file0", 0777) = 0 [pid 6480] <... mount resumed>) = 0 [pid 6480] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6483] write(3, "1000", 4 [pid 6481] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6480] <... openat resumed>) = 3 [pid 6480] chdir("./file0") = 0 [pid 6480] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [ 277.206095][ T6481] loop3: detected capacity change from 0 to 4096 [pid 6480] exit_group(0) = ? [pid 6480] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6480, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 6483] <... write resumed>) = 4 [pid 6483] close(3 [pid 5080] umount2("./274", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6483] <... close resumed>) = 0 [pid 6483] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./274", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6483] <... symlink resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5077] <... ioctl resumed>) = 0 [pid 5080] newfstatat(3, "", [pid 6483] memfd_create("syzkaller", 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./274/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./274/binderfs", [pid 6483] <... memfd_create resumed>) = 3 [pid 6483] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6483] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] unlink("./274/binderfs" [pid 5077] close(3 [pid 5080] <... unlink resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5080] umount2("./274/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 277.264329][ T6481] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6484 ./strace-static-x86_64: Process 6484 attached [pid 5080] <... umount2 resumed>) = 0 [pid 6484] set_robust_list(0x555556d3f660, 24 [pid 5080] umount2("./274/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6482] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6484] <... set_robust_list resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./274/file0", [pid 6484] chdir("./278" [pid 6481] <... mount resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6484] <... chdir resumed>) = 0 [pid 5080] umount2("./274/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6484] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6484] <... prctl resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./274/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6484] setpgid(0, 0) = 0 [pid 6481] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... openat resumed>) = 4 [pid 6484] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6481] <... openat resumed>) = 3 [pid 5080] newfstatat(4, "", [pid 6484] <... openat resumed>) = 3 [pid 6481] chdir("./file0" [pid 6484] write(3, "1000", 4 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6484] <... write resumed>) = 4 [pid 6484] close(3 [pid 5080] getdents64(4, [pid 6484] <... close resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6484] symlink("/dev/binderfs", "./binderfs" [pid 5080] getdents64(4, [pid 6481] <... chdir resumed>) = 0 [pid 6481] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6484] <... symlink resumed>) = 0 [pid 6481] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 6481] exit_group(0 [pid 5080] rmdir("./274/file0" [pid 6481] <... exit_group resumed>) = ? [pid 5080] <... rmdir resumed>) = 0 [pid 6484] memfd_create("syzkaller", 0 [pid 6481] +++ exited with 0 +++ [pid 5080] getdents64(3, [pid 6484] <... memfd_create resumed>) = 3 [pid 6483] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6484] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] close(3 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6481, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 6484] <... mmap resumed>) = 0x7f3feae00000 [pid 5079] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5079] umount2("./276", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./276", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] rmdir("./274" [pid 5079] <... openat resumed>) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, [pid 6482] <... write resumed>) = 2097152 [pid 5080] <... rmdir resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6482] munmap(0x7f3feae00000, 138412032 [pid 5080] mkdir("./275", 0777 [pid 5079] umount2("./276/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] <... mkdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] newfstatat(AT_FDCWD, "./276/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./276/binderfs") = 0 [pid 5079] umount2("./276/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... openat resumed>) = 3 [pid 5079] <... umount2 resumed>) = 0 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5079] umount2("./276/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./276/file0", [pid 6483] <... write resumed>) = 2097152 [pid 6482] <... munmap resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6483] munmap(0x7f3feae00000, 138412032 [pid 6482] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] umount2("./276/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./276/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", [pid 6482] <... openat resumed>) = 4 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, [pid 6482] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6483] <... munmap resumed>) = 0 [pid 6484] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6482] <... ioctl resumed>) = 0 [pid 5079] getdents64(4, [pid 6482] close(3 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4 [pid 6482] <... close resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 6483] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6482] close(4 [pid 5079] rmdir("./276/file0" [pid 6483] <... openat resumed>) = 4 [pid 6482] <... close resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 6483] ioctl(4, LOOP_SET_FD, 3 [pid 5079] getdents64(3, [pid 6482] mkdir("./file0", 0777) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [ 277.441509][ T6482] loop0: detected capacity change from 0 to 4096 [ 277.480844][ T6483] loop2: detected capacity change from 0 to 4096 [pid 5079] close(3 [pid 6482] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./276") = 0 [pid 5079] mkdir("./277", 0777) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6483] <... ioctl resumed>) = 0 [pid 6483] close(3 [pid 5080] <... ioctl resumed>) = 0 [pid 6483] <... close resumed>) = 0 [pid 6483] close(4 [pid 5080] close(3 [pid 6483] <... close resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 6484] <... write resumed>) = 2097152 [pid 6484] munmap(0x7f3feae00000, 138412032 [pid 6483] mkdir("./file0", 0777 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6484] <... munmap resumed>) = 0 [pid 6483] <... mkdir resumed>) = 0 [ 277.494302][ T6482] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6483] mount("/dev/loop2", "./file0", "ntfs3", 0, ""./strace-static-x86_64: Process 6485 attached [pid 6484] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6485 [pid 6485] set_robust_list(0x555556d3f660, 24) = 0 [pid 6484] <... openat resumed>) = 4 [pid 6485] chdir("./275" [pid 6484] ioctl(4, LOOP_SET_FD, 3 [pid 6485] <... chdir resumed>) = 0 [pid 6485] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... ioctl resumed>) = 0 [pid 6485] <... prctl resumed>) = 0 [pid 6485] setpgid(0, 0 [pid 5079] close(3 [pid 6485] <... setpgid resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 6485] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6485] write(3, "1000", 4) = 4 [pid 6485] close(3./strace-static-x86_64: Process 6486 attached ) = 0 [pid 6484] <... ioctl resumed>) = 0 [pid 6482] <... mount resumed>) = 0 [pid 6486] set_robust_list(0x555556d3f660, 24 [pid 6485] symlink("/dev/binderfs", "./binderfs" [pid 6484] close(3 [pid 6482] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6486 [pid 6486] <... set_robust_list resumed>) = 0 [pid 6482] <... openat resumed>) = 3 [pid 6485] <... symlink resumed>) = 0 [pid 6484] <... close resumed>) = 0 [pid 6486] chdir("./277" [pid 6482] chdir("./file0" [pid 6486] <... chdir resumed>) = 0 [pid 6482] <... chdir resumed>) = 0 [pid 6485] memfd_create("syzkaller", 0 [pid 6484] close(4 [pid 6486] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6484] <... close resumed>) = 0 [pid 6482] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6486] <... prctl resumed>) = 0 [pid 6482] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6486] setpgid(0, 0 [pid 6482] exit_group(0 [pid 6486] <... setpgid resumed>) = 0 [pid 6486] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6482] <... exit_group resumed>) = ? [pid 6486] <... openat resumed>) = 3 [pid 6485] <... memfd_create resumed>) = 3 [ 277.554310][ T6483] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 277.566186][ T6484] loop1: detected capacity change from 0 to 4096 [pid 6484] mkdir("./file0", 0777 [pid 6486] write(3, "1000", 4 [pid 6485] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6484] <... mkdir resumed>) = 0 [pid 6482] +++ exited with 0 +++ [pid 6486] <... write resumed>) = 4 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6482, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=8 /* 0.08 s */} --- [pid 6486] close(3) = 0 [pid 6486] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5076] umount2("./275", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6485] <... mmap resumed>) = 0x7f3feae00000 [pid 6486] memfd_create("syzkaller", 0 [pid 5076] openat(AT_FDCWD, "./275", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./275/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./275/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6484] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5076] unlink("./275/binderfs" [pid 6486] <... memfd_create resumed>) = 3 [pid 5076] <... unlink resumed>) = 0 [pid 6486] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5076] umount2("./275/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 6483] <... mount resumed>) = 0 [pid 5076] umount2("./275/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6483] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] newfstatat(AT_FDCWD, "./275/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./275/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6483] <... openat resumed>) = 3 [pid 5076] openat(AT_FDCWD, "./275/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./275/file0") = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./275" [pid 6483] chdir("./file0" [pid 5076] <... rmdir resumed>) = 0 [pid 6483] <... chdir resumed>) = 0 [pid 5076] mkdir("./276", 0777 [pid 6483] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5076] <... mkdir resumed>) = 0 [pid 6483] exit_group(0) = ? [pid 6483] +++ exited with 0 +++ [ 277.639246][ T6484] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6483, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5076] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5078] umount2("./279", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./279", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./279/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./279/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./279/binderfs") = 0 [pid 5078] umount2("./279/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6485] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] <... umount2 resumed>) = 0 [pid 5078] umount2("./279/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./279/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./279/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./279/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, [pid 6486] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./279/file0" [pid 6484] <... mount resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 6484] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./279") = 0 [pid 5078] mkdir("./280", 0777) = 0 [pid 6484] chdir("./file0") = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6484] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5076] <... ioctl resumed>) = 0 [pid 6484] exit_group(0) = ? [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6484] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6484, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6487 [pid 5077] umount2("./278", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./278", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./278/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6487 attached ) = -1 EINVAL (Invalid argument) [pid 6487] set_robust_list(0x555556d3f660, 24 [pid 5077] newfstatat(AT_FDCWD, "./278/binderfs", [pid 6487] <... set_robust_list resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6487] chdir("./276") = 0 [pid 5077] unlink("./278/binderfs" [pid 6487] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] <... unlink resumed>) = 0 [pid 6487] <... prctl resumed>) = 0 [pid 5077] umount2("./278/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6487] setpgid(0, 0) = 0 [pid 6487] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6485] <... write resumed>) = 2097152 [pid 5077] <... umount2 resumed>) = 0 [pid 6485] munmap(0x7f3feae00000, 138412032 [pid 6487] <... openat resumed>) = 3 [pid 5077] umount2("./278/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6487] write(3, "1000", 4 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6487] <... write resumed>) = 4 [pid 5077] newfstatat(AT_FDCWD, "./278/file0", [pid 6487] close(3) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6487] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6487] memfd_create("syzkaller", 0 [pid 6485] <... munmap resumed>) = 0 [pid 6487] <... memfd_create resumed>) = 3 [pid 5077] umount2("./278/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./278/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6487] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] <... openat resumed>) = 4 [pid 6487] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] newfstatat(4, "", [pid 6485] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6486] <... write resumed>) = 2097152 [pid 6485] <... openat resumed>) = 4 [pid 5077] getdents64(4, [pid 6485] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./278/file0") = 0 [pid 6486] munmap(0x7f3feae00000, 138412032 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6485] <... ioctl resumed>) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./278") = 0 [pid 5077] mkdir("./279", 0777) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6485] close(3 [pid 6486] <... munmap resumed>) = 0 [pid 6485] <... close resumed>) = 0 [pid 6486] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6485] close(4 [pid 6486] <... openat resumed>) = 4 [pid 6485] <... close resumed>) = 0 [pid 6486] ioctl(4, LOOP_SET_FD, 3 [ 277.832394][ T6485] loop4: detected capacity change from 0 to 4096 [ 277.866701][ T6486] loop3: detected capacity change from 0 to 4096 [pid 6485] mkdir("./file0", 0777) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 6485] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6486] <... ioctl resumed>) = 0 [pid 6486] close(3) = 0 [pid 6486] close(4) = 0 [pid 6486] mkdir("./file0", 0777 [pid 5078] close(3) = 0 [pid 6486] <... mkdir resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6486] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6488 ./strace-static-x86_64: Process 6488 attached [pid 6488] set_robust_list(0x555556d3f660, 24) = 0 [pid 6488] chdir("./280" [pid 6487] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... ioctl resumed>) = 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6488] <... chdir resumed>) = 0 [pid 6488] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6489 [pid 6488] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 6489 attached [pid 6488] setpgid(0, 0) = 0 [pid 6488] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6488] write(3, "1000", 4) = 4 [pid 6489] set_robust_list(0x555556d3f660, 24 [ 277.884787][ T6485] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 277.906347][ T6486] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6488] close(3 [pid 6489] <... set_robust_list resumed>) = 0 [pid 6488] <... close resumed>) = 0 [pid 6489] chdir("./279" [pid 6488] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6489] <... chdir resumed>) = 0 [pid 6489] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6488] memfd_create("syzkaller", 0 [pid 6487] <... write resumed>) = 2097152 [pid 6489] setpgid(0, 0 [pid 6488] <... memfd_create resumed>) = 3 [pid 6487] munmap(0x7f3feae00000, 138412032 [pid 6489] <... setpgid resumed>) = 0 [pid 6489] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6488] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6487] <... munmap resumed>) = 0 [pid 6489] write(3, "1000", 4 [pid 6488] <... mmap resumed>) = 0x7f3feae00000 [pid 6489] <... write resumed>) = 4 [pid 6489] close(3 [pid 6487] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6487] ioctl(4, LOOP_SET_FD, 3 [pid 6489] <... close resumed>) = 0 [pid 6487] <... ioctl resumed>) = 0 [pid 6489] symlink("/dev/binderfs", "./binderfs" [pid 6486] <... mount resumed>) = 0 [pid 6485] <... mount resumed>) = 0 [pid 6489] <... symlink resumed>) = 0 [pid 6486] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6485] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6487] close(3 [pid 6489] memfd_create("syzkaller", 0 [pid 6486] <... openat resumed>) = 3 [pid 6485] <... openat resumed>) = 3 [pid 6486] chdir("./file0" [pid 6485] chdir("./file0") = 0 [pid 6487] <... close resumed>) = 0 [pid 6485] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6487] close(4) = 0 [pid 6485] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 277.984849][ T6487] loop0: detected capacity change from 0 to 4096 [pid 6489] <... memfd_create resumed>) = 3 [pid 6488] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6486] <... chdir resumed>) = 0 [pid 6485] exit_group(0 [pid 6489] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6486] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6485] <... exit_group resumed>) = ? [pid 6489] <... mmap resumed>) = 0x7f3feae00000 [pid 6487] mkdir("./file0", 0777 [pid 6486] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6485] +++ exited with 0 +++ [pid 6487] <... mkdir resumed>) = 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6485, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 6487] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6486] exit_group(0) = ? [pid 6486] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6486, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=10 /* 0.10 s */} --- [pid 5080] umount2("./275", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] umount2("./277", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] openat(AT_FDCWD, "./275", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./277", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] newfstatat(3, "", [pid 5079] <... openat resumed>) = 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] newfstatat(3, "", [pid 5080] getdents64(3, [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] getdents64(3, [pid 5080] umount2("./275/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./275/binderfs", [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./275/binderfs") = 0 [pid 5080] umount2("./275/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] umount2("./277/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... umount2 resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./277/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./275/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] unlink("./277/binderfs" [pid 5080] newfstatat(AT_FDCWD, "./275/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 5080] umount2("./275/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 278.053621][ T6487] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5079] umount2("./277/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./275/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", [pid 6488] <... write resumed>) = 2097152 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5080] getdents64(4, [pid 5079] umount2("./277/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./277/file0", [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] close(4 [pid 5079] umount2("./277/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6488] munmap(0x7f3feae00000, 138412032 [pid 6489] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6487] <... mount resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6487] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] openat(AT_FDCWD, "./277/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6488] <... munmap resumed>) = 0 [pid 6487] <... openat resumed>) = 3 [pid 5080] rmdir("./275/file0" [pid 6487] chdir("./file0" [pid 5079] <... openat resumed>) = 4 [pid 6487] <... chdir resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 6487] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] getdents64(3, [pid 5079] newfstatat(4, "", [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] close(3 [pid 6488] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6487] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... close resumed>) = 0 [pid 5079] getdents64(4, [pid 6488] <... openat resumed>) = 4 [pid 6487] exit_group(0 [pid 5080] rmdir("./275" [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6488] ioctl(4, LOOP_SET_FD, 3 [pid 6487] <... exit_group resumed>) = ? [pid 5080] <... rmdir resumed>) = 0 [pid 5079] getdents64(4, [pid 6489] <... write resumed>) = 2097152 [pid 6487] +++ exited with 0 +++ [pid 5080] mkdir("./276", 0777 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6489] munmap(0x7f3feae00000, 138412032 [pid 6488] <... ioctl resumed>) = 0 [pid 5079] close(4 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6487, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 6488] close(3 [pid 5080] <... mkdir resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 6488] <... close resumed>) = 0 [pid 6488] close(4 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] rmdir("./277/file0" [pid 6489] <... munmap resumed>) = 0 [pid 6488] <... close resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5076] umount2("./276", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6489] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6488] mkdir("./file0", 0777 [pid 5080] <... openat resumed>) = 3 [pid 5079] getdents64(3, [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6489] <... openat resumed>) = 4 [pid 6488] <... mkdir resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] openat(AT_FDCWD, "./276", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6489] ioctl(4, LOOP_SET_FD, 3 [pid 6488] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5079] close(3 [pid 5076] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./276/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./276/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./276/binderfs") = 0 [pid 5076] umount2("./276/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... close resumed>) = 0 [pid 6489] <... ioctl resumed>) = 0 [pid 5079] rmdir("./277" [pid 6489] close(3) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 6489] close(4 [pid 5076] umount2("./276/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6489] <... close resumed>) = 0 [pid 5079] mkdir("./278", 0777 [pid 5076] newfstatat(AT_FDCWD, "./276/file0", [pid 6488] <... mount resumed>) = 0 [pid 6489] mkdir("./file0", 0777 [pid 6488] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... mkdir resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6489] <... mkdir resumed>) = 0 [pid 6489] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6488] <... openat resumed>) = 3 [pid 5076] umount2("./276/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6488] chdir("./file0" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./276/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6488] <... chdir resumed>) = 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6488] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5076] <... openat resumed>) = 4 [ 278.170310][ T6488] loop2: detected capacity change from 0 to 4096 [ 278.188553][ T6488] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 278.199092][ T6489] loop1: detected capacity change from 0 to 4096 [pid 6488] exit_group(0 [pid 5076] newfstatat(4, "", [pid 6488] <... exit_group resumed>) = ? [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6488] +++ exited with 0 +++ [pid 5076] getdents64(4, [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6488, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, [pid 5078] umount2("./280", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] close(4 [pid 5078] openat(AT_FDCWD, "./280", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./276/file0" [pid 5078] <... openat resumed>) = 3 [pid 5078] newfstatat(3, "", [pid 5076] <... rmdir resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, [pid 5078] getdents64(3, [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [ 278.237025][ T6489] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5076] close(3 [pid 5080] <... ioctl resumed>) = 0 [pid 5078] umount2("./280/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... close resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 6489] <... mount resumed>) = 0 [pid 5080] close(3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] rmdir("./276" [pid 6489] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... close resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./280/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] close(3 [pid 5078] unlink("./280/binderfs" [pid 5076] <... rmdir resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... close resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... unlink resumed>) = 0 [pid 5078] umount2("./280/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] mkdir("./277", 0777 [pid 6489] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6491 attached [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6491 [pid 6491] set_robust_list(0x555556d3f660, 24) = 0 [pid 6491] chdir("./278" [pid 6489] chdir("./file0" [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6490 [pid 5078] <... umount2 resumed>) = 0 [pid 6491] <... chdir resumed>) = 0 [pid 6489] <... chdir resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6490 attached [pid 6489] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] umount2("./280/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6491] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6489] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6491] <... prctl resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 6490] set_robust_list(0x555556d3f660, 24 [pid 6491] setpgid(0, 0 [pid 6489] exit_group(0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6490] <... set_robust_list resumed>) = 0 [pid 6491] <... setpgid resumed>) = 0 [pid 6489] <... exit_group resumed>) = ? [pid 5078] newfstatat(AT_FDCWD, "./280/file0", [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6491] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6491] <... openat resumed>) = 3 [pid 5078] umount2("./280/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6490] chdir("./276" [pid 6491] write(3, "1000", 4 [pid 6489] +++ exited with 0 +++ [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6490] <... chdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./280/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6489, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 6490] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5078] <... openat resumed>) = 4 [pid 6490] setpgid(0, 0 [pid 6491] <... write resumed>) = 4 [pid 5078] newfstatat(4, "", [pid 5077] umount2("./279", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6490] <... setpgid resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, [pid 6490] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6491] close(3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6491] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] openat(AT_FDCWD, "./279", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6490] <... openat resumed>) = 3 [pid 6491] symlink("/dev/binderfs", "./binderfs" [pid 5078] getdents64(4, [pid 5077] <... openat resumed>) = 3 [pid 6490] write(3, "1000", 4 [pid 6491] <... symlink resumed>) = 0 [pid 5077] newfstatat(3, "", [pid 6490] <... write resumed>) = 4 [pid 6491] memfd_create("syzkaller", 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6490] close(3 [pid 5077] getdents64(3, [pid 6490] <... close resumed>) = 0 [pid 5078] close(4 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6490] symlink("/dev/binderfs", "./binderfs" [pid 6491] <... memfd_create resumed>) = 3 [pid 5078] <... close resumed>) = 0 [pid 5077] umount2("./279/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6490] <... symlink resumed>) = 0 [pid 5078] rmdir("./280/file0" [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6491] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./279/binderfs", [pid 6491] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 5077] unlink("./279/binderfs") = 0 [pid 5077] umount2("./279/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6490] memfd_create("syzkaller", 0 [pid 5078] getdents64(3, [pid 5077] <... umount2 resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 6490] <... memfd_create resumed>) = 3 [pid 5078] rmdir("./280" [pid 6490] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] umount2("./279/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6490] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./279/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./279/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./279/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, [pid 5078] mkdir("./281", 0777 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, [pid 5078] <... mkdir resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./279/file0") = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./279") = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] close(3 [pid 5077] mkdir("./280", 0777 [pid 5078] <... openat resumed>) = 3 [pid 5076] <... close resumed>) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5077] <... mkdir resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 6492 attached [pid 6492] set_robust_list(0x555556d3f660, 24 [pid 5077] <... openat resumed>) = 3 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6492 [pid 6492] <... set_robust_list resumed>) = 0 [pid 6492] chdir("./277" [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6492] <... chdir resumed>) = 0 [pid 6492] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6492] setpgid(0, 0) = 0 [pid 6492] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6490] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6491] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6492] write(3, "1000", 4) = 4 [pid 6492] close(3) = 0 [pid 6492] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6492] memfd_create("syzkaller", 0 [pid 5078] <... ioctl resumed>) = 0 [pid 6492] <... memfd_create resumed>) = 3 [pid 5077] <... ioctl resumed>) = 0 [pid 6492] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6491] <... write resumed>) = 2097152 [pid 5078] close(3 [pid 6492] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] close(3 [pid 5078] <... close resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 6491] munmap(0x7f3feae00000, 138412032 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6491] <... munmap resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6494 attached ./strace-static-x86_64: Process 6493 attached [pid 6494] set_robust_list(0x555556d3f660, 24 [pid 6493] set_robust_list(0x555556d3f660, 24 [pid 6490] <... write resumed>) = 2097152 [pid 6491] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6493 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6494 [pid 6494] <... set_robust_list resumed>) = 0 [pid 6493] <... set_robust_list resumed>) = 0 [pid 6494] chdir("./280" [pid 6493] chdir("./281" [pid 6494] <... chdir resumed>) = 0 [pid 6494] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6493] <... chdir resumed>) = 0 [pid 6494] setpgid(0, 0 [pid 6493] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6490] munmap(0x7f3feae00000, 138412032 [pid 6491] <... openat resumed>) = 4 [pid 6494] <... setpgid resumed>) = 0 [pid 6493] <... prctl resumed>) = 0 [pid 6490] <... munmap resumed>) = 0 [pid 6491] ioctl(4, LOOP_SET_FD, 3 [pid 6493] setpgid(0, 0 [pid 6494] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6493] <... setpgid resumed>) = 0 [pid 6494] <... openat resumed>) = 3 [pid 6493] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6492] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6493] <... openat resumed>) = 3 [pid 6490] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6490] ioctl(4, LOOP_SET_FD, 3 [pid 6494] write(3, "1000", 4 [pid 6493] write(3, "1000", 4 [pid 6494] <... write resumed>) = 4 [pid 6493] <... write resumed>) = 4 [pid 6494] close(3 [pid 6493] close(3 [pid 6494] <... close resumed>) = 0 [pid 6493] <... close resumed>) = 0 [pid 6494] symlink("/dev/binderfs", "./binderfs" [pid 6493] symlink("/dev/binderfs", "./binderfs" [pid 6494] <... symlink resumed>) = 0 [pid 6491] <... ioctl resumed>) = 0 [pid 6493] <... symlink resumed>) = 0 [pid 6491] close(3) = 0 [pid 6491] close(4) = 0 [pid 6491] mkdir("./file0", 0777 [pid 6493] memfd_create("syzkaller", 0 [pid 6491] <... mkdir resumed>) = 0 [pid 6491] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6494] memfd_create("syzkaller", 0 [pid 6490] <... ioctl resumed>) = 0 [pid 6490] close(3) = 0 [pid 6493] <... memfd_create resumed>) = 3 [pid 6490] close(4) = 0 [pid 6490] mkdir("./file0", 0777 [pid 6493] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6490] <... mkdir resumed>) = 0 [pid 6493] <... mmap resumed>) = 0x7f3feae00000 [pid 6494] <... memfd_create resumed>) = 3 [pid 6490] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6494] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [ 278.596814][ T6491] loop3: detected capacity change from 0 to 4096 [ 278.607621][ T6490] loop4: detected capacity change from 0 to 4096 [ 278.625753][ T6491] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6492] <... write resumed>) = 2097152 [ 278.647070][ T6490] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6491] <... mount resumed>) = 0 [pid 6491] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6492] munmap(0x7f3feae00000, 138412032 [pid 6491] <... openat resumed>) = 3 [pid 6493] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6491] chdir("./file0") = 0 [pid 6491] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6492] <... munmap resumed>) = 0 [pid 6491] exit_group(0) = ? [pid 6492] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6491] +++ exited with 0 +++ [pid 6492] <... openat resumed>) = 4 [pid 6492] ioctl(4, LOOP_SET_FD, 3 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6491, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5079] umount2("./278", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./278", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./278/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./278/binderfs", [pid 6494] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./278/binderfs") = 0 [pid 5079] umount2("./278/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6492] <... ioctl resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 6492] close(3) = 0 [pid 6492] close(4 [pid 5079] umount2("./278/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6492] <... close resumed>) = 0 [pid 6492] mkdir("./file0", 0777 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./278/file0", [pid 6492] <... mkdir resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./278/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./278/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 278.748368][ T6492] loop0: detected capacity change from 0 to 4096 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6494] <... write resumed>) = 2097152 [pid 6493] <... write resumed>) = 2097152 [pid 6492] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6490] <... mount resumed>) = 0 [pid 6490] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] getdents64(4, [pid 6490] <... openat resumed>) = 3 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6490] chdir("./file0" [pid 5079] close(4 [pid 6490] <... chdir resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 6490] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] rmdir("./278/file0" [pid 6490] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... rmdir resumed>) = 0 [pid 6490] exit_group(0 [pid 5079] getdents64(3, [pid 6490] <... exit_group resumed>) = ? [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6494] munmap(0x7f3feae00000, 138412032 [pid 6493] munmap(0x7f3feae00000, 138412032 [pid 5079] close(3) = 0 [pid 5079] rmdir("./278" [pid 6490] +++ exited with 0 +++ [pid 5079] <... rmdir resumed>) = 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6490, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5080] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5079] mkdir("./279", 0777 [pid 6493] <... munmap resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 6494] <... munmap resumed>) = 0 [pid 6492] <... mount resumed>) = 0 [pid 5080] umount2("./276", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./276", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", [pid 6492] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6494] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6493] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6492] <... openat resumed>) = 3 [pid 5080] getdents64(3, [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6494] <... openat resumed>) = 4 [ 278.816795][ T6492] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6493] <... openat resumed>) = 4 [pid 6492] chdir("./file0" [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] <... openat resumed>) = 3 [pid 6494] ioctl(4, LOOP_SET_FD, 3 [pid 6493] ioctl(4, LOOP_SET_FD, 3 [pid 6492] <... chdir resumed>) = 0 [pid 5080] umount2("./276/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6492] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6492] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] newfstatat(AT_FDCWD, "./276/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6492] exit_group(0 [pid 5080] unlink("./276/binderfs") = 0 [pid 6492] <... exit_group resumed>) = ? [pid 5080] umount2("./276/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6492] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6492, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5076] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5076] umount2("./277", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./277", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./277/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./277/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./277/binderfs" [pid 6494] <... ioctl resumed>) = 0 [pid 6493] <... ioctl resumed>) = 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6494] close(3 [pid 6493] close(3 [pid 6494] <... close resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 6494] close(4 [pid 5080] <... umount2 resumed>) = 0 [pid 5076] umount2("./277/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6494] <... close resumed>) = 0 [pid 6493] <... close resumed>) = 0 [pid 6494] mkdir("./file0", 0777 [pid 6493] close(4 [pid 6494] <... mkdir resumed>) = 0 [pid 6494] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6493] <... close resumed>) = 0 [pid 5080] umount2("./276/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 278.862131][ T6494] loop1: detected capacity change from 0 to 4096 [ 278.869116][ T6493] loop2: detected capacity change from 0 to 4096 [ 278.891704][ T6494] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6493] mkdir("./file0", 0777 [pid 5076] umount2("./277/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] newfstatat(AT_FDCWD, "./276/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6493] <... mkdir resumed>) = 0 [pid 5080] umount2("./276/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./276/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] newfstatat(AT_FDCWD, "./277/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... openat resumed>) = 4 [pid 5076] umount2("./277/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] newfstatat(4, "", [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6493] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] openat(AT_FDCWD, "./277/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] getdents64(4, [pid 5076] <... openat resumed>) = 4 [pid 5076] newfstatat(4, "", [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, [pid 5076] getdents64(4, [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] <... close resumed>) = 0 [pid 5076] getdents64(4, [pid 5080] rmdir("./276/file0" [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 5080] <... rmdir resumed>) = 0 [pid 5080] getdents64(3, [pid 5076] <... close resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./276" [pid 5076] rmdir("./277/file0" [pid 5080] <... rmdir resumed>) = 0 [ 278.907449][ T6493] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5080] mkdir("./277", 0777 [pid 5076] <... rmdir resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3 [pid 5080] <... mkdir resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./277") = 0 [pid 5076] mkdir("./278", 0777) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6494] <... mount resumed>) = 0 [pid 6494] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6494] chdir("./file0") = 0 [pid 6494] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 6495 attached ) = -1 EBUSY (Device or resource busy) [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6495 [pid 6495] set_robust_list(0x555556d3f660, 24) = 0 [pid 6494] exit_group(0) = ? [pid 6493] <... mount resumed>) = 0 [pid 6495] chdir("./279" [pid 6494] +++ exited with 0 +++ [pid 6493] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6495] <... chdir resumed>) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6494, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 6495] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6495] setpgid(0, 0) = 0 [pid 6495] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6495] write(3, "1000", 4 [pid 5077] umount2("./280", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./280", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, [pid 6495] <... write resumed>) = 4 [pid 6493] <... openat resumed>) = 3 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6495] close(3 [pid 5077] umount2("./280/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6493] chdir("./file0" [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./280/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./280/binderfs") = 0 [pid 6495] <... close resumed>) = 0 [pid 6495] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5077] umount2("./280/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6493] <... chdir resumed>) = 0 [pid 6495] memfd_create("syzkaller", 0 [pid 6493] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6495] <... memfd_create resumed>) = 3 [pid 6495] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6493] exit_group(0) = ? [pid 5077] <... umount2 resumed>) = 0 [pid 5077] umount2("./280/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./280/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./280/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... ioctl resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./280/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./280/file0") = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./280") = 0 [pid 5077] mkdir("./281", 0777) = 0 [pid 6493] +++ exited with 0 +++ [pid 5076] <... ioctl resumed>) = 0 [pid 5076] close(3 [pid 5080] close(3 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6493, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5076] <... close resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5078] restart_syscall(<... resuming interrupted clone ...> [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5078] <... restart_syscall resumed>) = 0 ./strace-static-x86_64: Process 6496 attached [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6496] set_robust_list(0x555556d3f660, 24) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6496 [pid 6496] chdir("./278" [pid 5078] umount2("./281", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6496] <... chdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6496] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] openat(AT_FDCWD, "./281", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6496] <... prctl resumed>) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6497 [pid 5078] <... openat resumed>) = 3 [pid 6496] setpgid(0, 0) = 0 [pid 5078] newfstatat(3, "", ./strace-static-x86_64: Process 6497 attached [pid 6496] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6495] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6497] set_robust_list(0x555556d3f660, 24) = 0 [pid 6496] <... openat resumed>) = 3 [pid 5078] getdents64(3, [pid 6497] chdir("./277" [pid 6496] write(3, "1000", 4 [pid 6497] <... chdir resumed>) = 0 [pid 6496] <... write resumed>) = 4 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6497] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6497] setpgid(0, 0) = 0 [pid 6497] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6497] write(3, "1000", 4) = 4 [pid 6497] close(3) = 0 [pid 5078] umount2("./281/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6497] symlink("/dev/binderfs", "./binderfs" [pid 6496] close(3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6497] <... symlink resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./281/binderfs", [pid 6496] <... close resumed>) = 0 [pid 6496] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6496] memfd_create("syzkaller", 0 [pid 5078] unlink("./281/binderfs" [pid 6497] memfd_create("syzkaller", 0 [pid 5078] <... unlink resumed>) = 0 [pid 6496] <... memfd_create resumed>) = 3 [pid 5078] umount2("./281/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6497] <... memfd_create resumed>) = 3 [pid 6497] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6496] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6495] <... write resumed>) = 2097152 [pid 5078] <... umount2 resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6498 [pid 6495] munmap(0x7f3feae00000, 138412032 [pid 5078] umount2("./281/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./281/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6498 attached [pid 6498] set_robust_list(0x555556d3f660, 24) = 0 [pid 6498] chdir("./281" [pid 6495] <... munmap resumed>) = 0 [pid 5078] umount2("./281/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6498] <... chdir resumed>) = 0 [pid 6495] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6498] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6495] <... openat resumed>) = 4 [pid 5078] openat(AT_FDCWD, "./281/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6498] setpgid(0, 0 [pid 6495] ioctl(4, LOOP_SET_FD, 3 [pid 5078] <... openat resumed>) = 4 [pid 6498] <... setpgid resumed>) = 0 [pid 5078] newfstatat(4, "", [pid 6498] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6498] write(3, "1000", 4) = 4 [pid 6498] close(3) = 0 [pid 6498] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6495] <... ioctl resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6495] close(3 [pid 5078] getdents64(4, [pid 6495] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6495] close(4 [pid 6498] memfd_create("syzkaller", 0 [pid 6495] <... close resumed>) = 0 [pid 6495] mkdir("./file0", 0777 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4 [pid 6495] <... mkdir resumed>) = 0 [pid 6495] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5078] <... close resumed>) = 0 [pid 6498] <... memfd_create resumed>) = 3 [pid 5078] rmdir("./281/file0" [pid 6498] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5078] <... rmdir resumed>) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6496] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] close(3) = 0 [pid 5078] rmdir("./281") = 0 [pid 5078] mkdir("./282", 0777 [pid 6497] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] <... mkdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [ 279.232312][ T6495] loop3: detected capacity change from 0 to 4096 [ 279.255648][ T6495] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6498] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6496] <... write resumed>) = 2097152 [pid 6496] munmap(0x7f3feae00000, 138412032) = 0 [pid 6496] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6496] ioctl(4, LOOP_SET_FD, 3 [pid 6497] <... write resumed>) = 2097152 [pid 6496] <... ioctl resumed>) = 0 [pid 6495] <... mount resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 6496] close(3 [pid 6495] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] close(3) = 0 [pid 6495] <... openat resumed>) = 3 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6495] chdir("./file0" [pid 6497] munmap(0x7f3feae00000, 138412032) = 0 [pid 6495] <... chdir resumed>) = 0 [pid 6496] <... close resumed>) = 0 [pid 6495] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6499 [pid 6496] close(4 [pid 6495] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6496] <... close resumed>) = 0 [pid 6496] mkdir("./file0", 0777 [pid 6495] exit_group(0./strace-static-x86_64: Process 6499 attached [pid 6499] set_robust_list(0x555556d3f660, 24) = 0 [pid 6496] <... mkdir resumed>) = 0 [pid 6495] <... exit_group resumed>) = ? [pid 6499] chdir("./282") = 0 [pid 6495] +++ exited with 0 +++ [pid 6499] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6496] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6495, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 6499] <... prctl resumed>) = 0 [pid 6499] setpgid(0, 0 [pid 5079] umount2("./279", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6497] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6497] <... openat resumed>) = 4 [ 279.382780][ T6496] loop0: detected capacity change from 0 to 4096 [ 279.422108][ T6496] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5079] openat(AT_FDCWD, "./279", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6497] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... openat resumed>) = 3 [pid 6499] <... setpgid resumed>) = 0 [pid 6499] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6498] <... write resumed>) = 2097152 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6499] <... openat resumed>) = 3 [pid 5079] getdents64(3, [pid 6499] write(3, "1000", 4 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6499] <... write resumed>) = 4 [pid 6499] close(3 [pid 6497] <... ioctl resumed>) = 0 [pid 5079] umount2("./279/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6497] close(3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6497] <... close resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./279/binderfs", [pid 6497] close(4 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6497] <... close resumed>) = 0 [pid 5079] unlink("./279/binderfs" [pid 6497] mkdir("./file0", 0777 [pid 5079] <... unlink resumed>) = 0 [pid 6497] <... mkdir resumed>) = 0 [pid 5079] umount2("./279/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6497] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [ 279.426488][ T6497] loop4: detected capacity change from 0 to 4096 [pid 5079] <... umount2 resumed>) = 0 [pid 6499] <... close resumed>) = 0 [pid 5079] umount2("./279/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6499] symlink("/dev/binderfs", "./binderfs" [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./279/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./279/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6498] munmap(0x7f3feae00000, 138412032 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6499] <... symlink resumed>) = 0 [pid 6498] <... munmap resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./279/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6499] memfd_create("syzkaller", 0 [pid 6498] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] <... openat resumed>) = 4 [pid 6499] <... memfd_create resumed>) = 3 [pid 6498] <... openat resumed>) = 4 [ 279.466861][ T6497] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5079] newfstatat(4, "", [pid 6499] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6498] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6499] <... mmap resumed>) = 0x7f3feae00000 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6496] <... mount resumed>) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./279/file0" [pid 6496] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... rmdir resumed>) = 0 [pid 6496] <... openat resumed>) = 3 [pid 6497] <... mount resumed>) = 0 [pid 5079] getdents64(3, [pid 6497] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6496] chdir("./file0" [pid 5079] close(3 [pid 6497] chdir("./file0" [pid 6496] <... chdir resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 6497] <... chdir resumed>) = 0 [pid 5079] rmdir("./279" [pid 6496] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6497] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] <... rmdir resumed>) = 0 [pid 6497] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6496] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6497] exit_group(0 [pid 5079] mkdir("./280", 0777 [pid 6498] <... ioctl resumed>) = 0 [pid 6497] <... exit_group resumed>) = ? [pid 6496] exit_group(0 [pid 5079] <... mkdir resumed>) = 0 [pid 6498] close(3 [pid 6497] +++ exited with 0 +++ [pid 6498] <... close resumed>) = 0 [pid 6496] <... exit_group resumed>) = ? [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6497, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5080] umount2("./277", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6498] close(4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... openat resumed>) = 3 [pid 6498] <... close resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./277", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6498] mkdir("./file0", 0777 [pid 5080] <... openat resumed>) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6498] <... mkdir resumed>) = 0 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./277/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6498] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./277/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./277/binderfs") = 0 [ 279.523235][ T6498] loop1: detected capacity change from 0 to 4096 [pid 6496] +++ exited with 0 +++ [pid 5080] umount2("./277/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6496, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5076] umount2("./278", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... umount2 resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] umount2("./277/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./277/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./277/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "./278", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... openat resumed>) = 3 [pid 5080] openat(AT_FDCWD, "./277/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] newfstatat(3, "", [pid 5080] <... openat resumed>) = 4 [pid 5080] newfstatat(4, "", [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4 [pid 5076] umount2("./278/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./277/file0") = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] getdents64(3, [pid 5076] newfstatat(AT_FDCWD, "./278/binderfs", [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] close(3) = 0 [pid 5076] unlink("./278/binderfs") = 0 [pid 5080] rmdir("./277") = 0 [pid 5076] umount2("./278/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6499] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] mkdir("./278", 0777) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] umount2("./278/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./278/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 279.576394][ T6498] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5076] umount2("./278/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./278/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./278/file0") = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5076] getdents64(3, [pid 5079] close(3 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] <... close resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] close(3) = 0 ./strace-static-x86_64: Process 6500 attached [pid 5076] rmdir("./278" [pid 6500] set_robust_list(0x555556d3f660, 24 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6500 [pid 6500] <... set_robust_list resumed>) = 0 [pid 6500] chdir("./280") = 0 [pid 6500] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6500] setpgid(0, 0) = 0 [pid 6500] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6498] <... mount resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 6500] <... openat resumed>) = 3 [pid 6500] write(3, "1000", 4) = 4 [pid 6500] close(3) = 0 [pid 6500] symlink("/dev/binderfs", "./binderfs" [pid 6498] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6500] <... symlink resumed>) = 0 [pid 6498] <... openat resumed>) = 3 [pid 6500] memfd_create("syzkaller", 0 [pid 5076] mkdir("./279", 0777 [pid 6498] chdir("./file0" [pid 5076] <... mkdir resumed>) = 0 [pid 6498] <... chdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6498] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6500] <... memfd_create resumed>) = 3 [pid 6498] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] <... openat resumed>) = 3 [pid 6499] <... write resumed>) = 2097152 [pid 6498] exit_group(0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6500] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6499] munmap(0x7f3feae00000, 138412032 [pid 6498] <... exit_group resumed>) = ? [pid 6499] <... munmap resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 6498] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6498, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5077] umount2("./281", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./281", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./281/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6499] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] close(3 [pid 5077] newfstatat(AT_FDCWD, "./281/binderfs", [pid 5080] <... close resumed>) = 0 [pid 6499] <... openat resumed>) = 4 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6499] ioctl(4, LOOP_SET_FD, 3 [pid 5077] unlink("./281/binderfs") = 0 [pid 5077] umount2("./281/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6501 attached [pid 6501] set_robust_list(0x555556d3f660, 24 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6501 [pid 6499] <... ioctl resumed>) = 0 [pid 6499] close(3) = 0 [pid 6499] close(4 [pid 6501] <... set_robust_list resumed>) = 0 [pid 6499] <... close resumed>) = 0 [pid 5077] umount2("./281/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6501] chdir("./278" [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6501] <... chdir resumed>) = 0 [pid 6501] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] newfstatat(AT_FDCWD, "./281/file0", [pid 6501] <... prctl resumed>) = 0 [pid 6499] mkdir("./file0", 0777 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6501] setpgid(0, 0 [pid 5077] umount2("./281/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6501] <... setpgid resumed>) = 0 [pid 6499] <... mkdir resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6501] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5077] openat(AT_FDCWD, "./281/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6501] write(3, "1000", 4 [pid 5077] <... openat resumed>) = 4 [pid 5077] newfstatat(4, "", [pid 6501] <... write resumed>) = 4 [pid 6499] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6501] close(3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6501] <... close resumed>) = 0 [pid 5077] getdents64(4, [pid 6501] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6501] <... symlink resumed>) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6501] memfd_create("syzkaller", 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./281/file0") = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./281" [pid 6501] <... memfd_create resumed>) = 3 [pid 6501] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5077] <... rmdir resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 5077] mkdir("./282", 0777) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [ 279.744462][ T6499] loop2: detected capacity change from 0 to 4096 [ 279.777674][ T6499] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6500] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152./strace-static-x86_64: Process 6502 attached [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6502 [pid 6502] set_robust_list(0x555556d3f660, 24) = 0 [pid 6502] chdir("./279") = 0 [pid 6502] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6502] setpgid(0, 0) = 0 [pid 6502] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6502] write(3, "1000", 4) = 4 [pid 6502] close(3) = 0 [pid 6502] symlink("/dev/binderfs", "./binderfs" [pid 6501] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6502] <... symlink resumed>) = 0 [pid 6502] memfd_create("syzkaller", 0 [pid 6500] <... write resumed>) = 2097152 [pid 6499] <... mount resumed>) = 0 [pid 6499] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6499] chdir("./file0") = 0 [pid 6502] <... memfd_create resumed>) = 3 [pid 6499] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6499] exit_group(0) = ? [pid 6502] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6500] munmap(0x7f3feae00000, 138412032 [pid 6499] +++ exited with 0 +++ [pid 6502] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6499, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5078] umount2("./282", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./282", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6500] <... munmap resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 6501] <... write resumed>) = 2097152 [pid 6500] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] newfstatat(3, "", [pid 5077] <... ioctl resumed>) = 0 [pid 6500] <... openat resumed>) = 4 [pid 6500] ioctl(4, LOOP_SET_FD, 3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6501] munmap(0x7f3feae00000, 138412032 [pid 5077] close(3 [pid 6501] <... munmap resumed>) = 0 [pid 5078] getdents64(3, [pid 5077] <... close resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./282/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./282/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6500] <... ioctl resumed>) = 0 [pid 6500] close(3 [pid 5078] unlink("./282/binderfs" [pid 6500] <... close resumed>) = 0 ./strace-static-x86_64: Process 6503 attached [pid 6503] set_robust_list(0x555556d3f660, 24 [pid 6501] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6500] close(4 [pid 5078] <... unlink resumed>) = 0 [pid 6500] <... close resumed>) = 0 [pid 6500] mkdir("./file0", 0777 [pid 5078] umount2("./282/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6503] <... set_robust_list resumed>) = 0 [pid 6501] <... openat resumed>) = 4 [pid 6503] chdir("./282" [pid 6501] ioctl(4, LOOP_SET_FD, 3 [pid 6500] <... mkdir resumed>) = 0 [pid 6503] <... chdir resumed>) = 0 [pid 6500] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6503 [pid 6503] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6503] setpgid(0, 0) = 0 [pid 6503] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6503] write(3, "1000", 4 [pid 6502] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6503] <... write resumed>) = 4 [pid 6503] close(3) = 0 [pid 6503] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... umount2 resumed>) = 0 [pid 6503] <... symlink resumed>) = 0 [pid 6503] memfd_create("syzkaller", 0 [pid 6501] <... ioctl resumed>) = 0 [pid 5078] umount2("./282/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6501] close(3) = 0 [pid 6501] close(4) = 0 [pid 6501] mkdir("./file0", 0777) = 0 [pid 6503] <... memfd_create resumed>) = 3 [pid 6503] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./282/file0", [pid 6501] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 279.961741][ T6500] loop3: detected capacity change from 0 to 4096 [ 279.983380][ T6501] loop4: detected capacity change from 0 to 4096 [ 279.998644][ T6500] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5078] umount2("./282/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./282/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./282/file0") = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [ 280.019124][ T6501] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5078] close(3) = 0 [pid 5078] rmdir("./282" [pid 6500] <... mount resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5078] mkdir("./283", 0777 [pid 6500] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6500] chdir("./file0" [pid 5078] <... mkdir resumed>) = 0 [pid 6500] <... chdir resumed>) = 0 [pid 6500] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 6500] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6500] exit_group(0) = ? [pid 6502] <... write resumed>) = 2097152 [pid 6502] munmap(0x7f3feae00000, 138412032 [pid 6500] +++ exited with 0 +++ [pid 6503] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6501] <... mount resumed>) = 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6500, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 6501] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6502] <... munmap resumed>) = 0 [pid 5079] umount2("./280", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./280", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./280/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./280/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./280/binderfs") = 0 [pid 5079] umount2("./280/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6501] chdir("./file0") = 0 [pid 6502] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6502] ioctl(4, LOOP_SET_FD, 3 [pid 6501] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] <... umount2 resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5079] umount2("./280/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6501] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] close(3 [pid 6501] exit_group(0) = ? [pid 5078] <... close resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./280/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./280/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./280/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... openat resumed>) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./280/file0" [pid 6501] +++ exited with 0 +++ [pid 5079] <... rmdir resumed>) = 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6501, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 6502] <... ioctl resumed>) = 0 [pid 5080] umount2("./278", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] getdents64(3, [pid 6502] close(3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6502] <... close resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./278", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] close(3 [pid 6502] close(4) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5079] <... close resumed>) = 0 [pid 6502] mkdir("./file0", 0777 [pid 5079] rmdir("./280" [pid 6502] <... mkdir resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5079] mkdir("./281", 0777 [pid 6502] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5079] <... mkdir resumed>) = 0 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 6504 attached [pid 6503] <... write resumed>) = 2097152 [pid 5080] getdents64(3, [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6504] set_robust_list(0x555556d3f660, 24 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] <... openat resumed>) = 3 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6504 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6503] munmap(0x7f3feae00000, 138412032 [pid 5080] umount2("./278/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6504] <... set_robust_list resumed>) = 0 [pid 6503] <... munmap resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./278/binderfs", [pid 6504] chdir("./283" [pid 6503] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6504] <... chdir resumed>) = 0 [pid 6503] <... openat resumed>) = 4 [pid 5080] unlink("./278/binderfs" [pid 6504] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] <... unlink resumed>) = 0 [ 280.152753][ T6502] loop0: detected capacity change from 0 to 4096 [ 280.190256][ T6502] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6504] <... prctl resumed>) = 0 [pid 6503] ioctl(4, LOOP_SET_FD, 3 [pid 5080] umount2("./278/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6504] setpgid(0, 0 [pid 6503] <... ioctl resumed>) = 0 [pid 6504] <... setpgid resumed>) = 0 [pid 5080] <... umount2 resumed>) = 0 [pid 6504] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6504] write(3, "1000", 4) = 4 [pid 6504] close(3) = 0 [pid 6504] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6504] memfd_create("syzkaller", 0) = 3 [pid 6504] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5080] umount2("./278/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./278/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6503] close(3 [pid 6502] <... mount resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 6502] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6503] <... close resumed>) = 0 [pid 5080] umount2("./278/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6503] close(4 [pid 6502] chdir("./file0" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6503] <... close resumed>) = 0 [pid 6502] <... chdir resumed>) = 0 [pid 6503] mkdir("./file0", 0777 [pid 6502] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6503] <... mkdir resumed>) = 0 [pid 6502] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] close(3 [pid 6503] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5080] openat(AT_FDCWD, "./278/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6502] exit_group(0 [pid 5079] <... close resumed>) = 0 [pid 6502] <... exit_group resumed>) = ? [pid 5080] <... openat resumed>) = 4 [ 280.230218][ T6503] loop1: detected capacity change from 0 to 4096 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6505 attached [pid 5080] newfstatat(4, "", [pid 6502] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6502, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 6505] set_robust_list(0x555556d3f660, 24 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6505 [pid 5076] umount2("./279", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6505] <... set_robust_list resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./279", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6505] chdir("./281" [pid 5076] <... openat resumed>) = 3 [pid 5076] newfstatat(3, "", [pid 6505] <... chdir resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6505] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6505] setpgid(0, 0 [pid 5076] getdents64(3, [pid 6505] <... setpgid resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6505] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] umount2("./279/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6505] <... openat resumed>) = 3 [pid 5080] getdents64(4, [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6505] write(3, "1000", 4 [pid 5076] newfstatat(AT_FDCWD, "./279/binderfs", [pid 6505] <... write resumed>) = 4 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6505] close(3 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] unlink("./279/binderfs" [pid 6505] <... close resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5076] umount2("./279/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./278/file0" [pid 6505] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... rmdir resumed>) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6505] <... symlink resumed>) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./278") = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5080] mkdir("./279", 0777) = 0 [pid 5076] umount2("./279/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6505] memfd_create("syzkaller", 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6505] <... memfd_create resumed>) = 3 [pid 5076] newfstatat(AT_FDCWD, "./279/file0", [pid 6505] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6505] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] umount2("./279/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... openat resumed>) = 3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] openat(AT_FDCWD, "./279/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 280.289255][ T6503] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./279/file0") = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./279") = 0 [pid 5076] mkdir("./280", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6504] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6505] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6503] <... mount resumed>) = 0 [pid 6503] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6503] chdir("./file0") = 0 [pid 6503] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6503] exit_group(0) = ? [pid 6503] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6503, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5077] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5077] umount2("./282", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... ioctl resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./282", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, [pid 5076] close(3 [pid 5080] close(3 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... close resumed>) = 0 [pid 5077] umount2("./282/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] newfstatat(AT_FDCWD, "./282/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6506 [pid 5077] unlink("./282/binderfs") = 0 [pid 5077] umount2("./282/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6507 ./strace-static-x86_64: Process 6506 attached ./strace-static-x86_64: Process 6507 attached [pid 6507] set_robust_list(0x555556d3f660, 24 [pid 6506] set_robust_list(0x555556d3f660, 24 [pid 6507] <... set_robust_list resumed>) = 0 [pid 6507] chdir("./279" [pid 6506] <... set_robust_list resumed>) = 0 [pid 6507] <... chdir resumed>) = 0 [pid 6507] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6506] chdir("./280" [pid 6504] <... write resumed>) = 2097152 [pid 6506] <... chdir resumed>) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 6507] <... prctl resumed>) = 0 [pid 6506] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] umount2("./282/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6507] setpgid(0, 0 [pid 6506] <... prctl resumed>) = 0 [pid 6507] <... setpgid resumed>) = 0 [pid 6506] setpgid(0, 0 [pid 6504] munmap(0x7f3feae00000, 138412032 [pid 6507] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6506] <... setpgid resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6507] <... openat resumed>) = 3 [pid 6506] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6504] <... munmap resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./282/file0", [pid 6507] write(3, "1000", 4 [pid 6506] <... openat resumed>) = 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6507] <... write resumed>) = 4 [pid 6506] write(3, "1000", 4) = 4 [pid 5077] umount2("./282/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6506] close(3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6507] close(3 [pid 6506] <... close resumed>) = 0 [pid 6505] <... write resumed>) = 2097152 [pid 6504] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] openat(AT_FDCWD, "./282/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6507] <... close resumed>) = 0 [pid 6506] symlink("/dev/binderfs", "./binderfs" [pid 6507] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6506] <... symlink resumed>) = 0 [pid 6505] munmap(0x7f3feae00000, 138412032 [pid 5077] <... openat resumed>) = 4 [pid 6507] memfd_create("syzkaller", 0 [pid 6506] memfd_create("syzkaller", 0 [pid 6504] <... openat resumed>) = 4 [pid 5077] newfstatat(4, "", [pid 6507] <... memfd_create resumed>) = 3 [pid 6504] ioctl(4, LOOP_SET_FD, 3 [pid 6506] <... memfd_create resumed>) = 3 [pid 6505] <... munmap resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6506] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] getdents64(4, [pid 6506] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, [pid 6507] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6505] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6504] <... ioctl resumed>) = 0 [pid 5077] close(4) = 0 [pid 6507] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] rmdir("./282/file0" [pid 6504] close(3 [pid 5077] <... rmdir resumed>) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3 [pid 6505] <... openat resumed>) = 4 [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./282" [pid 6505] ioctl(4, LOOP_SET_FD, 3 [pid 6504] <... close resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 6504] close(4 [pid 5077] mkdir("./283", 0777) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6504] <... close resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 6504] mkdir("./file0", 0777 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6505] <... ioctl resumed>) = 0 [pid 6505] close(3) = 0 [pid 6505] close(4) = 0 [pid 6504] <... mkdir resumed>) = 0 [pid 6505] mkdir("./file0", 0777) = 0 [pid 6506] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6504] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [ 280.521389][ T6504] loop2: detected capacity change from 0 to 4096 [ 280.536743][ T6505] loop3: detected capacity change from 0 to 4096 [pid 6505] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [ 280.576720][ T6505] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 280.586458][ T6504] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6507] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6506] <... write resumed>) = 2097152 [pid 6504] <... mount resumed>) = 0 [pid 6507] munmap(0x7f3feae00000, 138412032 [pid 6504] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6506] munmap(0x7f3feae00000, 138412032 [pid 6504] <... openat resumed>) = 3 [pid 6506] <... munmap resumed>) = 0 [pid 6504] chdir("./file0" [pid 6507] <... munmap resumed>) = 0 [pid 6507] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6506] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6504] <... chdir resumed>) = 0 [pid 6507] <... openat resumed>) = 4 [pid 6504] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6507] ioctl(4, LOOP_SET_FD, 3 [pid 6506] <... openat resumed>) = 4 [pid 6504] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6506] ioctl(4, LOOP_SET_FD, 3 [pid 6504] exit_group(0 [pid 5077] <... ioctl resumed>) = 0 [pid 6507] <... ioctl resumed>) = 0 [pid 6506] <... ioctl resumed>) = 0 [pid 6504] <... exit_group resumed>) = ? [pid 5077] close(3 [pid 6507] close(3 [pid 6506] close(3 [pid 5077] <... close resumed>) = 0 [pid 6504] +++ exited with 0 +++ [pid 6506] <... close resumed>) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6504, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6507] <... close resumed>) = 0 [pid 6506] close(4 [pid 5078] restart_syscall(<... resuming interrupted clone ...> [pid 6507] close(4 [pid 5078] <... restart_syscall resumed>) = 0 [pid 6507] <... close resumed>) = 0 [pid 6507] mkdir("./file0", 0777) = 0 [pid 6507] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5078] umount2("./283", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6506] <... close resumed>) = 0 [pid 6506] mkdir("./file0", 0777 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 280.684152][ T6507] loop4: detected capacity change from 0 to 4096 [ 280.692950][ T6506] loop0: detected capacity change from 0 to 4096 [pid 6506] <... mkdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./283", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6508 [pid 6505] <... mount resumed>) = 0 ./strace-static-x86_64: Process 6508 attached [pid 6506] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6505] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] <... openat resumed>) = 3 [pid 6505] <... openat resumed>) = 3 [pid 6505] chdir("./file0") = 0 [pid 6505] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] newfstatat(3, "", [pid 6508] set_robust_list(0x555556d3f660, 24 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6505] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] getdents64(3, [pid 6508] <... set_robust_list resumed>) = 0 [pid 6505] exit_group(0) = ? [pid 6508] chdir("./283" [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./283/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6508] <... chdir resumed>) = 0 [pid 6505] +++ exited with 0 +++ [pid 5078] newfstatat(AT_FDCWD, "./283/binderfs", [pid 6508] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6505, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5079] umount2("./281", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6508] <... prctl resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./281", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] unlink("./283/binderfs" [pid 5079] <... openat resumed>) = 3 [pid 5078] <... unlink resumed>) = 0 [pid 5079] newfstatat(3, "", [pid 6508] setpgid(0, 0 [pid 5078] umount2("./283/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6508] <... setpgid resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6508] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] getdents64(3, [pid 5078] <... umount2 resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./281/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] umount2("./283/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6508] <... openat resumed>) = 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./281/binderfs", [pid 5078] newfstatat(AT_FDCWD, "./283/file0", [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6508] write(3, "1000", 4 [pid 5079] unlink("./281/binderfs" [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6508] <... write resumed>) = 4 [pid 5079] <... unlink resumed>) = 0 [pid 5078] umount2("./283/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6508] close(3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6508] <... close resumed>) = 0 [ 280.728050][ T6507] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 280.743316][ T6506] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5079] umount2("./281/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] openat(AT_FDCWD, "./283/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6508] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... openat resumed>) = 4 [pid 6508] <... symlink resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5078] newfstatat(4, "", [pid 6508] memfd_create("syzkaller", 0 [pid 6507] <... mount resumed>) = 0 [pid 6506] <... mount resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6507] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] getdents64(4, [pid 6507] <... openat resumed>) = 3 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, [pid 5079] umount2("./281/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6508] <... memfd_create resumed>) = 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] close(4 [pid 6507] chdir("./file0" [pid 5078] <... close resumed>) = 0 [pid 6508] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6507] <... chdir resumed>) = 0 [pid 6506] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] newfstatat(AT_FDCWD, "./281/file0", [pid 5078] rmdir("./283/file0" [pid 6508] <... mmap resumed>) = 0x7f3feae00000 [pid 6507] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6506] <... openat resumed>) = 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6507] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6506] chdir("./file0") = 0 [pid 6506] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6507] exit_group(0 [pid 6506] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] umount2("./281/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6507] <... exit_group resumed>) = ? [pid 6506] exit_group(0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./281/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6506] <... exit_group resumed>) = ? [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, [pid 6507] +++ exited with 0 +++ [pid 6506] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6507, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] <... rmdir resumed>) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6506, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 5080] umount2("./279", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... restart_syscall resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] getdents64(4, [pid 5080] openat(AT_FDCWD, "./279", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] umount2("./280", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... openat resumed>) = 3 [pid 5079] close(4 [pid 5078] close(3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(3, "", [pid 5079] <... close resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./280", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", [pid 5079] rmdir("./281/file0" [pid 5078] rmdir("./283" [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, [pid 5078] mkdir("./284", 0777 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] getdents64(3, [pid 5079] getdents64(3, [pid 5078] <... mkdir resumed>) = 0 [pid 5076] umount2("./280/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] umount2("./279/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] close(3 [pid 5078] <... openat resumed>) = 3 [pid 5076] newfstatat(AT_FDCWD, "./280/binderfs", [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... close resumed>) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] rmdir("./281") = 0 [pid 5076] unlink("./280/binderfs" [pid 5080] newfstatat(AT_FDCWD, "./279/binderfs", [pid 5076] <... unlink resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./279/binderfs" [pid 5079] mkdir("./282", 0777 [pid 5076] umount2("./280/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... unlink resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5080] umount2("./279/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = 0 [pid 5080] <... umount2 resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] umount2("./280/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... openat resumed>) = 3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] newfstatat(AT_FDCWD, "./280/file0", [pid 5080] umount2("./279/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./279/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./279/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./279/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./279/file0") = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./279") = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] mkdir("./280", 0777 [pid 5076] umount2("./280/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... mkdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./280/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", [pid 6508] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] <... ioctl resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] close(3 [pid 5078] close(3 [pid 5076] getdents64(4, [pid 5079] <... close resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6509 [pid 5076] close(4./strace-static-x86_64: Process 6509 attached ) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6510 [pid 5076] rmdir("./280/file0"./strace-static-x86_64: Process 6510 attached [pid 6509] set_robust_list(0x555556d3f660, 24 [pid 5076] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, [pid 6509] <... set_robust_list resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6510] set_robust_list(0x555556d3f660, 24 [pid 6509] chdir("./284" [pid 5076] close(3 [pid 6510] <... set_robust_list resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 6510] chdir("./282") = 0 [pid 6509] <... chdir resumed>) = 0 [pid 5076] rmdir("./280" [pid 6509] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 6509] setpgid(0, 0 [pid 5076] mkdir("./281", 0777 [pid 6510] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6509] <... setpgid resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 6510] setpgid(0, 0 [pid 6509] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6510] <... setpgid resumed>) = 0 [pid 6510] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] <... openat resumed>) = 3 [pid 6510] <... openat resumed>) = 3 [pid 6509] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6510] write(3, "1000", 4 [pid 6509] write(3, "1000", 4 [pid 6510] <... write resumed>) = 4 [pid 6509] <... write resumed>) = 4 [pid 6510] close(3 [pid 6509] close(3 [pid 6510] <... close resumed>) = 0 [pid 6509] <... close resumed>) = 0 [pid 6510] symlink("/dev/binderfs", "./binderfs" [pid 6509] symlink("/dev/binderfs", "./binderfs" [pid 6510] <... symlink resumed>) = 0 [pid 6509] <... symlink resumed>) = 0 [pid 6510] memfd_create("syzkaller", 0 [pid 6509] memfd_create("syzkaller", 0 [pid 6510] <... memfd_create resumed>) = 3 [pid 5080] <... ioctl resumed>) = 0 [pid 6510] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6509] <... memfd_create resumed>) = 3 [pid 6510] <... mmap resumed>) = 0x7f3feae00000 [pid 6509] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6508] <... write resumed>) = 2097152 [pid 6508] munmap(0x7f3feae00000, 138412032 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6511 ./strace-static-x86_64: Process 6511 attached [pid 6511] set_robust_list(0x555556d3f660, 24) = 0 [pid 6511] chdir("./280") = 0 [pid 6508] <... munmap resumed>) = 0 [pid 6508] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6508] ioctl(4, LOOP_SET_FD, 3 [pid 6511] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6510] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6511] <... prctl resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 6511] setpgid(0, 0 [pid 6508] <... ioctl resumed>) = 0 [pid 6511] <... setpgid resumed>) = 0 [pid 6509] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] close(3 [pid 6511] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6508] close(3 [pid 5076] <... close resumed>) = 0 [pid 6511] <... openat resumed>) = 3 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6508] <... close resumed>) = 0 [pid 6508] close(4) = 0 ./strace-static-x86_64: Process 6512 attached [pid 6511] write(3, "1000", 4 [pid 6512] set_robust_list(0x555556d3f660, 24 [pid 6511] <... write resumed>) = 4 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6512 [pid 6512] <... set_robust_list resumed>) = 0 [pid 6511] close(3 [pid 6512] chdir("./281" [pid 6511] <... close resumed>) = 0 [pid 6508] mkdir("./file0", 0777 [ 281.080723][ T6508] loop1: detected capacity change from 0 to 4096 [pid 6511] symlink("/dev/binderfs", "./binderfs" [pid 6512] <... chdir resumed>) = 0 [pid 6511] <... symlink resumed>) = 0 [pid 6508] <... mkdir resumed>) = 0 [pid 6508] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6512] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6512] setpgid(0, 0) = 0 [pid 6511] memfd_create("syzkaller", 0 [pid 6512] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6511] <... memfd_create resumed>) = 3 [pid 6509] <... write resumed>) = 2097152 [pid 6512] <... openat resumed>) = 3 [pid 6511] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6510] <... write resumed>) = 2097152 [pid 6512] write(3, "1000", 4 [pid 6509] munmap(0x7f3feae00000, 138412032 [pid 6512] <... write resumed>) = 4 [pid 6512] close(3) = 0 [pid 6512] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6509] <... munmap resumed>) = 0 [ 281.148286][ T6508] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6512] memfd_create("syzkaller", 0) = 3 [pid 6509] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6512] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6510] munmap(0x7f3feae00000, 138412032 [pid 6509] <... openat resumed>) = 4 [pid 6512] <... mmap resumed>) = 0x7f3feae00000 [pid 6510] <... munmap resumed>) = 0 [pid 6509] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6510] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6510] ioctl(4, LOOP_SET_FD, 3 [pid 6511] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6509] close(3) = 0 [pid 6510] <... ioctl resumed>) = 0 [pid 6509] close(4 [pid 6510] close(3 [pid 6509] <... close resumed>) = 0 [pid 6510] <... close resumed>) = 0 [pid 6509] mkdir("./file0", 0777 [pid 6510] close(4) = 0 [pid 6510] mkdir("./file0", 0777) = 0 [pid 6510] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6509] <... mkdir resumed>) = 0 [pid 6509] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6508] <... mount resumed>) = 0 [ 281.211099][ T6509] loop2: detected capacity change from 0 to 4096 [ 281.228892][ T6510] loop3: detected capacity change from 0 to 4096 [pid 6508] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6508] chdir("./file0") = 0 [pid 6508] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6508] exit_group(0 [pid 6512] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6508] <... exit_group resumed>) = ? [pid 6508] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6508, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=14 /* 0.14 s */} --- [pid 5077] umount2("./283", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./283", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./283/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./283/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./283/binderfs") = 0 [pid 5077] umount2("./283/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5077] umount2("./283/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6511] <... write resumed>) = 2097152 [pid 5077] newfstatat(AT_FDCWD, "./283/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./283/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./283/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6511] munmap(0x7f3feae00000, 138412032) = 0 [pid 5077] getdents64(4, [pid 6511] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6511] <... openat resumed>) = 4 [pid 5077] getdents64(4, [ 281.279221][ T6510] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 281.303390][ T6509] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6511] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./283/file0") = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./283") = 0 [pid 5077] mkdir("./284", 0777) = 0 [pid 6511] <... ioctl resumed>) = 0 [pid 6511] close(3) = 0 [pid 6511] close(4) = 0 [pid 6511] mkdir("./file0", 0777 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6511] <... mkdir resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 6511] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6512] <... write resumed>) = 2097152 [pid 6512] munmap(0x7f3feae00000, 138412032) = 0 [ 281.360742][ T6511] loop4: detected capacity change from 0 to 4096 [ 281.393879][ T6511] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6512] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6512] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6509] <... mount resumed>) = 0 [pid 6512] close(3) = 0 [pid 6509] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6512] close(4 [pid 6510] <... mount resumed>) = 0 [pid 6512] <... close resumed>) = 0 [pid 6512] mkdir("./file0", 0777) = 0 [pid 6512] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6509] <... openat resumed>) = 3 [pid 6510] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6510] chdir("./file0" [pid 6509] chdir("./file0" [pid 6510] <... chdir resumed>) = 0 [pid 6509] <... chdir resumed>) = 0 [pid 6510] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6509] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] <... ioctl resumed>) = 0 [pid 6510] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6509] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6510] exit_group(0) = ? [pid 6509] exit_group(0) = ? [pid 6509] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6509, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 6510] +++ exited with 0 +++ [ 281.442281][ T6512] loop0: detected capacity change from 0 to 4096 [ 281.479455][ T6512] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5078] umount2("./284", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6510, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] restart_syscall(<... resuming interrupted clone ...> [pid 5078] openat(AT_FDCWD, "./284", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... restart_syscall resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] umount2("./282", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] getdents64(3, [pid 5079] openat(AT_FDCWD, "./282", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] <... openat resumed>) = 3 [pid 5078] umount2("./284/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6513 attached [pid 5079] newfstatat(3, "", [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6513] set_robust_list(0x555556d3f660, 24 [pid 6511] <... mount resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] newfstatat(AT_FDCWD, "./284/binderfs", [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6513 [pid 6513] <... set_robust_list resumed>) = 0 [pid 6511] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6513] chdir("./284" [pid 6511] <... openat resumed>) = 3 [pid 5079] getdents64(3, [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6513] <... chdir resumed>) = 0 [pid 6511] chdir("./file0" [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6513] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6511] <... chdir resumed>) = 0 [pid 5079] umount2("./282/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] unlink("./284/binderfs" [pid 6513] <... prctl resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... unlink resumed>) = 0 [pid 6513] setpgid(0, 0 [pid 5079] newfstatat(AT_FDCWD, "./282/binderfs", [pid 5078] umount2("./284/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6513] <... setpgid resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6513] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] unlink("./282/binderfs" [pid 6513] <... openat resumed>) = 3 [pid 6511] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6513] write(3, "1000", 4 [pid 6511] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... unlink resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 6513] <... write resumed>) = 4 [pid 6511] exit_group(0 [pid 5079] umount2("./282/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] umount2("./284/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6513] close(3 [pid 6511] <... exit_group resumed>) = ? [pid 5079] <... umount2 resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6513] <... close resumed>) = 0 [pid 6513] symlink("/dev/binderfs", "./binderfs" [pid 6512] <... mount resumed>) = 0 [pid 6511] +++ exited with 0 +++ [pid 5079] umount2("./282/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] newfstatat(AT_FDCWD, "./284/file0", [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6511, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 6513] <... symlink resumed>) = 0 [pid 6512] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6512] <... openat resumed>) = 3 [pid 5079] newfstatat(AT_FDCWD, "./282/file0", [pid 5078] umount2("./284/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] umount2("./280", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./280", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./280/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./280/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./280/binderfs") = 0 [pid 5080] umount2("./280/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6513] memfd_create("syzkaller", 0 [pid 6512] chdir("./file0" [pid 5080] <... umount2 resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] openat(AT_FDCWD, "./284/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6512] <... chdir resumed>) = 0 [pid 5079] umount2("./282/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... openat resumed>) = 4 [pid 6512] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(4, "", [pid 6512] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] umount2("./280/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6512] exit_group(0 [pid 5078] getdents64(4, [pid 5079] openat(AT_FDCWD, "./282/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6512] <... exit_group resumed>) = ? [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] newfstatat(AT_FDCWD, "./280/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./280/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./280/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", [pid 6512] +++ exited with 0 +++ [pid 5079] <... openat resumed>) = 4 [pid 5078] getdents64(4, [pid 5079] newfstatat(4, "", [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6512, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] close(4 [pid 5076] umount2("./281", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6513] <... memfd_create resumed>) = 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, [pid 5078] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6513] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] getdents64(4, [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] rmdir("./284/file0" [pid 5076] openat(AT_FDCWD, "./281", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6513] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, [pid 5078] <... rmdir resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5080] getdents64(4, [pid 5079] close(4 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] close(4 [pid 5076] umount2("./281/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./281/binderfs", [pid 5080] rmdir("./280/file0" [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5076] unlink("./281/binderfs") = 0 [pid 5076] umount2("./281/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... close resumed>) = 0 [pid 5078] getdents64(3, [pid 5076] <... umount2 resumed>) = 0 [pid 5080] getdents64(3, [pid 5079] rmdir("./282/file0" [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] umount2("./281/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] close(3 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] close(3 [pid 5076] newfstatat(AT_FDCWD, "./281/file0", [pid 5080] <... close resumed>) = 0 [pid 5079] getdents64(3, [pid 5078] <... close resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] rmdir("./280" [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] rmdir("./284" [pid 5076] umount2("./281/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] close(3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./281/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5079] <... close resumed>) = 0 [pid 5078] mkdir("./285", 0777 [pid 5076] newfstatat(4, "", [pid 5080] <... rmdir resumed>) = 0 [pid 5079] rmdir("./282" [pid 5078] <... mkdir resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, [pid 5079] <... rmdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] mkdir("./281", 0777 [pid 5079] mkdir("./283", 0777 [pid 5078] <... openat resumed>) = 3 [pid 5076] getdents64(4, [pid 5080] <... mkdir resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./281/file0" [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] <... rmdir resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 6513] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] rmdir("./281") = 0 [pid 5079] <... openat resumed>) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] mkdir("./282", 0777 [pid 6513] <... write resumed>) = 2097152 [pid 5080] <... ioctl resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 6513] munmap(0x7f3feae00000, 138412032 [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6514 [pid 5076] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6513] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 6514 attached [pid 6513] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6514] set_robust_list(0x555556d3f660, 24 [pid 6513] <... openat resumed>) = 4 [pid 6514] <... set_robust_list resumed>) = 0 [pid 6513] ioctl(4, LOOP_SET_FD, 3 [pid 6514] chdir("./281") = 0 [pid 6514] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] <... ioctl resumed>) = 0 [pid 6514] <... prctl resumed>) = 0 [pid 5078] close(3 [pid 6514] setpgid(0, 0 [pid 5078] <... close resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6514] <... setpgid resumed>) = 0 [pid 6514] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6514] write(3, "1000", 4./strace-static-x86_64: Process 6515 attached ) = 4 [pid 6513] <... ioctl resumed>) = 0 [pid 6514] close(3 [pid 6513] close(3 [pid 6514] <... close resumed>) = 0 [pid 6513] <... close resumed>) = 0 [pid 6514] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6513] close(4 [pid 6514] memfd_create("syzkaller", 0 [pid 6513] <... close resumed>) = 0 [pid 6513] mkdir("./file0", 0777 [pid 6515] set_robust_list(0x555556d3f660, 24 [pid 6513] <... mkdir resumed>) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6515 [pid 6515] <... set_robust_list resumed>) = 0 [pid 6515] chdir("./285" [pid 5079] <... ioctl resumed>) = 0 [pid 6515] <... chdir resumed>) = 0 [pid 6513] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6515] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] close(3 [pid 6515] <... prctl resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 6515] setpgid(0, 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6515] <... setpgid resumed>) = 0 [pid 6514] <... memfd_create resumed>) = 3 [pid 6514] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6515] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6516 ./strace-static-x86_64: Process 6516 attached [pid 6515] write(3, "1000", 4 [pid 6516] set_robust_list(0x555556d3f660, 24) = 0 [pid 6515] <... write resumed>) = 4 [pid 6516] chdir("./283" [pid 6515] close(3) = 0 [pid 6516] <... chdir resumed>) = 0 [pid 6516] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6515] symlink("/dev/binderfs", "./binderfs" [pid 6516] <... prctl resumed>) = 0 [ 281.753795][ T6513] loop1: detected capacity change from 0 to 4096 [ 281.791651][ T6513] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6516] setpgid(0, 0 [pid 6515] <... symlink resumed>) = 0 [pid 6515] memfd_create("syzkaller", 0 [pid 5076] <... ioctl resumed>) = 0 [pid 6516] <... setpgid resumed>) = 0 [pid 6516] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6515] <... memfd_create resumed>) = 3 [pid 5076] close(3) = 0 [pid 6516] <... openat resumed>) = 3 [pid 6515] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6515] <... mmap resumed>) = 0x7f3feae00000 [pid 6516] write(3, "1000", 4) = 4 [pid 6516] close(3) = 0 [pid 6516] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6516] memfd_create("syzkaller", 0) = 3 [pid 6516] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6517 ./strace-static-x86_64: Process 6517 attached [pid 6517] set_robust_list(0x555556d3f660, 24) = 0 [pid 6517] chdir("./282") = 0 [pid 6517] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6517] setpgid(0, 0) = 0 [pid 6517] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6517] write(3, "1000", 4 [pid 6513] <... mount resumed>) = 0 [pid 6517] <... write resumed>) = 4 [pid 6513] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6517] close(3) = 0 [pid 6514] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6513] <... openat resumed>) = 3 [pid 6517] symlink("/dev/binderfs", "./binderfs" [pid 6513] chdir("./file0" [pid 6517] <... symlink resumed>) = 0 [pid 6513] <... chdir resumed>) = 0 [pid 6513] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6513] exit_group(0) = ? [pid 6513] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6513, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5077] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5077] umount2("./284", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./284", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", [pid 6517] memfd_create("syzkaller", 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, [pid 6517] <... memfd_create resumed>) = 3 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./284/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6517] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./284/binderfs", [pid 6517] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./284/binderfs") = 0 [pid 5077] umount2("./284/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6515] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... umount2 resumed>) = 0 [pid 5077] umount2("./284/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./284/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./284/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./284/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./284/file0") = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./284") = 0 [pid 5077] mkdir("./285", 0777) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD) = 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6516] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6518 ./strace-static-x86_64: Process 6518 attached [pid 6518] set_robust_list(0x555556d3f660, 24) = 0 [pid 6518] chdir("./285") = 0 [pid 6518] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6518] setpgid(0, 0) = 0 [pid 6518] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6518] write(3, "1000", 4) = 4 [pid 6518] close(3) = 0 [pid 6518] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6517] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6514] <... write resumed>) = 2097152 [pid 6514] munmap(0x7f3feae00000, 138412032 [pid 6518] memfd_create("syzkaller", 0) = 3 [pid 6514] <... munmap resumed>) = 0 [pid 6515] <... write resumed>) = 2097152 [pid 6518] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6514] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6515] munmap(0x7f3feae00000, 138412032 [pid 6514] <... openat resumed>) = 4 [pid 6514] ioctl(4, LOOP_SET_FD, 3 [pid 6515] <... munmap resumed>) = 0 [pid 6515] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6516] <... write resumed>) = 2097152 [pid 6516] munmap(0x7f3feae00000, 138412032 [pid 6515] <... openat resumed>) = 4 [pid 6515] ioctl(4, LOOP_SET_FD, 3 [pid 6514] <... ioctl resumed>) = 0 [pid 6516] <... munmap resumed>) = 0 [pid 6517] <... write resumed>) = 2097152 [pid 6515] <... ioctl resumed>) = 0 [pid 6515] close(3 [pid 6517] munmap(0x7f3feae00000, 138412032 [pid 6514] close(3 [pid 6516] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6514] <... close resumed>) = 0 [pid 6517] <... munmap resumed>) = 0 [pid 6516] <... openat resumed>) = 4 [pid 6515] <... close resumed>) = 0 [pid 6514] close(4 [ 282.076652][ T6514] loop4: detected capacity change from 0 to 4096 [ 282.100962][ T6515] loop2: detected capacity change from 0 to 4096 [pid 6516] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6515] close(4 [pid 6514] <... close resumed>) = 0 [pid 6517] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6515] <... close resumed>) = 0 [pid 6517] <... openat resumed>) = 4 [pid 6515] mkdir("./file0", 0777 [pid 6514] mkdir("./file0", 0777) = 0 [pid 6514] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6517] ioctl(4, LOOP_SET_FD, 3 [pid 6515] <... mkdir resumed>) = 0 [pid 6516] close(3) = 0 [pid 6516] close(4) = 0 [pid 6516] mkdir("./file0", 0777) = 0 [pid 6516] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [ 282.120807][ T6516] loop3: detected capacity change from 0 to 4096 [ 282.144696][ T6514] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 282.156960][ T6517] loop0: detected capacity change from 0 to 4096 [ 282.167601][ T6515] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6515] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6517] <... ioctl resumed>) = 0 [pid 6517] close(3) = 0 [pid 6517] close(4 [pid 6518] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6517] <... close resumed>) = 0 [pid 6517] mkdir("./file0", 0777) = 0 [ 282.168408][ T6516] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 282.213246][ T6517] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6517] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6515] <... mount resumed>) = 0 [pid 6515] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6515] chdir("./file0") = 0 [pid 6515] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6515] exit_group(0) = ? [pid 6515] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6515, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5078] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5078] umount2("./285", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6518] <... write resumed>) = 2097152 [pid 5078] openat(AT_FDCWD, "./285", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6518] munmap(0x7f3feae00000, 138412032 [pid 5078] <... openat resumed>) = 3 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, [pid 6518] <... munmap resumed>) = 0 [pid 6514] <... mount resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./285/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./285/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./285/binderfs" [pid 6514] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5078] <... unlink resumed>) = 0 [pid 6514] chdir("./file0" [pid 5078] umount2("./285/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6514] <... chdir resumed>) = 0 [pid 6514] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6516] <... mount resumed>) = 0 [pid 6514] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... umount2 resumed>) = 0 [pid 6514] exit_group(0) = ? [pid 5078] umount2("./285/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6516] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6516] chdir("./file0" [pid 5078] newfstatat(AT_FDCWD, "./285/file0", [pid 6516] <... chdir resumed>) = 0 [pid 6516] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6517] <... mount resumed>) = 0 [pid 6516] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] umount2("./285/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6518] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6516] exit_group(0 [pid 6514] +++ exited with 0 +++ [pid 6518] <... openat resumed>) = 4 [pid 6516] <... exit_group resumed>) = ? [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6518] ioctl(4, LOOP_SET_FD, 3 [pid 6517] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6516] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6514, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5078] openat(AT_FDCWD, "./285/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6517] <... openat resumed>) = 3 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6516, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 5078] newfstatat(4, "", [pid 6518] <... ioctl resumed>) = 0 [pid 6517] chdir("./file0" [pid 5080] restart_syscall(<... resuming interrupted clone ...> [pid 5079] umount2("./283", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6518] close(3 [pid 6517] <... chdir resumed>) = 0 [pid 5080] <... restart_syscall resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] getdents64(4, [pid 6518] <... close resumed>) = 0 [pid 6517] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] openat(AT_FDCWD, "./283", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6518] close(4 [pid 6517] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6517] exit_group(0 [pid 5080] umount2("./281", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... openat resumed>) = 3 [pid 6518] <... close resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(3, "", [pid 5078] getdents64(4, [pid 6518] mkdir("./file0", 0777 [pid 6517] <... exit_group resumed>) = ? [pid 5080] openat(AT_FDCWD, "./281", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6518] <... mkdir resumed>) = 0 [pid 6517] +++ exited with 0 +++ [pid 5080] <... openat resumed>) = 3 [pid 5079] getdents64(3, [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6517, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 6518] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5080] getdents64(3, [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./282", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./283/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] close(4 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... close resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./282", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] newfstatat(AT_FDCWD, "./283/binderfs", [pid 5078] rmdir("./285/file0" [pid 5076] <... openat resumed>) = 3 [pid 5080] umount2("./281/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5076] newfstatat(3, "", [pid 5079] unlink("./283/binderfs" [pid 5078] getdents64(3, [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... unlink resumed>) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./282/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./282/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./283/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] unlink("./282/binderfs") = 0 [pid 5076] umount2("./282/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./285" [pid 5080] newfstatat(AT_FDCWD, "./281/binderfs", [pid 5078] <... rmdir resumed>) = 0 [pid 5078] mkdir("./286", 0777 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5080] unlink("./281/binderfs") = 0 [pid 5080] umount2("./281/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... umount2 resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5076] umount2("./282/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./282/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./282/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./282/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, [pid 5080] <... umount2 resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./282/file0" [pid 5080] umount2("./281/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... rmdir resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 282.321794][ T6518] loop1: detected capacity change from 0 to 4096 [ 282.359640][ T6518] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5080] newfstatat(AT_FDCWD, "./281/file0", [pid 5079] umount2("./283/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] umount2("./281/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] newfstatat(AT_FDCWD, "./283/file0", [pid 5076] close(3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... close resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./281/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] umount2("./283/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] rmdir("./282" [pid 5080] <... openat resumed>) = 4 [pid 5076] <... rmdir resumed>) = 0 [pid 5080] newfstatat(4, "", [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] mkdir("./283", 0777 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] openat(AT_FDCWD, "./283/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... mkdir resumed>) = 0 [pid 5079] <... openat resumed>) = 4 [pid 5079] newfstatat(4, "", [pid 6518] <... mount resumed>) = 0 [pid 5080] getdents64(4, [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6518] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6518] <... openat resumed>) = 3 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... openat resumed>) = 3 [pid 6518] chdir("./file0" [pid 5080] getdents64(4, [pid 5079] getdents64(4, [pid 6518] <... chdir resumed>) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6518] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6518] exit_group(0) = ? [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] close(4 [pid 5079] getdents64(4, [pid 5080] <... close resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] rmdir("./281/file0" [pid 5079] close(4 [pid 5080] <... rmdir resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3 [pid 5079] rmdir("./283/file0" [pid 5080] <... close resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5080] rmdir("./281" [pid 6518] +++ exited with 0 +++ [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6518, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=8 /* 0.08 s */} --- [pid 5079] close(3 [pid 5077] restart_syscall(<... resuming interrupted clone ...> [pid 5080] <... rmdir resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5077] <... restart_syscall resumed>) = 0 [pid 5079] rmdir("./283") = 0 [pid 5077] umount2("./285", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] mkdir("./282", 0777 [pid 5077] openat(AT_FDCWD, "./285", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... mkdir resumed>) = 0 [pid 5079] mkdir("./284", 0777 [pid 5077] <... openat resumed>) = 3 [pid 5079] <... mkdir resumed>) = 0 [pid 5077] newfstatat(3, "", [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5077] getdents64(3, [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./285/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./285/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./285/binderfs") = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] umount2("./285/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] <... ioctl resumed>) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5076] close(3 [pid 5077] umount2("./285/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./285/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./285/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] close(3 [pid 5076] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./285/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... openat resumed>) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 6519 attached [pid 5078] <... close resumed>) = 0 [pid 6519] set_robust_list(0x555556d3f660, 24 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] getdents64(4, [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6519 [pid 6519] <... set_robust_list resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 6519] chdir("./283") = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6520 [pid 5077] rmdir("./285/file0"./strace-static-x86_64: Process 6520 attached [pid 6519] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6520] set_robust_list(0x555556d3f660, 24 [pid 6519] <... prctl resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5077] getdents64(3, [pid 6520] <... set_robust_list resumed>) = 0 [pid 6519] setpgid(0, 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6519] <... setpgid resumed>) = 0 [pid 5077] close(3 [pid 6520] chdir("./286" [pid 5077] <... close resumed>) = 0 [pid 6520] <... chdir resumed>) = 0 [pid 6519] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] rmdir("./285" [pid 6520] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6519] <... openat resumed>) = 3 [pid 5077] <... rmdir resumed>) = 0 [pid 6520] <... prctl resumed>) = 0 [pid 6519] write(3, "1000", 4 [pid 5077] mkdir("./286", 0777 [pid 6520] setpgid(0, 0 [pid 6519] <... write resumed>) = 4 [pid 5077] <... mkdir resumed>) = 0 [pid 6520] <... setpgid resumed>) = 0 [pid 6519] close(3 [pid 5080] <... ioctl resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5080] close(3 [pid 6520] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6519] <... close resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5079] close(3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6519] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6520] <... openat resumed>) = 3 [pid 6520] write(3, "1000", 4) = 4 [pid 6520] close(3) = 0 [pid 6519] memfd_create("syzkaller", 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... close resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6521 ./strace-static-x86_64: Process 6521 attached [pid 6520] symlink("/dev/binderfs", "./binderfs" [pid 6521] set_robust_list(0x555556d3f660, 24) = 0 [pid 6520] <... symlink resumed>) = 0 [pid 6519] <... memfd_create resumed>) = 3 [pid 6521] chdir("./282") = 0 [pid 6519] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6521] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6519] <... mmap resumed>) = 0x7f3feae00000 [pid 6521] <... prctl resumed>) = 0 [pid 6521] setpgid(0, 0) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6522 [pid 6521] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6520] memfd_create("syzkaller", 0./strace-static-x86_64: Process 6522 attached [pid 6522] set_robust_list(0x555556d3f660, 24) = 0 [pid 6521] <... openat resumed>) = 3 [pid 6520] <... memfd_create resumed>) = 3 [pid 6520] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6522] chdir("./284" [pid 6521] write(3, "1000", 4 [pid 6522] <... chdir resumed>) = 0 [pid 6521] <... write resumed>) = 4 [pid 6522] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6521] close(3) = 0 [pid 6522] <... prctl resumed>) = 0 [pid 6522] setpgid(0, 0) = 0 [pid 6522] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6521] symlink("/dev/binderfs", "./binderfs" [pid 6519] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6522] <... openat resumed>) = 3 [pid 6521] <... symlink resumed>) = 0 [pid 6522] write(3, "1000", 4 [pid 6521] memfd_create("syzkaller", 0 [pid 6520] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... ioctl resumed>) = 0 [pid 6522] <... write resumed>) = 4 [pid 6522] close(3 [pid 5077] close(3 [pid 6522] <... close resumed>) = 0 [pid 6521] <... memfd_create resumed>) = 3 [pid 5077] <... close resumed>) = 0 [pid 6522] symlink("/dev/binderfs", "./binderfs" [pid 6521] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6522] <... symlink resumed>) = 0 ./strace-static-x86_64: Process 6523 attached [pid 6522] memfd_create("syzkaller", 0 [pid 6521] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6523 [pid 6523] set_robust_list(0x555556d3f660, 24) = 0 [pid 6523] chdir("./286") = 0 [pid 6523] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6522] <... memfd_create resumed>) = 3 [pid 6523] setpgid(0, 0) = 0 [pid 6522] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6523] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6522] <... mmap resumed>) = 0x7f3feae00000 [pid 6523] <... openat resumed>) = 3 [pid 6523] write(3, "1000", 4) = 4 [pid 6523] close(3) = 0 [pid 6523] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6523] memfd_create("syzkaller", 0 [pid 6519] <... write resumed>) = 2097152 [pid 6523] <... memfd_create resumed>) = 3 [pid 6519] munmap(0x7f3feae00000, 138412032 [pid 6523] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6520] <... write resumed>) = 2097152 [pid 6520] munmap(0x7f3feae00000, 138412032) = 0 [pid 6520] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6522] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6519] <... munmap resumed>) = 0 [pid 6519] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6520] <... openat resumed>) = 4 [pid 6519] <... openat resumed>) = 4 [pid 6519] ioctl(4, LOOP_SET_FD, 3 [pid 6520] ioctl(4, LOOP_SET_FD, 3 [pid 6521] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6519] <... ioctl resumed>) = 0 [pid 6519] close(3 [pid 6523] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6522] <... write resumed>) = 2097152 [pid 6520] <... ioctl resumed>) = 0 [pid 6519] <... close resumed>) = 0 [ 282.785365][ T6519] loop0: detected capacity change from 0 to 4096 [ 282.800488][ T6520] loop2: detected capacity change from 0 to 4096 [pid 6519] close(4 [pid 6522] munmap(0x7f3feae00000, 138412032 [pid 6519] <... close resumed>) = 0 [pid 6520] close(3) = 0 [pid 6520] close(4) = 0 [pid 6519] mkdir("./file0", 0777) = 0 [pid 6520] mkdir("./file0", 0777) = 0 [pid 6519] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6520] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6522] <... munmap resumed>) = 0 [pid 6522] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6522] ioctl(4, LOOP_SET_FD, 3 [pid 6521] <... write resumed>) = 2097152 [ 282.841802][ T6520] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 282.851486][ T6519] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6522] <... ioctl resumed>) = 0 [pid 6521] munmap(0x7f3feae00000, 138412032) = 0 [pid 6523] <... write resumed>) = 2097152 [pid 6520] <... mount resumed>) = 0 [pid 6519] <... mount resumed>) = 0 [pid 6520] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6519] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6520] <... openat resumed>) = 3 [pid 6519] <... openat resumed>) = 3 [pid 6522] close(3 [pid 6521] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6520] chdir("./file0" [pid 6519] chdir("./file0" [pid 6522] <... close resumed>) = 0 [pid 6521] <... openat resumed>) = 4 [pid 6520] <... chdir resumed>) = 0 [pid 6519] <... chdir resumed>) = 0 [pid 6522] close(4 [pid 6520] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6519] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6520] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6519] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6522] <... close resumed>) = 0 [pid 6521] ioctl(4, LOOP_SET_FD, 3 [pid 6520] exit_group(0 [pid 6519] exit_group(0 [pid 6523] munmap(0x7f3feae00000, 138412032 [pid 6522] mkdir("./file0", 0777 [pid 6519] <... exit_group resumed>) = ? [pid 6523] <... munmap resumed>) = 0 [pid 6520] <... exit_group resumed>) = ? [pid 6522] <... mkdir resumed>) = 0 [pid 6523] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 282.902065][ T6522] loop3: detected capacity change from 0 to 4096 [ 282.938084][ T6521] loop4: detected capacity change from 0 to 4096 [pid 6520] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6520, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 6523] ioctl(4, LOOP_SET_FD, 3 [pid 5078] umount2("./286", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./286", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6522] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6519] +++ exited with 0 +++ [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6519, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./283", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./283", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] umount2("./286/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./286/binderfs", [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./283/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] unlink("./286/binderfs" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6521] <... ioctl resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./283/binderfs", [pid 6521] close(3 [pid 5078] umount2("./286/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6523] <... ioctl resumed>) = 0 [pid 6521] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5078] umount2("./286/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] unlink("./283/binderfs" [pid 6521] close(4 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... unlink resumed>) = 0 [pid 6523] close(3 [pid 6521] <... close resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./286/file0", [pid 6523] <... close resumed>) = 0 [pid 6521] mkdir("./file0", 0777 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./283/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6523] close(4 [pid 6521] <... mkdir resumed>) = 0 [pid 5078] umount2("./286/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6523] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6523] mkdir("./file0", 0777 [pid 5078] openat(AT_FDCWD, "./286/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6523] <... mkdir resumed>) = 0 [pid 6521] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5078] <... openat resumed>) = 4 [pid 5076] <... umount2 resumed>) = 0 [pid 6523] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [ 282.961347][ T6523] loop1: detected capacity change from 0 to 4096 [ 282.973898][ T6522] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./286/file0") = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./286") = 0 [pid 5076] umount2("./283/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] mkdir("./287", 0777) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./283/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./283/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6522] <... mount resumed>) = 0 [pid 6522] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6522] <... openat resumed>) = 3 [pid 5076] openat(AT_FDCWD, "./283/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6522] chdir("./file0" [pid 5078] <... openat resumed>) = 3 [pid 5076] <... openat resumed>) = 4 [pid 6522] <... chdir resumed>) = 0 [pid 5076] newfstatat(4, "", [pid 6522] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6522] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] getdents64(4, [pid 6522] exit_group(0 [pid 5078] <... ioctl resumed>) = 0 [pid 6522] <... exit_group resumed>) = ? [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] close(3) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6524 attached [pid 6522] +++ exited with 0 +++ [pid 5076] getdents64(4, [pid 6524] set_robust_list(0x555556d3f660, 24 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6524] <... set_robust_list resumed>) = 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6522, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5076] close(4 [pid 6524] chdir("./287" [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6524 [pid 5076] <... close resumed>) = 0 [pid 6524] <... chdir resumed>) = 0 [pid 5079] restart_syscall(<... resuming interrupted clone ...> [pid 5076] rmdir("./283/file0" [pid 5079] <... restart_syscall resumed>) = 0 [pid 6524] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... rmdir resumed>) = 0 [pid 5079] umount2("./284", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./284", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 283.017630][ T6521] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 283.041292][ T6523] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6524] <... prctl resumed>) = 0 [pid 5079] newfstatat(3, "", [pid 5076] getdents64(3, [pid 6524] setpgid(0, 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] getdents64(3, [pid 5076] close(3 [pid 6524] <... setpgid resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./284/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6524] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... close resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./284/binderfs", [pid 6524] <... openat resumed>) = 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] rmdir("./283" [pid 6524] write(3, "1000", 4 [pid 5079] unlink("./284/binderfs" [pid 6524] <... write resumed>) = 4 [pid 5079] <... unlink resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 6524] close(3 [pid 5079] umount2("./284/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] mkdir("./284", 0777 [pid 6524] <... close resumed>) = 0 [pid 6524] symlink("/dev/binderfs", "./binderfs" [pid 5079] <... umount2 resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 6524] <... symlink resumed>) = 0 [pid 5079] umount2("./284/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6524] memfd_create("syzkaller", 0 [pid 5079] newfstatat(AT_FDCWD, "./284/file0", [pid 5076] <... openat resumed>) = 3 [pid 6524] <... memfd_create resumed>) = 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6524] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] umount2("./284/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6524] <... mmap resumed>) = 0x7f3feae00000 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./284/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./284/file0") = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./284") = 0 [pid 5079] mkdir("./285", 0777) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6524] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] <... ioctl resumed>) = 0 [pid 6521] <... mount resumed>) = 0 [pid 6521] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5076] close(3 [pid 6521] chdir("./file0" [pid 5076] <... close resumed>) = 0 [pid 6521] <... chdir resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6521] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6521] exit_group(0) = ? ./strace-static-x86_64: Process 6525 attached [pid 6523] <... mount resumed>) = 0 [pid 6521] +++ exited with 0 +++ [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6525 [pid 6525] set_robust_list(0x555556d3f660, 24) = 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6521, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=7 /* 0.07 s */} --- [pid 5080] umount2("./282", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6523] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6525] chdir("./284" [pid 6524] <... write resumed>) = 2097152 [pid 6523] <... openat resumed>) = 3 [pid 5080] openat(AT_FDCWD, "./282", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6525] <... chdir resumed>) = 0 [pid 6525] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6523] chdir("./file0") = 0 [pid 6523] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... openat resumed>) = 3 [pid 6523] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] newfstatat(3, "", [pid 6523] exit_group(0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6523] <... exit_group resumed>) = ? [pid 5080] getdents64(3, [pid 6523] +++ exited with 0 +++ [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6525] <... prctl resumed>) = 0 [pid 5080] umount2("./282/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6525] setpgid(0, 0 [pid 5080] newfstatat(AT_FDCWD, "./282/binderfs", [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6523, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=3 /* 0.03 s */} --- [pid 6524] munmap(0x7f3feae00000, 138412032 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./282/binderfs" [pid 5077] restart_syscall(<... resuming interrupted clone ...> [pid 5080] <... unlink resumed>) = 0 [pid 5077] <... restart_syscall resumed>) = 0 [pid 5080] umount2("./282/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6525] <... setpgid resumed>) = 0 [pid 6524] <... munmap resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5077] umount2("./286", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6525] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6524] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] close(3 [pid 6524] <... openat resumed>) = 4 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6524] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... close resumed>) = 0 [pid 6525] <... openat resumed>) = 3 [pid 6524] <... ioctl resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] openat(AT_FDCWD, "./286", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6525] write(3, "1000", 4) = 4 [pid 5077] <... openat resumed>) = 3 [pid 6525] close(3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6525] <... close resumed>) = 0 ./strace-static-x86_64: Process 6526 attached [pid 6525] symlink("/dev/binderfs", "./binderfs" [pid 6524] close(3 [pid 5080] <... umount2 resumed>) = 0 [pid 5077] getdents64(3, [pid 6526] set_robust_list(0x555556d3f660, 24 [pid 6525] <... symlink resumed>) = 0 [pid 6524] <... close resumed>) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6526 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6524] close(4) = 0 [pid 5077] umount2("./286/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6526] <... set_robust_list resumed>) = 0 [pid 6524] mkdir("./file0", 0777 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6525] memfd_create("syzkaller", 0 [pid 5080] umount2("./282/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] newfstatat(AT_FDCWD, "./286/binderfs", [pid 6525] <... memfd_create resumed>) = 3 [pid 6525] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6524] <... mkdir resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6526] chdir("./285" [pid 6525] <... mmap resumed>) = 0x7f3feae00000 [pid 6524] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5080] newfstatat(AT_FDCWD, "./282/file0", [pid 5077] unlink("./286/binderfs" [pid 6526] <... chdir resumed>) = 0 [pid 6526] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 6526] <... prctl resumed>) = 0 [pid 5080] umount2("./282/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] umount2("./286/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = 0 [pid 6526] setpgid(0, 0 [pid 5080] openat(AT_FDCWD, "./282/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] umount2("./286/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] getdents64(4, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, [pid 5077] newfstatat(AT_FDCWD, "./286/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] umount2("./286/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] close(4) = 0 [pid 6526] <... setpgid resumed>) = 0 [pid 5080] rmdir("./282/file0" [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6526] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5080] <... rmdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "./286/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6526] write(3, "1000", 4) = 4 [pid 5077] <... openat resumed>) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6526] close(3) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./286/file0" [pid 6526] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... rmdir resumed>) = 0 [pid 5080] getdents64(3, [pid 5077] getdents64(3, [pid 6526] <... symlink resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3 [pid 5077] close(3 [pid 5080] <... close resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5080] rmdir("./282" [pid 5077] rmdir("./286" [pid 6526] memfd_create("syzkaller", 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 6526] <... memfd_create resumed>) = 3 [pid 5077] mkdir("./287", 0777 [pid 6526] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] <... mkdir resumed>) = 0 [pid 6526] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] mkdir("./283", 0777 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5080] <... mkdir resumed>) = 0 [ 283.299215][ T6524] loop2: detected capacity change from 0 to 4096 [ 283.338627][ T6524] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6525] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6524] <... mount resumed>) = 0 [pid 6524] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6524] chdir("./file0") = 0 [pid 6524] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] <... ioctl resumed>) = 0 [pid 6524] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6524] exit_group(0) = ? [pid 5077] close(3 [pid 6525] <... write resumed>) = 2097152 [pid 5080] <... ioctl resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6527 attached [pid 6526] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] close(3 [pid 6527] set_robust_list(0x555556d3f660, 24 [pid 5080] <... close resumed>) = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6527 [pid 6527] <... set_robust_list resumed>) = 0 [pid 6524] +++ exited with 0 +++ [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6524, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- ./strace-static-x86_64: Process 6528 attached [pid 6527] chdir("./287" [pid 6525] munmap(0x7f3feae00000, 138412032 [pid 6527] <... chdir resumed>) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6528 [pid 6527] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6528] set_robust_list(0x555556d3f660, 24 [pid 6527] setpgid(0, 0 [pid 6525] <... munmap resumed>) = 0 [pid 6528] <... set_robust_list resumed>) = 0 [pid 6527] <... setpgid resumed>) = 0 [pid 6528] chdir("./283" [pid 6527] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] umount2("./287", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6528] <... chdir resumed>) = 0 [pid 6527] <... openat resumed>) = 3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6528] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6527] write(3, "1000", 4 [pid 6525] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] openat(AT_FDCWD, "./287", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6528] <... prctl resumed>) = 0 [pid 6527] <... write resumed>) = 4 [pid 6528] setpgid(0, 0 [pid 6527] close(3 [pid 6525] <... openat resumed>) = 4 [pid 5078] <... openat resumed>) = 3 [pid 6528] <... setpgid resumed>) = 0 [pid 6527] <... close resumed>) = 0 [pid 6525] ioctl(4, LOOP_SET_FD, 3 [pid 5078] newfstatat(3, "", [pid 6528] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6527] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6528] <... openat resumed>) = 3 [pid 6527] <... symlink resumed>) = 0 [pid 5078] getdents64(3, [pid 6528] write(3, "1000", 4 [pid 6527] memfd_create("syzkaller", 0 [pid 6528] <... write resumed>) = 4 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6528] close(3) = 0 [pid 5078] umount2("./287/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6528] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./287/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./287/binderfs") = 0 [pid 6527] <... memfd_create resumed>) = 3 [pid 6528] memfd_create("syzkaller", 0 [pid 6527] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6525] <... ioctl resumed>) = 0 [pid 5078] umount2("./287/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6528] <... memfd_create resumed>) = 3 [pid 6526] <... write resumed>) = 2097152 [pid 6525] close(3 [pid 5078] <... umount2 resumed>) = 0 [pid 6528] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6525] <... close resumed>) = 0 [pid 5078] umount2("./287/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6525] close(4 [pid 6528] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6527] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] newfstatat(AT_FDCWD, "./287/file0", [pid 6526] munmap(0x7f3feae00000, 138412032 [pid 6525] <... close resumed>) = 0 [ 283.534128][ T6525] loop0: detected capacity change from 0 to 4096 [pid 6526] <... munmap resumed>) = 0 [pid 6525] mkdir("./file0", 0777 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./287/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6526] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6526] ioctl(4, LOOP_SET_FD, 3 [pid 5078] openat(AT_FDCWD, "./287/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6525] <... mkdir resumed>) = 0 [pid 5078] <... openat resumed>) = 4 [pid 6525] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6526] <... ioctl resumed>) = 0 [pid 6526] close(3) = 0 [pid 6526] close(4 [pid 5078] getdents64(4, [pid 6526] <... close resumed>) = 0 [pid 6526] mkdir("./file0", 0777) = 0 [pid 6526] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./287/file0") = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./287") = 0 [pid 5078] mkdir("./288", 0777) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [ 283.599563][ T6526] loop3: detected capacity change from 0 to 4096 [ 283.612205][ T6525] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 283.634986][ T6526] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6527] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6525] <... mount resumed>) = 0 [pid 6528] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6525] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6525] chdir("./file0") = 0 [pid 6525] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6525] exit_group(0) = ? [pid 6525] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6525, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5076] umount2("./284", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./284", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... ioctl resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5078] close(3 [pid 5076] newfstatat(3, "", [pid 5078] <... close resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 6529 attached [pid 6528] <... write resumed>) = 2097152 [pid 5076] getdents64(3, [pid 6529] set_robust_list(0x555556d3f660, 24 [pid 6528] munmap(0x7f3feae00000, 138412032 [pid 6527] <... write resumed>) = 2097152 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6529 [pid 6529] <... set_robust_list resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6529] chdir("./288") = 0 [pid 6527] munmap(0x7f3feae00000, 138412032 [pid 6529] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6528] <... munmap resumed>) = 0 [pid 6527] <... munmap resumed>) = 0 [pid 5076] umount2("./284/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6529] <... prctl resumed>) = 0 [pid 6528] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6529] setpgid(0, 0) = 0 [pid 6528] <... openat resumed>) = 4 [pid 5076] newfstatat(AT_FDCWD, "./284/binderfs", [pid 6528] ioctl(4, LOOP_SET_FD, 3 [pid 6527] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6529] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6528] <... ioctl resumed>) = 0 [pid 6527] <... openat resumed>) = 4 [pid 6526] <... mount resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6529] <... openat resumed>) = 3 [pid 6528] close(3 [pid 6527] ioctl(4, LOOP_SET_FD, 3 [pid 6526] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] unlink("./284/binderfs" [pid 6529] write(3, "1000", 4 [pid 6528] <... close resumed>) = 0 [pid 6526] <... openat resumed>) = 3 [pid 5076] <... unlink resumed>) = 0 [pid 6529] <... write resumed>) = 4 [pid 5076] umount2("./284/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6529] close(3) = 0 [pid 6529] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6529] memfd_create("syzkaller", 0) = 3 [pid 6528] close(4 [pid 6527] <... ioctl resumed>) = 0 [pid 6526] chdir("./file0" [pid 5076] <... umount2 resumed>) = 0 [pid 6529] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6528] <... close resumed>) = 0 [pid 6527] close(3 [pid 6526] <... chdir resumed>) = 0 [pid 5076] umount2("./284/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6529] <... mmap resumed>) = 0x7f3feae00000 [pid 6528] mkdir("./file0", 0777 [pid 6527] <... close resumed>) = 0 [pid 6526] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6528] <... mkdir resumed>) = 0 [pid 6527] close(4 [pid 6526] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6528] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6527] <... close resumed>) = 0 [pid 6526] exit_group(0 [pid 5076] newfstatat(AT_FDCWD, "./284/file0", [ 283.783454][ T6528] loop4: detected capacity change from 0 to 4096 [ 283.800996][ T6527] loop1: detected capacity change from 0 to 4096 [pid 6527] mkdir("./file0", 0777 [pid 6526] <... exit_group resumed>) = ? [pid 6527] <... mkdir resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./284/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./284/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./284/file0") = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./284") = 0 [pid 5076] mkdir("./285", 0777 [pid 6527] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6526] +++ exited with 0 +++ [pid 5076] <... mkdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6526, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5079] umount2("./285", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5079] openat(AT_FDCWD, "./285", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6529] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./285/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 283.829916][ T6528] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 283.856971][ T6527] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5079] newfstatat(AT_FDCWD, "./285/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./285/binderfs") = 0 [pid 5079] umount2("./285/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6528] <... mount resumed>) = 0 [pid 6528] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6528] chdir("./file0") = 0 [pid 6528] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6528] exit_group(0 [pid 5079] <... umount2 resumed>) = 0 [pid 6528] <... exit_group resumed>) = ? [pid 6528] +++ exited with 0 +++ [pid 5079] umount2("./285/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6528, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] umount2("./283", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./285/file0", [pid 5080] openat(AT_FDCWD, "./283", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./283/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./283/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./283/binderfs" [pid 5079] umount2("./285/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... unlink resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] umount2("./283/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] openat(AT_FDCWD, "./285/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] <... ioctl resumed>) = 0 [pid 5079] newfstatat(4, "", [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6529] <... write resumed>) = 2097152 [pid 5080] <... umount2 resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6530 ./strace-static-x86_64: Process 6530 attached [pid 6529] munmap(0x7f3feae00000, 138412032 [pid 6527] <... mount resumed>) = 0 [pid 5080] umount2("./283/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] getdents64(4, [pid 5080] newfstatat(AT_FDCWD, "./283/file0", [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6530] set_robust_list(0x555556d3f660, 24 [pid 6529] <... munmap resumed>) = 0 [pid 6527] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] close(4) = 0 [pid 5080] umount2("./283/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6527] <... openat resumed>) = 3 [pid 5079] rmdir("./285/file0" [pid 6527] chdir("./file0" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6530] <... set_robust_list resumed>) = 0 [pid 6530] chdir("./285" [pid 6527] <... chdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./283/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6530] <... chdir resumed>) = 0 [pid 6530] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6527] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... openat resumed>) = 4 [pid 6530] <... prctl resumed>) = 0 [pid 5080] newfstatat(4, "", [pid 6530] setpgid(0, 0 [pid 6527] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6530] <... setpgid resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 6530] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6527] exit_group(0 [pid 5080] getdents64(4, [pid 5079] getdents64(3, [pid 6530] <... openat resumed>) = 3 [pid 6529] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6527] <... exit_group resumed>) = ? [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6530] write(3, "1000", 4 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6530] <... write resumed>) = 4 [pid 6530] close(3) = 0 [pid 5079] close(3 [pid 6530] symlink("/dev/binderfs", "./binderfs" [pid 5079] <... close resumed>) = 0 [pid 5080] getdents64(4, [pid 6529] <... openat resumed>) = 4 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] rmdir("./285" [pid 6530] <... symlink resumed>) = 0 [pid 5080] close(4 [pid 6530] memfd_create("syzkaller", 0 [pid 6529] ioctl(4, LOOP_SET_FD, 3 [pid 6527] +++ exited with 0 +++ [pid 5080] <... close resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 6530] <... memfd_create resumed>) = 3 [pid 6529] <... ioctl resumed>) = 0 [pid 5080] rmdir("./283/file0" [pid 5079] mkdir("./286", 0777 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6527, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=4 /* 0.04 s */} --- [pid 6530] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6529] close(3 [pid 6530] <... mmap resumed>) = 0x7f3feae00000 [pid 6529] <... close resumed>) = 0 [pid 6529] close(4) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5077] umount2("./287", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6529] mkdir("./file0", 0777) = 0 [pid 5080] getdents64(3, [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] openat(AT_FDCWD, "./287", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] close(3 [pid 6529] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5080] <... close resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5077] <... openat resumed>) = 3 [pid 5080] rmdir("./283" [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5077] newfstatat(3, "", [pid 5080] <... rmdir resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] mkdir("./284", 0777 [pid 5077] getdents64(3, [pid 5080] <... mkdir resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./287/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./287/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] unlink("./287/binderfs") = 0 [pid 5080] <... openat resumed>) = 3 [pid 5077] umount2("./287/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] ioctl(3, LOOP_CLR_FD [ 284.015871][ T6529] loop2: detected capacity change from 0 to 4096 [ 284.045366][ T6529] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6530] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... umount2 resumed>) = 0 [pid 5077] umount2("./287/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./287/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6530] <... write resumed>) = 2097152 [pid 5077] umount2("./287/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6530] munmap(0x7f3feae00000, 138412032 [pid 5077] openat(AT_FDCWD, "./287/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... ioctl resumed>) = 0 [pid 5077] <... openat resumed>) = 4 [pid 6530] <... munmap resumed>) = 0 [pid 5079] close(3 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... close resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, ./strace-static-x86_64: Process 6531 attached [pid 6531] set_robust_list(0x555556d3f660, 24) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6531 [pid 6531] chdir("./286") = 0 [pid 6531] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6531] setpgid(0, 0) = 0 [pid 6531] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6530] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6531] <... openat resumed>) = 3 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6530] ioctl(4, LOOP_SET_FD, 3 [pid 5077] close(4 [pid 6531] write(3, "1000", 4) = 4 [pid 6531] close(3) = 0 [pid 6531] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6531] memfd_create("syzkaller", 0 [pid 6530] <... ioctl resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 6531] <... memfd_create resumed>) = 3 [pid 5077] rmdir("./287/file0" [pid 6531] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6530] close(3 [pid 5080] close(3 [pid 5077] <... rmdir resumed>) = 0 [pid 6530] <... close resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 6530] close(4 [pid 5077] getdents64(3, [pid 6530] <... close resumed>) = 0 [pid 6530] mkdir("./file0", 0777) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3 [pid 6530] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./287"./strace-static-x86_64: Process 6532 attached ) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6532 [pid 6532] set_robust_list(0x555556d3f660, 24 [pid 5077] mkdir("./288", 0777 [pid 6532] <... set_robust_list resumed>) = 0 [pid 6529] <... mount resumed>) = 0 [pid 6529] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6532] chdir("./284" [pid 6529] <... openat resumed>) = 3 [pid 6529] chdir("./file0") = 0 [pid 6529] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] <... mkdir resumed>) = 0 [pid 6529] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6532] <... chdir resumed>) = 0 [pid 6529] exit_group(0) = ? [pid 6532] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6532] setpgid(0, 0 [pid 6529] +++ exited with 0 +++ [pid 5077] <... openat resumed>) = 3 [pid 6532] <... setpgid resumed>) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6529, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5078] umount2("./288", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6532] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 284.151096][ T6530] loop0: detected capacity change from 0 to 4096 [ 284.190382][ T6530] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5078] openat(AT_FDCWD, "./288", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", [pid 6532] write(3, "1000", 4 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6532] <... write resumed>) = 4 [pid 6532] close(3 [pid 5078] getdents64(3, [pid 6532] <... close resumed>) = 0 [pid 6532] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./288/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6532] <... symlink resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./288/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./288/binderfs") = 0 [pid 5078] umount2("./288/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6532] memfd_create("syzkaller", 0) = 3 [pid 6532] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5078] <... umount2 resumed>) = 0 [pid 5078] umount2("./288/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6531] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] newfstatat(AT_FDCWD, "./288/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./288/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./288/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./288/file0") = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3 [pid 6530] <... mount resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5078] rmdir("./288" [pid 6530] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5078] <... rmdir resumed>) = 0 [pid 6530] chdir("./file0") = 0 [pid 5078] mkdir("./289", 0777 [pid 6530] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5078] <... mkdir resumed>) = 0 [pid 6530] exit_group(0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6530] <... exit_group resumed>) = ? [pid 6530] +++ exited with 0 +++ [pid 5078] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6532] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... ioctl resumed>) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6530, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5077] close(3 [pid 5076] umount2("./285", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] openat(AT_FDCWD, "./285", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6533 attached ) = 3 [pid 6533] set_robust_list(0x555556d3f660, 24 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6533 [pid 5076] newfstatat(3, "", [pid 6533] <... set_robust_list resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, [pid 6533] chdir("./288" [pid 6531] <... write resumed>) = 2097152 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./285/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./285/binderfs", [pid 6531] munmap(0x7f3feae00000, 138412032 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6533] <... chdir resumed>) = 0 [pid 6533] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6531] <... munmap resumed>) = 0 [pid 5076] unlink("./285/binderfs" [pid 6533] <... prctl resumed>) = 0 [pid 6533] setpgid(0, 0) = 0 [pid 6531] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] <... unlink resumed>) = 0 [pid 5076] umount2("./285/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6533] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6531] <... openat resumed>) = 4 [pid 6531] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... umount2 resumed>) = 0 [pid 6533] write(3, "1000", 4 [pid 6532] <... write resumed>) = 2097152 [pid 6531] <... ioctl resumed>) = 0 [pid 5076] umount2("./285/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./285/file0", [pid 6533] <... write resumed>) = 4 [pid 6532] munmap(0x7f3feae00000, 138412032 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6533] close(3) = 0 [pid 6533] symlink("/dev/binderfs", "./binderfs" [pid 6531] close(3 [pid 5076] umount2("./285/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6533] <... symlink resumed>) = 0 [pid 6531] <... close resumed>) = 0 [pid 6531] close(4 [pid 6533] memfd_create("syzkaller", 0 [pid 6531] <... close resumed>) = 0 [pid 6532] <... munmap resumed>) = 0 [pid 6531] mkdir("./file0", 0777 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6533] <... memfd_create resumed>) = 3 [pid 6532] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] openat(AT_FDCWD, "./285/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6532] <... openat resumed>) = 4 [pid 5076] <... openat resumed>) = 4 [pid 5076] newfstatat(4, "", [pid 6532] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6531] <... mkdir resumed>) = 0 [pid 6533] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] getdents64(4, [pid 6533] <... mmap resumed>) = 0x7f3feae00000 [pid 6532] <... ioctl resumed>) = 0 [pid 6531] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5078] <... ioctl resumed>) = 0 [ 284.395233][ T6531] loop3: detected capacity change from 0 to 4096 [ 284.425961][ T6532] loop4: detected capacity change from 0 to 4096 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5078] close(3 [pid 5076] rmdir("./285/file0" [pid 5078] <... close resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6532] close(3) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6534 [pid 6532] close(4) = 0 [pid 6532] mkdir("./file0", 0777 [pid 5076] getdents64(3, [pid 6532] <... mkdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 ./strace-static-x86_64: Process 6534 attached [pid 6532] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5076] rmdir("./285") = 0 [pid 6534] set_robust_list(0x555556d3f660, 24) = 0 [pid 6534] chdir("./289" [pid 5076] mkdir("./286", 0777 [pid 6534] <... chdir resumed>) = 0 [pid 6534] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... mkdir resumed>) = 0 [pid 6534] <... prctl resumed>) = 0 [pid 6534] setpgid(0, 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6534] <... setpgid resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 6534] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6534] <... openat resumed>) = 3 [pid 6534] write(3, "1000", 4) = 4 [pid 6534] close(3) = 0 [pid 6534] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6533] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [ 284.448927][ T6531] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 284.466373][ T6532] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6534] memfd_create("syzkaller", 0) = 3 [pid 6534] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6532] <... mount resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 6532] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6532] chdir("./file0") = 0 [pid 6532] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6532] exit_group(0) = ? [pid 6532] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6532, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5080] umount2("./284", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./284", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] close(3 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... close resumed>) = 0 [pid 6531] <... mount resumed>) = 0 [pid 5080] umount2("./284/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6534] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6531] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./284/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6531] <... openat resumed>) = 3 [pid 5080] unlink("./284/binderfs") = 0 [pid 5080] umount2("./284/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6531] chdir("./file0" [pid 5080] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 6535 attached [pid 6531] <... chdir resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6535 [pid 6535] set_robust_list(0x555556d3f660, 24 [pid 6531] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] umount2("./284/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6535] <... set_robust_list resumed>) = 0 [pid 6531] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6535] chdir("./286" [pid 6531] exit_group(0 [pid 5080] newfstatat(AT_FDCWD, "./284/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6535] <... chdir resumed>) = 0 [pid 5080] umount2("./284/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6535] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6533] <... write resumed>) = 2097152 [pid 6531] <... exit_group resumed>) = ? [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6535] <... prctl resumed>) = 0 [pid 6533] munmap(0x7f3feae00000, 138412032 [pid 6535] setpgid(0, 0) = 0 [pid 6531] +++ exited with 0 +++ [pid 6535] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6534] <... write resumed>) = 2097152 [pid 6533] <... munmap resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./284/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6531, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 6535] <... openat resumed>) = 3 [pid 6534] munmap(0x7f3feae00000, 138412032 [pid 6533] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... openat resumed>) = 4 [pid 6535] write(3, "1000", 4 [pid 6533] <... openat resumed>) = 4 [pid 6535] <... write resumed>) = 4 [pid 6533] ioctl(4, LOOP_SET_FD, 3 [pid 5080] newfstatat(4, "", [pid 6535] close(3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6535] <... close resumed>) = 0 [pid 6534] <... munmap resumed>) = 0 [pid 6533] <... ioctl resumed>) = 0 [pid 5079] umount2("./286", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6533] close(3 [pid 6535] symlink("/dev/binderfs", "./binderfs" [pid 6534] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6533] <... close resumed>) = 0 [pid 5080] getdents64(4, [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6535] <... symlink resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6534] <... openat resumed>) = 4 [pid 5080] close(4 [pid 5079] openat(AT_FDCWD, "./286", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6533] close(4 [pid 6535] memfd_create("syzkaller", 0 [pid 6534] ioctl(4, LOOP_SET_FD, 3 [pid 6533] <... close resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 6533] mkdir("./file0", 0777) = 0 [pid 6535] <... memfd_create resumed>) = 3 [pid 6534] <... ioctl resumed>) = 0 [pid 6533] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5080] rmdir("./284/file0" [pid 5079] newfstatat(3, "", [pid 6535] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6534] close(3) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6535] <... mmap resumed>) = 0x7f3feae00000 [pid 6534] close(4) = 0 [pid 6534] mkdir("./file0", 0777) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5079] getdents64(3, [pid 6534] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5080] getdents64(3, [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [ 284.671734][ T6533] loop1: detected capacity change from 0 to 4096 [ 284.692354][ T6534] loop2: detected capacity change from 0 to 4096 [ 284.709972][ T6533] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5079] umount2("./286/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] close(3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... close resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./286/binderfs", [pid 5080] rmdir("./284" [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./286/binderfs" [pid 5080] <... rmdir resumed>) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 5080] mkdir("./285", 0777 [pid 5079] umount2("./286/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... mkdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5079] umount2("./286/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6533] <... mount resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./286/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./286/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6533] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6533] <... openat resumed>) = 3 [pid 5079] openat(AT_FDCWD, "./286/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6533] chdir("./file0" [pid 5079] <... openat resumed>) = 4 [pid 6533] <... chdir resumed>) = 0 [pid 6533] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] newfstatat(4, "", [pid 6533] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6533] exit_group(0 [pid 5079] getdents64(4, [pid 6533] <... exit_group resumed>) = ? [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./286/file0") = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6535] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6533] +++ exited with 0 +++ [ 284.735583][ T6534] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5079] close(3) = 0 [pid 5079] rmdir("./286") = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6533, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5077] umount2("./288", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] mkdir("./287", 0777 [pid 5077] openat(AT_FDCWD, "./288", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... mkdir resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./288/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... openat resumed>) = 3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5077] newfstatat(AT_FDCWD, "./288/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./288/binderfs") = 0 [pid 5077] umount2("./288/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 6535] <... write resumed>) = 2097152 [pid 5077] umount2("./288/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6535] munmap(0x7f3feae00000, 138412032 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./288/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] close(3 [pid 5077] umount2("./288/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6536 attached [pid 6536] set_robust_list(0x555556d3f660, 24 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6536 [pid 6536] <... set_robust_list resumed>) = 0 [pid 6536] chdir("./285") = 0 [pid 6536] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6536] setpgid(0, 0) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6536] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6534] <... mount resumed>) = 0 [pid 6536] <... openat resumed>) = 3 [pid 6536] write(3, "1000", 4) = 4 [pid 6536] close(3) = 0 [pid 6535] <... munmap resumed>) = 0 [pid 6534] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5077] openat(AT_FDCWD, "./288/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6536] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5077] <... openat resumed>) = 4 [pid 6535] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6534] <... openat resumed>) = 3 [pid 5077] newfstatat(4, "", [pid 6534] chdir("./file0" [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6536] memfd_create("syzkaller", 0 [pid 6535] <... openat resumed>) = 4 [pid 5077] getdents64(4, [pid 6535] ioctl(4, LOOP_SET_FD, 3 [pid 6534] <... chdir resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6536] <... memfd_create resumed>) = 3 [pid 6536] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6535] <... ioctl resumed>) = 0 [pid 6534] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] <... ioctl resumed>) = 0 [pid 5077] getdents64(4, [pid 6535] close(3 [pid 6534] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6534] exit_group(0 [pid 5079] close(3 [pid 5077] close(4 [pid 6535] <... close resumed>) = 0 [pid 6534] <... exit_group resumed>) = ? [pid 5079] <... close resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 6535] close(4 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] rmdir("./288/file0") = 0 [pid 5077] getdents64(3, [pid 6535] <... close resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6535] mkdir("./file0", 0777 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6537 [pid 6535] <... mkdir resumed>) = 0 [pid 5077] close(3./strace-static-x86_64: Process 6537 attached ) = 0 [pid 6537] set_robust_list(0x555556d3f660, 24 [pid 5077] rmdir("./288" [pid 6537] <... set_robust_list resumed>) = 0 [pid 6537] chdir("./287" [pid 6535] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5077] <... rmdir resumed>) = 0 [pid 6537] <... chdir resumed>) = 0 [pid 6534] +++ exited with 0 +++ [pid 6537] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6534, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5077] mkdir("./289", 0777 [pid 5078] umount2("./289", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./289", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6537] <... prctl resumed>) = 0 [pid 5078] umount2("./289/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6537] setpgid(0, 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6537] <... setpgid resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./289/binderfs", [pid 6537] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6537] <... openat resumed>) = 3 [pid 5078] unlink("./289/binderfs" [pid 5077] <... mkdir resumed>) = 0 [pid 6537] write(3, "1000", 4 [pid 5078] <... unlink resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6537] <... write resumed>) = 4 [pid 5078] umount2("./289/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... openat resumed>) = 3 [pid 6537] close(3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6537] <... close resumed>) = 0 [pid 6537] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 6537] memfd_create("syzkaller", 0 [ 284.899310][ T6535] loop0: detected capacity change from 0 to 4096 [ 284.937869][ T6535] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5078] umount2("./289/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6537] <... memfd_create resumed>) = 3 [pid 6537] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5078] newfstatat(AT_FDCWD, "./289/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./289/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./289/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6535] <... mount resumed>) = 0 [pid 6535] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] <... openat resumed>) = 4 [pid 5078] newfstatat(4, "", [pid 6535] <... openat resumed>) = 3 [pid 6535] chdir("./file0") = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6535] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5078] getdents64(4, [pid 6535] exit_group(0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6535] <... exit_group resumed>) = ? [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./289/file0") = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./289") = 0 [pid 5078] mkdir("./290", 0777 [pid 6536] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] <... mkdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6535] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6535, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5076] umount2("./286", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./286", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./286/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... ioctl resumed>) = 0 [pid 5077] close(3) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] newfstatat(AT_FDCWD, "./286/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./286/binderfs") = 0 [pid 5076] umount2("./286/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6538 attached [pid 6537] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] <... umount2 resumed>) = 0 [pid 6538] set_robust_list(0x555556d3f660, 24 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6538 [pid 6538] <... set_robust_list resumed>) = 0 [pid 5076] umount2("./286/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./286/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6538] chdir("./289" [pid 5076] umount2("./286/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./286/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6538] <... chdir resumed>) = 0 [pid 6536] <... write resumed>) = 2097152 [pid 5076] close(4 [pid 6538] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./286/file0") = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3 [pid 6538] <... prctl resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 6538] setpgid(0, 0 [pid 5076] rmdir("./286" [pid 6538] <... setpgid resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 6538] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] mkdir("./287", 0777) = 0 [pid 6538] <... openat resumed>) = 3 [pid 6538] write(3, "1000", 4) = 4 [pid 6538] close(3) = 0 [pid 6537] <... write resumed>) = 2097152 [pid 6536] munmap(0x7f3feae00000, 138412032 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6538] symlink("/dev/binderfs", "./binderfs" [pid 5076] <... openat resumed>) = 3 [pid 6538] <... symlink resumed>) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6537] munmap(0x7f3feae00000, 138412032 [pid 5078] <... ioctl resumed>) = 0 [pid 5078] close(3) = 0 [pid 6538] memfd_create("syzkaller", 0 [pid 6536] <... munmap resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6536] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6538] <... memfd_create resumed>) = 3 [pid 6537] <... munmap resumed>) = 0 [pid 6536] <... openat resumed>) = 4 [pid 6538] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6536] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 6539 attached [pid 6539] set_robust_list(0x555556d3f660, 24 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6539 [pid 6539] <... set_robust_list resumed>) = 0 [pid 6539] chdir("./290") = 0 [pid 6539] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6539] setpgid(0, 0 [pid 6538] <... mmap resumed>) = 0x7f3feae00000 [pid 6539] <... setpgid resumed>) = 0 [pid 6539] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6537] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6539] write(3, "1000", 4 [pid 6537] <... openat resumed>) = 4 [pid 6539] <... write resumed>) = 4 [pid 6537] ioctl(4, LOOP_SET_FD, 3 [pid 6539] close(3) = 0 [pid 6539] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6539] memfd_create("syzkaller", 0 [pid 6537] <... ioctl resumed>) = 0 [pid 6536] <... ioctl resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 6539] <... memfd_create resumed>) = 3 [pid 6539] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] close(3 [pid 6539] <... mmap resumed>) = 0x7f3feae00000 [pid 6537] close(3 [pid 6536] close(3 [pid 5076] <... close resumed>) = 0 [pid 6537] <... close resumed>) = 0 [pid 6536] <... close resumed>) = 0 [pid 6537] close(4 [pid 6536] close(4 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6537] <... close resumed>) = 0 [pid 6536] <... close resumed>) = 0 [pid 6537] mkdir("./file0", 0777 [ 285.157102][ T6536] loop4: detected capacity change from 0 to 4096 [ 285.173935][ T6537] loop3: detected capacity change from 0 to 4096 [pid 6536] mkdir("./file0", 0777 [pid 6537] <... mkdir resumed>) = 0 [pid 6536] <... mkdir resumed>) = 0 [pid 6537] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6536] mount("/dev/loop4", "./file0", "ntfs3", 0, ""./strace-static-x86_64: Process 6540 attached [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6540 [pid 6540] set_robust_list(0x555556d3f660, 24) = 0 [pid 6540] chdir("./287") = 0 [pid 6540] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6540] setpgid(0, 0) = 0 [pid 6540] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6540] write(3, "1000", 4) = 4 [pid 6540] close(3) = 0 [pid 6540] symlink("/dev/binderfs", "./binderfs") = 0 [ 285.219881][ T6537] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 285.249222][ T6536] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6538] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6540] memfd_create("syzkaller", 0) = 3 [pid 6540] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6536] <... mount resumed>) = 0 [pid 6536] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6536] chdir("./file0" [pid 6539] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6536] <... chdir resumed>) = 0 [pid 6536] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6540] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6536] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6536] exit_group(0) = ? [pid 6538] <... write resumed>) = 2097152 [pid 6536] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6536, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 6538] munmap(0x7f3feae00000, 138412032) = 0 [pid 5080] umount2("./285", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6537] <... mount resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./285", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6537] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6538] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6537] <... openat resumed>) = 3 [pid 5080] <... openat resumed>) = 3 [pid 5080] newfstatat(3, "", [pid 6538] <... openat resumed>) = 4 [pid 6537] chdir("./file0" [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6538] ioctl(4, LOOP_SET_FD, 3 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./285/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6540] <... write resumed>) = 2097152 [pid 6538] <... ioctl resumed>) = 0 [pid 6537] <... chdir resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6540] munmap(0x7f3feae00000, 138412032 [pid 6539] <... write resumed>) = 2097152 [pid 6537] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] newfstatat(AT_FDCWD, "./285/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./285/binderfs") = 0 [pid 5080] umount2("./285/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6540] <... munmap resumed>) = 0 [pid 6539] munmap(0x7f3feae00000, 138412032 [pid 6540] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6538] close(3 [pid 6537] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... umount2 resumed>) = 0 [pid 6540] <... openat resumed>) = 4 [pid 6538] <... close resumed>) = 0 [pid 6537] exit_group(0 [pid 6540] ioctl(4, LOOP_SET_FD, 3 [pid 6538] close(4 [pid 6537] <... exit_group resumed>) = ? [pid 5080] umount2("./285/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./285/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6538] <... close resumed>) = 0 [pid 5080] umount2("./285/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6538] mkdir("./file0", 0777 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./285/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6540] <... ioctl resumed>) = 0 [pid 6539] <... munmap resumed>) = 0 [pid 6538] <... mkdir resumed>) = 0 [pid 6537] +++ exited with 0 +++ [pid 5080] getdents64(4, [pid 6540] close(3 [pid 6539] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6537, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=9 /* 0.09 s */} --- [pid 6540] <... close resumed>) = 0 [pid 6540] close(4 [pid 6539] <... openat resumed>) = 4 [ 285.409579][ T6538] loop1: detected capacity change from 0 to 4096 [ 285.436190][ T6540] loop0: detected capacity change from 0 to 4096 [ 285.452482][ T6539] loop2: detected capacity change from 0 to 4096 [pid 6540] <... close resumed>) = 0 [pid 6539] ioctl(4, LOOP_SET_FD, 3 [pid 6538] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5079] umount2("./287", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6540] mkdir("./file0", 0777 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6540] <... mkdir resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./287", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, [pid 6540] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./287/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./287/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./287/binderfs") = 0 [pid 5079] umount2("./287/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] <... umount2 resumed>) = 0 [pid 5079] umount2("./287/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./287/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./287/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./287/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 6539] <... ioctl resumed>) = 0 [pid 5080] getdents64(4, [pid 5079] rmdir("./287/file0" [pid 6539] close(3 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 6539] <... close resumed>) = 0 [pid 6539] close(4 [pid 5079] getdents64(3, [pid 6539] <... close resumed>) = 0 [pid 5080] close(4 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6539] mkdir("./file0", 0777 [pid 5080] <... close resumed>) = 0 [pid 5079] close(3 [ 285.461130][ T6540] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 285.471962][ T6538] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5080] rmdir("./285/file0" [pid 6539] <... mkdir resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./287" [pid 6539] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5080] getdents64(3, [pid 5079] <... rmdir resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./285") = 0 [pid 5079] mkdir("./288", 0777) = 0 [pid 5080] mkdir("./286", 0777) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] <... openat resumed>) = 3 [pid 6540] <... mount resumed>) = 0 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5079] <... openat resumed>) = 3 [pid 6540] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6540] <... openat resumed>) = 3 [pid 6540] chdir("./file0") = 0 [pid 6540] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6540] exit_group(0) = ? [pid 6540] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6540, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 5076] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5076] umount2("./287", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./287", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./287/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./287/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./287/binderfs") = 0 [pid 5076] umount2("./287/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5076] umount2("./287/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./287/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./287/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./287/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6538] <... mount resumed>) = 0 [ 285.541412][ T6539] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6539] <... mount resumed>) = 0 [pid 6538] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6539] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] <... openat resumed>) = 4 [pid 6539] <... openat resumed>) = 3 [pid 6538] <... openat resumed>) = 3 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, [pid 6539] chdir("./file0" [pid 6538] chdir("./file0" [pid 6539] <... chdir resumed>) = 0 [pid 6539] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6538] <... chdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, [pid 6539] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6538] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./287/file0") = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./287") = 0 [pid 5076] mkdir("./288", 0777) = 0 [pid 6539] exit_group(0 [pid 6538] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... ioctl resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6539] <... exit_group resumed>) = ? [pid 6538] exit_group(0 [pid 5076] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6539] +++ exited with 0 +++ [pid 6538] <... exit_group resumed>) = ? [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6539, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} --- [pid 5078] umount2("./290", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./290", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6538] +++ exited with 0 +++ [pid 5080] <... ioctl resumed>) = 0 [pid 5079] close(3 [pid 5078] getdents64(3, [pid 5079] <... close resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6538, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=9 /* 0.09 s */} --- [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./289", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] umount2("./290/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./289", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6541 attached [pid 5078] newfstatat(AT_FDCWD, "./290/binderfs", [pid 5077] <... openat resumed>) = 3 [pid 6541] set_robust_list(0x555556d3f660, 24 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] newfstatat(3, "", [pid 5078] unlink("./290/binderfs" [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5077] getdents64(3, [pid 6541] <... set_robust_list resumed>) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6541 [pid 5078] umount2("./290/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6541] chdir("./288" [pid 5077] umount2("./289/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6541] <... chdir resumed>) = 0 [pid 5080] close(3 [pid 5078] <... umount2 resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] newfstatat(AT_FDCWD, "./289/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./289/binderfs" [pid 6541] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] <... unlink resumed>) = 0 [pid 5078] umount2("./290/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] umount2("./289/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./290/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./290/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./290/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6542 attached [pid 6541] <... prctl resumed>) = 0 [pid 5078] <... openat resumed>) = 4 [pid 6542] set_robust_list(0x555556d3f660, 24 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6542 [pid 6542] <... set_robust_list resumed>) = 0 [pid 5078] newfstatat(4, "", [pid 6542] chdir("./286" [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6541] setpgid(0, 0 [pid 5077] <... umount2 resumed>) = 0 [pid 6541] <... setpgid resumed>) = 0 [pid 6542] <... chdir resumed>) = 0 [pid 5078] getdents64(4, [pid 6542] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6542] <... prctl resumed>) = 0 [pid 6542] setpgid(0, 0 [pid 5078] getdents64(4, [pid 6541] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] umount2("./289/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6542] <... setpgid resumed>) = 0 [pid 6541] <... openat resumed>) = 3 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6541] write(3, "1000", 4 [pid 6542] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6541] <... write resumed>) = 4 [pid 5078] close(4 [pid 5077] newfstatat(AT_FDCWD, "./289/file0", [pid 6541] close(3 [pid 5078] <... close resumed>) = 0 [pid 6542] <... openat resumed>) = 3 [pid 6541] <... close resumed>) = 0 [pid 5078] rmdir("./290/file0" [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6542] write(3, "1000", 4 [pid 6541] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... rmdir resumed>) = 0 [pid 5077] umount2("./289/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6542] <... write resumed>) = 4 [pid 5078] getdents64(3, [pid 6542] close(3 [pid 6541] <... symlink resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6542] <... close resumed>) = 0 [pid 5078] close(3 [pid 6542] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... close resumed>) = 0 [pid 6542] <... symlink resumed>) = 0 [pid 5078] rmdir("./290" [pid 5077] openat(AT_FDCWD, "./289/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6542] memfd_create("syzkaller", 0 [pid 6541] memfd_create("syzkaller", 0 [pid 5078] <... rmdir resumed>) = 0 [pid 6541] <... memfd_create resumed>) = 3 [pid 5077] <... openat resumed>) = 4 [pid 6541] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] newfstatat(4, "", [pid 6541] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] mkdir("./291", 0777 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6542] <... memfd_create resumed>) = 3 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] getdents64(4, [pid 6542] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] <... openat resumed>) = 3 [pid 6542] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] <... ioctl resumed>) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./289/file0") = 0 [pid 5077] getdents64(3, [pid 5076] close(3) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] close(3) = 0 ./strace-static-x86_64: Process 6543 attached [pid 6543] set_robust_list(0x555556d3f660, 24 [pid 5077] rmdir("./289" [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6543 [pid 6543] <... set_robust_list resumed>) = 0 [pid 6543] chdir("./288" [pid 5077] <... rmdir resumed>) = 0 [pid 6543] <... chdir resumed>) = 0 [pid 6543] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5077] mkdir("./290", 0777 [pid 6543] setpgid(0, 0) = 0 [pid 6543] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] <... mkdir resumed>) = 0 [pid 6543] <... openat resumed>) = 3 [pid 6543] write(3, "1000", 4) = 4 [pid 6543] close(3) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6543] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5077] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6543] memfd_create("syzkaller", 0) = 3 [pid 6541] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] <... ioctl resumed>) = 0 [pid 6543] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6542] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] close(3) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6544 attached [pid 6541] <... write resumed>) = 2097152 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6544 [pid 6544] set_robust_list(0x555556d3f660, 24) = 0 [pid 6544] chdir("./291") = 0 [pid 6541] munmap(0x7f3feae00000, 138412032 [pid 6544] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6541] <... munmap resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 6544] setpgid(0, 0 [pid 5077] close(3 [pid 6544] <... setpgid resumed>) = 0 [pid 6543] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... close resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6544] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6542] <... write resumed>) = 2097152 [pid 6541] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6545 ./strace-static-x86_64: Process 6545 attached [pid 6544] <... openat resumed>) = 3 [pid 6541] <... openat resumed>) = 4 [pid 6541] ioctl(4, LOOP_SET_FD, 3 [pid 6545] set_robust_list(0x555556d3f660, 24) = 0 [pid 6545] chdir("./290") = 0 [pid 6545] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6545] setpgid(0, 0) = 0 [pid 6545] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6545] write(3, "1000", 4) = 4 [pid 6542] munmap(0x7f3feae00000, 138412032 [pid 6545] close(3 [pid 6544] write(3, "1000", 4 [pid 6541] <... ioctl resumed>) = 0 [pid 6545] <... close resumed>) = 0 [pid 6544] <... write resumed>) = 4 [pid 6541] close(3 [pid 6544] close(3) = 0 [pid 6545] symlink("/dev/binderfs", "./binderfs" [pid 6544] symlink("/dev/binderfs", "./binderfs" [pid 6542] <... munmap resumed>) = 0 [pid 6545] <... symlink resumed>) = 0 [pid 6541] <... close resumed>) = 0 [pid 6545] memfd_create("syzkaller", 0 [pid 6544] <... symlink resumed>) = 0 [pid 6541] close(4 [ 285.925617][ T6541] loop3: detected capacity change from 0 to 4096 [pid 6542] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6545] <... memfd_create resumed>) = 3 [pid 6542] <... openat resumed>) = 4 [pid 6541] <... close resumed>) = 0 [pid 6544] memfd_create("syzkaller", 0) = 3 [pid 6544] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6545] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6544] <... mmap resumed>) = 0x7f3feae00000 [pid 6545] <... mmap resumed>) = 0x7f3feae00000 [pid 6542] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6541] mkdir("./file0", 0777 [pid 6543] <... write resumed>) = 2097152 [pid 6541] <... mkdir resumed>) = 0 [pid 6542] close(3 [pid 6543] munmap(0x7f3feae00000, 138412032 [pid 6541] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6543] <... munmap resumed>) = 0 [pid 6542] <... close resumed>) = 0 [pid 6542] close(4) = 0 [pid 6542] mkdir("./file0", 0777) = 0 [ 285.970031][ T6542] loop4: detected capacity change from 0 to 4096 [ 286.004845][ T6541] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6542] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6543] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6543] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6545] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6543] close(3 [pid 6544] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6543] <... close resumed>) = 0 [pid 6543] close(4) = 0 [pid 6543] mkdir("./file0", 0777) = 0 [ 286.011360][ T6542] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 286.029518][ T6543] loop0: detected capacity change from 0 to 4096 [pid 6543] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6542] <... mount resumed>) = 0 [pid 6542] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6542] chdir("./file0") = 0 [ 286.070305][ T6543] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6542] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6542] exit_group(0) = ? [pid 6542] +++ exited with 0 +++ [pid 6544] <... write resumed>) = 2097152 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6542, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} --- [pid 5080] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6544] munmap(0x7f3feae00000, 138412032 [pid 6543] <... mount resumed>) = 0 [pid 6543] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] umount2("./286", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6543] <... openat resumed>) = 3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6543] chdir("./file0" [pid 5080] openat(AT_FDCWD, "./286", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6543] <... chdir resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 6543] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] newfstatat(3, "", [pid 6543] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6543] exit_group(0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6543] <... exit_group resumed>) = ? [pid 6541] <... mount resumed>) = 0 [pid 5080] umount2("./286/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6543] +++ exited with 0 +++ [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6545] <... write resumed>) = 2097152 [pid 6544] <... munmap resumed>) = 0 [pid 6541] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] newfstatat(AT_FDCWD, "./286/binderfs", [pid 6544] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6543, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 6541] <... openat resumed>) = 3 [pid 5076] umount2("./288", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6544] <... openat resumed>) = 4 [pid 6541] chdir("./file0" [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6544] ioctl(4, LOOP_SET_FD, 3 [pid 6541] <... chdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./288", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] unlink("./286/binderfs" [pid 5076] <... openat resumed>) = 3 [pid 6541] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, [pid 6541] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... unlink resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./286/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6545] munmap(0x7f3feae00000, 138412032 [pid 6544] <... ioctl resumed>) = 0 [pid 6541] exit_group(0 [pid 5080] <... umount2 resumed>) = 0 [pid 5076] umount2("./288/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6544] close(3 [pid 6541] <... exit_group resumed>) = ? [pid 6544] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] umount2("./286/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./286/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6545] <... munmap resumed>) = 0 [pid 6544] close(4 [pid 6541] +++ exited with 0 +++ [pid 5080] umount2("./286/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] newfstatat(AT_FDCWD, "./288/binderfs", [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6541, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 6545] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6545] <... openat resumed>) = 4 [pid 6544] <... close resumed>) = 0 [ 286.183608][ T6544] loop2: detected capacity change from 0 to 4096 [pid 6545] ioctl(4, LOOP_SET_FD, 3 [pid 6544] mkdir("./file0", 0777 [pid 5080] openat(AT_FDCWD, "./286/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] umount2("./288", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] unlink("./288/binderfs" [pid 6544] <... mkdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... unlink resumed>) = 0 [pid 6544] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5079] openat(AT_FDCWD, "./288", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] umount2("./288/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... openat resumed>) = 3 [pid 6545] <... ioctl resumed>) = 0 [pid 5080] <... openat resumed>) = 4 [pid 6545] close(3 [pid 5080] newfstatat(4, "", [pid 6545] <... close resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6545] close(4 [pid 5080] getdents64(4, [pid 6545] <... close resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6545] mkdir("./file0", 0777 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 6545] <... mkdir resumed>) = 0 [pid 5080] close(4 [pid 5076] umount2("./288/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./286/file0" [pid 5079] newfstatat(3, "", [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... rmdir resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6545] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5080] getdents64(3, [pid 5076] newfstatat(AT_FDCWD, "./288/file0", [pid 5079] getdents64(3, [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./288/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] close(3 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./288/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] umount2("./288/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... close resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... openat resumed>) = 4 [pid 5079] newfstatat(AT_FDCWD, "./288/binderfs", [pid 5076] newfstatat(4, "", [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] unlink("./288/binderfs" [pid 5076] getdents64(4, [pid 5080] rmdir("./286" [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] <... unlink resumed>) = 0 [pid 5076] getdents64(4, [pid 5079] umount2("./288/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5076] close(4 [pid 5080] mkdir("./287", 0777 [pid 5076] <... close resumed>) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5076] rmdir("./288/file0" [pid 5079] umount2("./288/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... rmdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./288/file0", [pid 5076] getdents64(3, [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3 [pid 5080] <... openat resumed>) = 3 [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./288" [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5079] umount2("./288/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... rmdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] mkdir("./289", 0777) = 0 [pid 5079] openat(AT_FDCWD, "./288/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] newfstatat(4, "", [pid 5076] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 286.228922][ T6545] loop1: detected capacity change from 0 to 4096 [ 286.240309][ T6544] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 286.263254][ T6545] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, [pid 6545] <... mount resumed>) = 0 [pid 6545] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6545] <... openat resumed>) = 3 [pid 5079] close(4 [pid 6545] chdir("./file0" [pid 6544] <... mount resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./288/file0" [pid 6545] <... chdir resumed>) = 0 [pid 6545] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] <... rmdir resumed>) = 0 [pid 6544] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6545] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6545] exit_group(0) = ? [pid 6545] +++ exited with 0 +++ [pid 6544] <... openat resumed>) = 3 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6545, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=10 /* 0.10 s */} --- [pid 5079] close(3 [pid 6544] chdir("./file0" [pid 5079] <... close resumed>) = 0 [pid 6544] <... chdir resumed>) = 0 [pid 5079] rmdir("./288" [pid 6544] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5080] <... ioctl resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 6544] exit_group(0) = ? [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6544] +++ exited with 0 +++ [pid 5079] mkdir("./289", 0777 [pid 5077] umount2("./290", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6544, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6546 [pid 5079] <... mkdir resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./290", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6546 attached [pid 5078] umount2("./291", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... openat resumed>) = 3 [pid 6546] set_robust_list(0x555556d3f660, 24 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(3, "", [pid 5076] <... ioctl resumed>) = 0 [pid 6546] <... set_robust_list resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./291", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6546] chdir("./287" [pid 5079] <... openat resumed>) = 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] close(3 [pid 6546] <... chdir resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5077] getdents64(3, [pid 6546] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] newfstatat(3, "", [pid 5076] <... close resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] umount2("./290/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6546] <... prctl resumed>) = 0 [pid 5078] getdents64(3, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./290/binderfs", [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6547 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6546] setpgid(0, 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./291/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6547 attached [pid 6546] <... setpgid resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] unlink("./290/binderfs" [pid 6547] set_robust_list(0x555556d3f660, 24 [pid 6546] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] newfstatat(AT_FDCWD, "./291/binderfs", [pid 6547] <... set_robust_list resumed>) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 6547] chdir("./289" [pid 6546] <... openat resumed>) = 3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6547] <... chdir resumed>) = 0 [pid 6547] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6546] write(3, "1000", 4 [pid 5078] unlink("./291/binderfs" [pid 5077] umount2("./290/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6547] setpgid(0, 0 [pid 6546] <... write resumed>) = 4 [pid 6547] <... setpgid resumed>) = 0 [pid 6546] close(3 [pid 5078] <... unlink resumed>) = 0 [pid 6547] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6546] <... close resumed>) = 0 [pid 6547] <... openat resumed>) = 3 [pid 6546] symlink("/dev/binderfs", "./binderfs" [pid 5078] umount2("./291/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = 0 [pid 6547] write(3, "1000", 4 [pid 6546] <... symlink resumed>) = 0 [pid 6547] <... write resumed>) = 4 [pid 6546] memfd_create("syzkaller", 0 [pid 5077] umount2("./290/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6547] close(3 [pid 5078] <... umount2 resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] umount2("./291/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] newfstatat(AT_FDCWD, "./290/file0", [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6547] <... close resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./291/file0", [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6547] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./290/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6547] <... symlink resumed>) = 0 [pid 6546] <... memfd_create resumed>) = 3 [pid 5078] umount2("./291/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6547] memfd_create("syzkaller", 0 [pid 6546] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5077] openat(AT_FDCWD, "./290/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./291/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... openat resumed>) = 4 [pid 6547] <... memfd_create resumed>) = 3 [pid 5078] <... openat resumed>) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6547] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] getdents64(4, [pid 6547] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] newfstatat(4, "", [pid 5078] getdents64(4, [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./290/file0") = 0 [pid 5078] <... close resumed>) = 0 [pid 5077] getdents64(3, [pid 5078] rmdir("./291/file0" [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] close(3 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] <... close resumed>) = 0 [pid 5078] close(3 [pid 5077] rmdir("./290" [pid 5078] <... close resumed>) = 0 [pid 5078] rmdir("./291" [pid 5079] <... ioctl resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] mkdir("./291", 0777) = 0 [pid 5078] mkdir("./292", 0777 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] <... mkdir resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5079] close(3 [pid 5078] <... openat resumed>) = 3 [pid 5079] <... close resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6548 ./strace-static-x86_64: Process 6548 attached [pid 6547] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6546] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6548] set_robust_list(0x555556d3f660, 24) = 0 [pid 6548] chdir("./289") = 0 [pid 6548] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6548] setpgid(0, 0) = 0 [pid 6548] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6548] write(3, "1000", 4) = 4 [pid 6548] close(3) = 0 [pid 6548] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6548] memfd_create("syzkaller", 0) = 3 [pid 6548] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6547] <... write resumed>) = 2097152 [pid 6546] <... write resumed>) = 2097152 [pid 6547] munmap(0x7f3feae00000, 138412032 [pid 6546] munmap(0x7f3feae00000, 138412032 [pid 6547] <... munmap resumed>) = 0 [pid 6546] <... munmap resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 6547] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6547] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6546] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6546] ioctl(4, LOOP_SET_FD, 3 [pid 5078] <... ioctl resumed>) = 0 [pid 5077] close(3 [pid 5078] close(3 [pid 5077] <... close resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6550 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6549 ./strace-static-x86_64: Process 6549 attached [pid 6547] close(3./strace-static-x86_64: Process 6550 attached [pid 6549] set_robust_list(0x555556d3f660, 24 [pid 6547] <... close resumed>) = 0 [pid 6547] close(4 [pid 6549] <... set_robust_list resumed>) = 0 [pid 6550] set_robust_list(0x555556d3f660, 24 [pid 6547] <... close resumed>) = 0 [pid 6549] chdir("./291" [pid 6547] mkdir("./file0", 0777 [pid 6546] <... ioctl resumed>) = 0 [pid 6549] <... chdir resumed>) = 0 [pid 6550] <... set_robust_list resumed>) = 0 [pid 6547] <... mkdir resumed>) = 0 [pid 6546] close(3 [pid 6549] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6549] setpgid(0, 0) = 0 [pid 6550] chdir("./292" [pid 6546] <... close resumed>) = 0 [pid 6549] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6550] <... chdir resumed>) = 0 [pid 6547] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6546] close(4 [pid 6550] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6546] <... close resumed>) = 0 [ 286.629516][ T6547] loop0: detected capacity change from 0 to 4096 [ 286.641912][ T6546] loop4: detected capacity change from 0 to 4096 [pid 6549] <... openat resumed>) = 3 [pid 6550] <... prctl resumed>) = 0 [pid 6546] mkdir("./file0", 0777 [pid 6549] write(3, "1000", 4) = 4 [pid 6549] close(3 [pid 6550] setpgid(0, 0 [pid 6549] <... close resumed>) = 0 [pid 6550] <... setpgid resumed>) = 0 [pid 6549] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6550] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6546] <... mkdir resumed>) = 0 [pid 6549] memfd_create("syzkaller", 0 [pid 6550] <... openat resumed>) = 3 [pid 6550] write(3, "1000", 4 [pid 6546] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6550] <... write resumed>) = 4 [pid 6548] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6550] close(3 [pid 6549] <... memfd_create resumed>) = 3 [pid 6550] <... close resumed>) = 0 [pid 6550] symlink("/dev/binderfs", "./binderfs" [pid 6549] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6550] <... symlink resumed>) = 0 [pid 6550] memfd_create("syzkaller", 0) = 3 [pid 6550] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [ 286.673167][ T6547] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 286.692859][ T6546] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6547] <... mount resumed>) = 0 [pid 6547] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6547] chdir("./file0") = 0 [pid 6547] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6547] exit_group(0) = ? [pid 6548] <... write resumed>) = 2097152 [pid 6547] +++ exited with 0 +++ [pid 6546] <... mount resumed>) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6547, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 6546] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6546] chdir("./file0") = 0 [pid 6546] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6546] exit_group(0) = ? [pid 5076] umount2("./289", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6546] +++ exited with 0 +++ [pid 5076] openat(AT_FDCWD, "./289", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6546, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5076] <... openat resumed>) = 3 [pid 5080] umount2("./287", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] newfstatat(3, "", [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./287", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] umount2("./287/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./287/binderfs", [pid 5076] getdents64(3, [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./287/binderfs" [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] <... unlink resumed>) = 0 [pid 5076] umount2("./289/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] umount2("./287/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6548] munmap(0x7f3feae00000, 138412032 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... umount2 resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./289/binderfs", [pid 5080] umount2("./287/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6549] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] newfstatat(AT_FDCWD, "./287/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./289/binderfs" [pid 5080] umount2("./287/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... unlink resumed>) = 0 [pid 6550] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./287/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6548] <... munmap resumed>) = 0 [pid 5080] getdents64(4, [pid 5076] umount2("./289/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... umount2 resumed>) = 0 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4 [pid 5076] umount2("./289/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] rmdir("./287/file0" [pid 5076] newfstatat(AT_FDCWD, "./289/file0", [pid 5080] <... rmdir resumed>) = 0 [pid 5080] getdents64(3, [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6548] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] umount2("./289/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6548] <... openat resumed>) = 4 [pid 5080] close(3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6548] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./287" [pid 5076] openat(AT_FDCWD, "./289/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... rmdir resumed>) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5076] newfstatat(4, "", [pid 6548] <... ioctl resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6548] close(3) = 0 [pid 5080] mkdir("./288", 0777 [pid 6548] close(4 [pid 5076] getdents64(4, [pid 5080] <... mkdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6548] <... close resumed>) = 0 [pid 6548] mkdir("./file0", 0777 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] getdents64(4, [pid 6548] <... mkdir resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] close(4 [pid 5080] <... ioctl resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5080] close(3 [pid 6548] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5080] <... close resumed>) = 0 [pid 5076] rmdir("./289/file0" [pid 6549] <... write resumed>) = 2097152 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... rmdir resumed>) = 0 [pid 6549] munmap(0x7f3feae00000, 138412032 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6551 [pid 5076] close(3./strace-static-x86_64: Process 6551 attached [pid 6551] set_robust_list(0x555556d3f660, 24 [pid 5076] <... close resumed>) = 0 [pid 6551] <... set_robust_list resumed>) = 0 [pid 6551] chdir("./288" [pid 5076] rmdir("./289") = 0 [pid 6551] <... chdir resumed>) = 0 [pid 6551] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6549] <... munmap resumed>) = 0 [pid 6551] <... prctl resumed>) = 0 [pid 6551] setpgid(0, 0) = 0 [pid 6551] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6549] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6551] <... openat resumed>) = 3 [pid 6549] ioctl(4, LOOP_SET_FD, 3 [ 286.852363][ T6548] loop3: detected capacity change from 0 to 4096 [ 286.880940][ T6548] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5076] mkdir("./290", 0777 [pid 6549] <... ioctl resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 6551] write(3, "1000", 4 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6551] <... write resumed>) = 4 [pid 6551] close(3) = 0 [pid 6551] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6551] memfd_create("syzkaller", 0) = 3 [pid 6551] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6550] <... write resumed>) = 2097152 [pid 5076] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6549] close(3 [pid 6550] munmap(0x7f3feae00000, 138412032 [pid 6549] <... close resumed>) = 0 [pid 6549] close(4) = 0 [pid 6550] <... munmap resumed>) = 0 [ 286.921613][ T6549] loop1: detected capacity change from 0 to 4096 [pid 6549] mkdir("./file0", 0777) = 0 [pid 6549] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6550] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6550] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6550] close(3) = 0 [ 286.968720][ T6549] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 286.999271][ T6550] loop2: detected capacity change from 0 to 4096 [pid 6550] close(4) = 0 [pid 6550] mkdir("./file0", 0777) = 0 [pid 6550] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6548] <... mount resumed>) = 0 [pid 6548] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5076] <... ioctl resumed>) = 0 [pid 6548] chdir("./file0" [pid 5076] close(3) = 0 [pid 6548] <... chdir resumed>) = 0 [ 287.013240][ T6550] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6548] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6552 attached [pid 6548] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6552] set_robust_list(0x555556d3f660, 24 [pid 6548] exit_group(0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6552 [pid 6552] <... set_robust_list resumed>) = 0 [pid 6552] chdir("./290") = 0 [pid 6551] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6548] <... exit_group resumed>) = ? [pid 6552] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6549] <... mount resumed>) = 0 [pid 6548] +++ exited with 0 +++ [pid 6552] setpgid(0, 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6548, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 6552] <... setpgid resumed>) = 0 [pid 6549] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6552] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6549] <... openat resumed>) = 3 [pid 6552] <... openat resumed>) = 3 [pid 6552] write(3, "1000", 4 [pid 5079] umount2("./289", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6552] <... write resumed>) = 4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./289", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6552] close(3) = 0 [pid 6549] chdir("./file0" [pid 5079] <... openat resumed>) = 3 [pid 6549] <... chdir resumed>) = 0 [pid 6552] symlink("/dev/binderfs", "./binderfs" [pid 5079] newfstatat(3, "", [pid 6552] <... symlink resumed>) = 0 [pid 6549] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6550] <... mount resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6549] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] getdents64(3, [pid 6549] exit_group(0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6549] <... exit_group resumed>) = ? [pid 5079] umount2("./289/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./289/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6550] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5079] unlink("./289/binderfs" [pid 6550] chdir("./file0") = 0 [pid 5079] <... unlink resumed>) = 0 [pid 6550] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6552] memfd_create("syzkaller", 0 [pid 6549] +++ exited with 0 +++ [pid 6550] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] umount2("./289/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6552] <... memfd_create resumed>) = 3 [pid 6550] exit_group(0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6549, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 6552] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6550] <... exit_group resumed>) = ? [pid 6552] <... mmap resumed>) = 0x7f3feae00000 [pid 6550] +++ exited with 0 +++ [pid 5079] <... umount2 resumed>) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6550, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5077] umount2("./291", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./291", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] umount2("./292", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] umount2("./289/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... openat resumed>) = 3 [pid 5079] newfstatat(AT_FDCWD, "./289/file0", [pid 5078] openat(AT_FDCWD, "./292", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] newfstatat(3, "", [pid 5078] <... openat resumed>) = 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] umount2("./289/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] getdents64(3, [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./289/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(3, "", [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] umount2("./291/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] getdents64(3, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(4, "", [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] newfstatat(AT_FDCWD, "./291/binderfs", [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] umount2("./292/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] unlink("./291/binderfs" [pid 5079] getdents64(4, [pid 5078] newfstatat(AT_FDCWD, "./292/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] unlink("./292/binderfs" [pid 5077] <... unlink resumed>) = 0 [pid 5079] getdents64(4, [pid 6551] <... write resumed>) = 2097152 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5077] umount2("./291/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] close(4) = 0 [pid 6551] munmap(0x7f3feae00000, 138412032 [pid 5079] rmdir("./289/file0") = 0 [pid 5078] umount2("./292/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = 0 [pid 5079] getdents64(3, [pid 5077] umount2("./291/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6551] <... munmap resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5079] close(3) = 0 [pid 5078] umount2("./292/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] newfstatat(AT_FDCWD, "./291/file0", [pid 5079] rmdir("./289" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6551] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] umount2("./291/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6551] <... openat resumed>) = 4 [pid 5078] newfstatat(AT_FDCWD, "./292/file0", [pid 5077] openat(AT_FDCWD, "./291/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... rmdir resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6551] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... openat resumed>) = 4 [pid 5078] umount2("./292/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] newfstatat(4, "", [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] openat(AT_FDCWD, "./292/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] getdents64(4, [pid 5078] <... openat resumed>) = 4 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] newfstatat(4, "", [pid 5077] getdents64(4, [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4 [pid 5078] getdents64(4, [pid 5077] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] rmdir("./291/file0" [pid 5078] getdents64(4, [pid 5077] <... rmdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5077] getdents64(3, [pid 5078] rmdir("./292/file0" [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./291" [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5078] close(3) = 0 [pid 6552] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6551] <... ioctl resumed>) = 0 [pid 5079] mkdir("./290", 0777 [pid 5077] mkdir("./292", 0777 [pid 6551] close(3 [pid 5079] <... mkdir resumed>) = 0 [pid 5078] rmdir("./292" [pid 5077] <... mkdir resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6551] <... close resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6551] close(4 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6551] <... close resumed>) = 0 [pid 6551] mkdir("./file0", 0777 [pid 5077] <... openat resumed>) = 3 [pid 5078] mkdir("./293", 0777) = 0 [pid 6551] <... mkdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5078] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6552] <... write resumed>) = 2097152 [pid 6551] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [ 287.198777][ T6551] loop4: detected capacity change from 0 to 4096 [pid 6552] munmap(0x7f3feae00000, 138412032) = 0 [pid 6552] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6552] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6551] <... mount resumed>) = 0 [pid 6552] close(3 [pid 5079] <... ioctl resumed>) = 0 [pid 6552] <... close resumed>) = 0 [pid 6551] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6552] close(4 [pid 6551] <... openat resumed>) = 3 [pid 6552] <... close resumed>) = 0 [pid 6551] chdir("./file0" [pid 6552] mkdir("./file0", 0777 [pid 6551] <... chdir resumed>) = 0 [ 287.248156][ T6551] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 287.270591][ T6552] loop0: detected capacity change from 0 to 4096 [pid 6552] <... mkdir resumed>) = 0 [pid 6551] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] close(3) = 0 [pid 6551] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6552] mount("/dev/loop0", "./file0", "ntfs3", 0, ""./strace-static-x86_64: Process 6553 attached [pid 6553] set_robust_list(0x555556d3f660, 24 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6553 [pid 6553] <... set_robust_list resumed>) = 0 [pid 6553] chdir("./290" [pid 5078] <... ioctl resumed>) = 0 [pid 6553] <... chdir resumed>) = 0 [pid 6553] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6551] exit_group(0) = ? [pid 6551] +++ exited with 0 +++ [pid 5077] <... ioctl resumed>) = 0 [pid 6553] <... prctl resumed>) = 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6551, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 6553] setpgid(0, 0) = 0 [pid 6553] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] umount2("./288", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6553] <... openat resumed>) = 3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./288", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] close(3 [pid 5080] <... openat resumed>) = 3 [pid 6553] write(3, "1000", 4 [pid 5080] newfstatat(3, "", [pid 5078] <... close resumed>) = 0 [pid 5077] close(3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] getdents64(3, [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6554 [pid 5077] <... close resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6553] <... write resumed>) = 4 [pid 5080] umount2("./288/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6554 attached [pid 6553] close(3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./288/binderfs", [pid 6553] <... close resumed>) = 0 [pid 6553] symlink("/dev/binderfs", "./binderfs" [pid 6554] set_robust_list(0x555556d3f660, 24 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6554] <... set_robust_list resumed>) = 0 [pid 6553] <... symlink resumed>) = 0 [ 287.338705][ T6552] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6554] chdir("./293" [pid 5080] unlink("./288/binderfs" [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6555 [pid 6554] <... chdir resumed>) = 0 [pid 6553] memfd_create("syzkaller", 0./strace-static-x86_64: Process 6555 attached [pid 6554] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6553] <... memfd_create resumed>) = 3 [pid 5080] <... unlink resumed>) = 0 [pid 6555] set_robust_list(0x555556d3f660, 24 [pid 6554] <... prctl resumed>) = 0 [pid 6553] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] umount2("./288/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6555] <... set_robust_list resumed>) = 0 [pid 6554] setpgid(0, 0 [pid 6553] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] <... umount2 resumed>) = 0 [pid 6554] <... setpgid resumed>) = 0 [pid 6555] chdir("./292" [pid 6554] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6555] <... chdir resumed>) = 0 [pid 6555] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6555] setpgid(0, 0 [pid 6554] <... openat resumed>) = 3 [pid 5080] umount2("./288/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6554] write(3, "1000", 4) = 4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6554] close(3 [pid 5080] newfstatat(AT_FDCWD, "./288/file0", [pid 6554] <... close resumed>) = 0 [pid 6554] symlink("/dev/binderfs", "./binderfs" [pid 6555] <... setpgid resumed>) = 0 [pid 6554] <... symlink resumed>) = 0 [pid 6555] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6555] <... openat resumed>) = 3 [pid 6555] write(3, "1000", 4) = 4 [pid 6555] close(3 [pid 6554] memfd_create("syzkaller", 0 [pid 6552] <... mount resumed>) = 0 [pid 5080] umount2("./288/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6555] <... close resumed>) = 0 [pid 6555] symlink("/dev/binderfs", "./binderfs" [pid 6554] <... memfd_create resumed>) = 3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6555] <... symlink resumed>) = 0 [pid 6554] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6552] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] openat(AT_FDCWD, "./288/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6555] memfd_create("syzkaller", 0 [pid 6554] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] <... openat resumed>) = 4 [pid 5080] newfstatat(4, "", [pid 6555] <... memfd_create resumed>) = 3 [pid 6552] <... openat resumed>) = 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6555] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6552] chdir("./file0" [pid 5080] getdents64(4, [pid 6555] <... mmap resumed>) = 0x7f3feae00000 [pid 6552] <... chdir resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6553] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6552] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5080] getdents64(4, [pid 6552] exit_group(0) = ? [pid 6552] +++ exited with 0 +++ [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6552, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5080] close(4 [pid 5076] umount2("./290", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] <... close resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./290", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] rmdir("./288/file0" [pid 5076] umount2("./290/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6554] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... rmdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] getdents64(3, [pid 5076] newfstatat(AT_FDCWD, "./290/binderfs", [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./290/binderfs" [pid 5080] close(3 [pid 5076] <... unlink resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5076] umount2("./290/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6553] <... write resumed>) = 2097152 [pid 6555] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6554] <... write resumed>) = 2097152 [pid 5080] rmdir("./288" [pid 6553] munmap(0x7f3feae00000, 138412032 [pid 5076] <... umount2 resumed>) = 0 [pid 6554] munmap(0x7f3feae00000, 138412032 [pid 5076] umount2("./290/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6554] <... munmap resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 6554] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6553] <... munmap resumed>) = 0 [pid 5080] mkdir("./289", 0777 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6554] <... openat resumed>) = 4 [pid 6553] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] newfstatat(AT_FDCWD, "./290/file0", [pid 6553] <... openat resumed>) = 4 [pid 5080] <... mkdir resumed>) = 0 [pid 6554] ioctl(4, LOOP_SET_FD, 3 [pid 6553] ioctl(4, LOOP_SET_FD, 3 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6555] <... write resumed>) = 2097152 [pid 5080] <... openat resumed>) = 3 [pid 5076] umount2("./290/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6555] munmap(0x7f3feae00000, 138412032 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./290/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6555] <... munmap resumed>) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./290/file0" [pid 6555] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6554] <... ioctl resumed>) = 0 [pid 6553] <... ioctl resumed>) = 0 [pid 6553] close(3 [pid 5076] <... rmdir resumed>) = 0 [pid 6554] close(3 [pid 6553] <... close resumed>) = 0 [pid 6553] close(4 [pid 6555] <... openat resumed>) = 4 [pid 6554] <... close resumed>) = 0 [pid 5076] getdents64(3, [pid 6555] ioctl(4, LOOP_SET_FD, 3 [pid 6554] close(4 [pid 6553] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6554] <... close resumed>) = 0 [pid 5076] close(3) = 0 [pid 6555] <... ioctl resumed>) = 0 [pid 6554] mkdir("./file0", 0777 [pid 6553] mkdir("./file0", 0777 [pid 5076] rmdir("./290" [pid 6553] <... mkdir resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 6554] <... mkdir resumed>) = 0 [pid 6553] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5076] mkdir("./291", 0777 [pid 6555] close(3 [pid 6554] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6555] <... close resumed>) = 0 [pid 6555] close(4) = 0 [pid 6555] mkdir("./file0", 0777) = 0 [ 287.596043][ T6554] loop2: detected capacity change from 0 to 4096 [ 287.603614][ T6553] loop3: detected capacity change from 0 to 4096 [ 287.616906][ T6555] loop1: detected capacity change from 0 to 4096 [ 287.636981][ T6553] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6555] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5076] <... mkdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 287.647681][ T6554] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 287.662894][ T6555] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6553] <... mount resumed>) = 0 [pid 6553] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6553] chdir("./file0") = 0 [pid 6553] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6553] exit_group(0) = ? [pid 5080] <... ioctl resumed>) = 0 [pid 6554] <... mount resumed>) = 0 [pid 6553] +++ exited with 0 +++ [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6553, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6556 [pid 5079] umount2("./290", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6554] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] openat(AT_FDCWD, "./290", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... ioctl resumed>) = 0 [pid 6554] <... openat resumed>) = 3 [pid 5079] <... openat resumed>) = 3 [pid 5076] close(3 [pid 6554] chdir("./file0" [pid 5076] <... close resumed>) = 0 ./strace-static-x86_64: Process 6556 attached [pid 6555] <... mount resumed>) = 0 [pid 6554] <... chdir resumed>) = 0 [pid 5079] newfstatat(3, "", [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6554] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6556] set_robust_list(0x555556d3f660, 24 [pid 6555] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 6557 attached [pid 6556] <... set_robust_list resumed>) = 0 [pid 6555] <... openat resumed>) = 3 [pid 6554] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] getdents64(3, [pid 6556] chdir("./289" [pid 6555] chdir("./file0" [pid 6554] exit_group(0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6557 [pid 6557] set_robust_list(0x555556d3f660, 24 [pid 6555] <... chdir resumed>) = 0 [pid 6554] <... exit_group resumed>) = ? [pid 5079] umount2("./290/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6557] <... set_robust_list resumed>) = 0 [pid 6555] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6556] <... chdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6556] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6555] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6554] +++ exited with 0 +++ [pid 6557] chdir("./291" [pid 5079] newfstatat(AT_FDCWD, "./290/binderfs", [pid 6557] <... chdir resumed>) = 0 [pid 6556] <... prctl resumed>) = 0 [pid 6555] exit_group(0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6554, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 6557] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6556] setpgid(0, 0 [pid 6555] <... exit_group resumed>) = ? [pid 5079] unlink("./290/binderfs" [pid 5078] restart_syscall(<... resuming interrupted clone ...> [pid 6557] <... prctl resumed>) = 0 [pid 6556] <... setpgid resumed>) = 0 [pid 6557] setpgid(0, 0 [pid 6556] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] <... restart_syscall resumed>) = 0 [pid 6557] <... setpgid resumed>) = 0 [pid 6556] <... openat resumed>) = 3 [pid 5079] <... unlink resumed>) = 0 [pid 6557] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6556] write(3, "1000", 4 [pid 5079] umount2("./290/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6557] <... openat resumed>) = 3 [pid 6557] write(3, "1000", 4 [pid 5078] umount2("./293", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6557] <... write resumed>) = 4 [pid 6557] close(3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6557] <... close resumed>) = 0 [pid 6556] <... write resumed>) = 4 [pid 6555] +++ exited with 0 +++ [pid 5079] <... umount2 resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./293", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6557] symlink("/dev/binderfs", "./binderfs" [pid 6556] close(3) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6555, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 6556] symlink("/dev/binderfs", "./binderfs" [pid 5077] restart_syscall(<... resuming interrupted clone ...> [pid 6557] <... symlink resumed>) = 0 [pid 6556] <... symlink resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5077] <... restart_syscall resumed>) = 0 [pid 6556] memfd_create("syzkaller", 0 [pid 5079] umount2("./290/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./290/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./292", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] umount2("./290/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6556] <... memfd_create resumed>) = 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./292", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] openat(AT_FDCWD, "./290/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6556] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] <... openat resumed>) = 4 [pid 5077] <... openat resumed>) = 3 [pid 6556] <... mmap resumed>) = 0x7f3feae00000 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] newfstatat(3, "", [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, [pid 5078] getdents64(3, [pid 6557] memfd_create("syzkaller", 0) = 3 [pid 5079] getdents64(4, [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] umount2("./292/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6557] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] umount2("./293/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] newfstatat(AT_FDCWD, "./292/binderfs", [pid 6557] <... mmap resumed>) = 0x7f3feae00000 [pid 5079] rmdir("./290/file0") = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] unlink("./292/binderfs" [pid 5079] rmdir("./290") = 0 [pid 5077] <... unlink resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./293/binderfs", [pid 5079] mkdir("./291", 0777) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./292/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] unlink("./293/binderfs" [pid 5077] <... umount2 resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5078] <... unlink resumed>) = 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5077] umount2("./292/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] umount2("./293/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./292/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./292/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./292/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] <... umount2 resumed>) = 0 [pid 5077] newfstatat(4, "", [pid 5078] umount2("./293/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] getdents64(4, [pid 5078] newfstatat(AT_FDCWD, "./293/file0", [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] getdents64(4, [pid 5078] umount2("./293/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6557] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6556] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./292/file0") = 0 [pid 5078] openat(AT_FDCWD, "./293/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", [pid 5077] getdents64(3, [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] getdents64(4, [pid 5077] close(3) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] rmdir("./292" [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5078] close(4 [pid 5077] mkdir("./293", 0777 [pid 5078] <... close resumed>) = 0 [pid 5078] rmdir("./293/file0" [pid 6556] <... write resumed>) = 2097152 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5078] getdents64(3, [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6557] <... write resumed>) = 2097152 [pid 5078] close(3 [pid 5077] <... openat resumed>) = 3 [pid 6556] munmap(0x7f3feae00000, 138412032 [pid 5078] <... close resumed>) = 0 [pid 6556] <... munmap resumed>) = 0 [pid 5078] rmdir("./293" [pid 6556] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6557] munmap(0x7f3feae00000, 138412032 [pid 5079] <... ioctl resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5079] close(3 [pid 5078] mkdir("./294", 0777 [pid 5079] <... close resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6557] <... munmap resumed>) = 0 [pid 6556] <... openat resumed>) = 4 [pid 5078] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6558 attached [pid 6557] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6556] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6558 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6558] set_robust_list(0x555556d3f660, 24 [pid 6557] <... openat resumed>) = 4 [pid 5078] <... openat resumed>) = 3 [pid 6558] <... set_robust_list resumed>) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6558] chdir("./291" [pid 6557] ioctl(4, LOOP_SET_FD, 3 [pid 6558] <... chdir resumed>) = 0 [pid 6556] <... ioctl resumed>) = 0 [pid 6556] close(3) = 0 [pid 6556] close(4) = 0 [pid 6556] mkdir("./file0", 0777 [pid 6558] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6557] <... ioctl resumed>) = 0 [pid 6558] setpgid(0, 0) = 0 [pid 6557] close(3 [pid 6558] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6557] <... close resumed>) = 0 [pid 6557] close(4 [pid 6556] <... mkdir resumed>) = 0 [pid 6558] <... openat resumed>) = 3 [pid 6557] <... close resumed>) = 0 [pid 6556] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6557] mkdir("./file0", 0777) = 0 [pid 6558] write(3, "1000", 4 [pid 6557] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6558] <... write resumed>) = 4 [pid 6558] close(3) = 0 [ 287.981045][ T6556] loop4: detected capacity change from 0 to 4096 [ 287.985168][ T6557] loop0: detected capacity change from 0 to 4096 [ 288.021151][ T6556] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6558] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 6558] memfd_create("syzkaller", 0) = 3 [pid 5077] <... ioctl resumed>) = 0 [pid 6558] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] close(3 [pid 5077] close(3) = 0 [pid 5078] <... close resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6556] <... mount resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6559 attached ./strace-static-x86_64: Process 6560 attached [pid 6558] <... mmap resumed>) = 0x7f3feae00000 [pid 6556] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6559 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6560 [pid 6559] set_robust_list(0x555556d3f660, 24 [pid 6560] set_robust_list(0x555556d3f660, 24 [pid 6556] <... openat resumed>) = 3 [pid 6560] <... set_robust_list resumed>) = 0 [pid 6559] <... set_robust_list resumed>) = 0 [pid 6560] chdir("./293" [pid 6556] chdir("./file0" [pid 6559] chdir("./294" [pid 6560] <... chdir resumed>) = 0 [pid 6556] <... chdir resumed>) = 0 [pid 6559] <... chdir resumed>) = 0 [pid 6560] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6556] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6559] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6560] <... prctl resumed>) = 0 [pid 6556] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 288.048262][ T6557] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6559] <... prctl resumed>) = 0 [pid 6560] setpgid(0, 0 [pid 6556] exit_group(0 [pid 6559] setpgid(0, 0 [pid 6560] <... setpgid resumed>) = 0 [pid 6556] <... exit_group resumed>) = ? [pid 6559] <... setpgid resumed>) = 0 [pid 6560] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6556] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6556, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 6559] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6560] <... openat resumed>) = 3 [pid 6559] <... openat resumed>) = 3 [pid 6560] write(3, "1000", 4 [pid 6559] write(3, "1000", 4 [pid 6560] <... write resumed>) = 4 [pid 5080] umount2("./289", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6559] <... write resumed>) = 4 [pid 6560] close(3 [pid 6559] close(3 [pid 6560] <... close resumed>) = 0 [pid 6559] <... close resumed>) = 0 [pid 6560] symlink("/dev/binderfs", "./binderfs" [pid 6559] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./289", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, [pid 6559] <... symlink resumed>) = 0 [pid 6558] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./289/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6559] memfd_create("syzkaller", 0 [pid 6560] <... symlink resumed>) = 0 [pid 6557] <... mount resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6559] <... memfd_create resumed>) = 3 [pid 5080] newfstatat(AT_FDCWD, "./289/binderfs", [pid 6559] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./289/binderfs" [pid 6559] <... mmap resumed>) = 0x7f3feae00000 [pid 6557] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... unlink resumed>) = 0 [pid 6560] memfd_create("syzkaller", 0 [pid 6557] <... openat resumed>) = 3 [pid 5080] umount2("./289/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6557] chdir("./file0") = 0 [pid 6560] <... memfd_create resumed>) = 3 [pid 6557] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6560] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6557] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6557] exit_group(0) = ? [pid 6557] +++ exited with 0 +++ [pid 6560] <... mmap resumed>) = 0x7f3feae00000 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6557, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5076] umount2("./291", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... umount2 resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./291", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] umount2("./289/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./291/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] newfstatat(AT_FDCWD, "./289/file0", [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./291/binderfs", [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./289/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./289/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] unlink("./291/binderfs" [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, [pid 5076] <... unlink resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, [pid 5076] umount2("./291/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./289/file0") = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./289") = 0 [pid 5080] mkdir("./290", 0777) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6559] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6560] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6558] <... write resumed>) = 2097152 [pid 5076] umount2("./291/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6558] munmap(0x7f3feae00000, 138412032 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./291/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./291/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./291/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./291/file0") = 0 [pid 5076] getdents64(3, [pid 6558] <... munmap resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6558] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] close(3 [pid 6558] <... openat resumed>) = 4 [pid 5076] <... close resumed>) = 0 [pid 6558] ioctl(4, LOOP_SET_FD, 3 [pid 5076] rmdir("./291") = 0 [pid 5076] mkdir("./292", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6559] <... write resumed>) = 2097152 [pid 6558] <... ioctl resumed>) = 0 [pid 6559] munmap(0x7f3feae00000, 138412032 [pid 5076] <... openat resumed>) = 3 [pid 6558] close(3) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6558] close(4 [pid 6559] <... munmap resumed>) = 0 [pid 6560] <... write resumed>) = 2097152 [pid 6558] <... close resumed>) = 0 [pid 6558] mkdir("./file0", 0777 [pid 6559] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6560] munmap(0x7f3feae00000, 138412032 [pid 6558] <... mkdir resumed>) = 0 [ 288.293855][ T6558] loop3: detected capacity change from 0 to 4096 [pid 5080] <... ioctl resumed>) = 0 [pid 6559] <... openat resumed>) = 4 [pid 6558] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6559] ioctl(4, LOOP_SET_FD, 3 [pid 5080] close(3) = 0 [pid 6559] <... ioctl resumed>) = 0 [pid 6560] <... munmap resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6559] close(3 [pid 6560] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6559] <... close resumed>) = 0 [pid 6560] <... openat resumed>) = 4 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6561 [pid 6559] close(4 [pid 6560] ioctl(4, LOOP_SET_FD, 3 [pid 6559] <... close resumed>) = 0 [pid 6559] mkdir("./file0", 0777./strace-static-x86_64: Process 6561 attached [pid 6561] set_robust_list(0x555556d3f660, 24 [pid 6559] <... mkdir resumed>) = 0 [pid 6559] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6561] <... set_robust_list resumed>) = 0 [ 288.340881][ T6559] loop2: detected capacity change from 0 to 4096 [ 288.351259][ T6558] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 288.378933][ T6560] loop1: detected capacity change from 0 to 4096 [pid 6561] chdir("./290") = 0 [pid 6561] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6560] <... ioctl resumed>) = 0 [pid 6561] <... prctl resumed>) = 0 [pid 6561] setpgid(0, 0 [pid 6560] close(3 [pid 6561] <... setpgid resumed>) = 0 [pid 6561] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6560] <... close resumed>) = 0 [pid 6560] close(4 [pid 6561] <... openat resumed>) = 3 [pid 6560] <... close resumed>) = 0 [pid 6561] write(3, "1000", 4 [pid 6560] mkdir("./file0", 0777 [pid 6561] <... write resumed>) = 4 [pid 6560] <... mkdir resumed>) = 0 [pid 6561] close(3 [ 288.390496][ T6559] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6560] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6561] <... close resumed>) = 0 [pid 6561] symlink("/dev/binderfs", "./binderfs" [pid 5076] <... ioctl resumed>) = 0 [pid 6561] <... symlink resumed>) = 0 [pid 6561] memfd_create("syzkaller", 0) = 3 [pid 5076] close(3 [pid 6561] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... close resumed>) = 0 [pid 6558] <... mount resumed>) = 0 [pid 6561] <... mmap resumed>) = 0x7f3feae00000 [pid 6558] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6558] <... openat resumed>) = 3 [pid 6558] chdir("./file0" [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6562 [pid 6559] <... mount resumed>) = 0 [pid 6558] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 6562 attached [pid 6559] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6558] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6559] <... openat resumed>) = 3 [pid 6558] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6562] set_robust_list(0x555556d3f660, 24 [pid 6559] chdir("./file0" [pid 6558] exit_group(0 [pid 6562] <... set_robust_list resumed>) = 0 [pid 6559] <... chdir resumed>) = 0 [pid 6558] <... exit_group resumed>) = ? [pid 6559] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [ 288.431877][ T6560] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6559] exit_group(0 [pid 6562] chdir("./292" [pid 6559] <... exit_group resumed>) = ? [pid 6562] <... chdir resumed>) = 0 [pid 6559] +++ exited with 0 +++ [pid 6562] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6559, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 6562] <... prctl resumed>) = 0 [pid 5078] umount2("./294", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6562] setpgid(0, 0) = 0 [pid 5078] openat(AT_FDCWD, "./294", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6562] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] <... openat resumed>) = 3 [pid 5078] newfstatat(3, "", [pid 6562] <... openat resumed>) = 3 [pid 6558] +++ exited with 0 +++ [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6558, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./294/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./294/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./294/binderfs") = 0 [pid 5079] umount2("./291", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] umount2("./294/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6562] write(3, "1000", 4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6562] <... write resumed>) = 4 [pid 5079] openat(AT_FDCWD, "./291", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... umount2 resumed>) = 0 [pid 6562] close(3) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5078] umount2("./294/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6562] symlink("/dev/binderfs", "./binderfs" [pid 5079] newfstatat(3, "", [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6562] <... symlink resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] newfstatat(AT_FDCWD, "./294/file0", [pid 6562] memfd_create("syzkaller", 0) = 3 [pid 5079] getdents64(3, [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./294/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] umount2("./291/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./294/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] newfstatat(AT_FDCWD, "./291/binderfs", [pid 5078] <... openat resumed>) = 4 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./291/binderfs" [pid 5078] newfstatat(4, "", [pid 5079] <... unlink resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, [pid 5079] umount2("./291/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] <... umount2 resumed>) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] umount2("./291/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] close(4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... close resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./291/file0", [pid 5078] rmdir("./294/file0" [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 6562] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] umount2("./291/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6562] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] getdents64(3, [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] openat(AT_FDCWD, "./291/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] close(3 [pid 5079] <... openat resumed>) = 4 [pid 5078] <... close resumed>) = 0 [pid 5079] newfstatat(4, "", [pid 5078] rmdir("./294" [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5079] getdents64(4, [pid 5078] mkdir("./295", 0777 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] <... mkdir resumed>) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] close(4 [pid 5078] <... openat resumed>) = 3 [pid 5079] <... close resumed>) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5079] rmdir("./291/file0") = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./291") = 0 [pid 5079] mkdir("./292", 0777) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6560] <... mount resumed>) = 0 [pid 6560] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6560] chdir("./file0") = 0 [pid 6560] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6561] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6560] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6560] exit_group(0) = ? [pid 6560] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6560, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5077] umount2("./293", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./293", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./293/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6562] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] newfstatat(AT_FDCWD, "./293/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./293/binderfs") = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5077] umount2("./293/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... ioctl resumed>) = 0 [pid 6561] <... write resumed>) = 2097152 [pid 5078] close(3 [pid 5077] <... umount2 resumed>) = 0 [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6561] munmap(0x7f3feae00000, 138412032) = 0 [pid 5078] <... close resumed>) = 0 [pid 5077] umount2("./293/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6563 [pid 5077] newfstatat(AT_FDCWD, "./293/file0", ./strace-static-x86_64: Process 6564 attached ./strace-static-x86_64: Process 6563 attached [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6564 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6564] set_robust_list(0x555556d3f660, 24) = 0 [pid 5077] umount2("./293/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6564] chdir("./295" [pid 6563] set_robust_list(0x555556d3f660, 24 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./293/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6564] <... chdir resumed>) = 0 [pid 6563] <... set_robust_list resumed>) = 0 [pid 6561] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6564] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] <... openat resumed>) = 4 [pid 6564] <... prctl resumed>) = 0 [pid 6563] chdir("./292" [pid 6562] <... write resumed>) = 2097152 [pid 6561] <... openat resumed>) = 4 [pid 5077] newfstatat(4, "", [pid 6564] setpgid(0, 0 [pid 6563] <... chdir resumed>) = 0 [pid 6562] munmap(0x7f3feae00000, 138412032 [pid 6561] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6564] <... setpgid resumed>) = 0 [pid 6563] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] getdents64(4, [pid 6564] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6563] <... prctl resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, [pid 6564] <... openat resumed>) = 3 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4 [pid 6564] write(3, "1000", 4 [pid 5077] <... close resumed>) = 0 [pid 6564] <... write resumed>) = 4 [pid 5077] rmdir("./293/file0" [pid 6564] close(3 [pid 6562] <... munmap resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 6564] <... close resumed>) = 0 [pid 6563] setpgid(0, 0 [pid 6561] <... ioctl resumed>) = 0 [pid 6564] symlink("/dev/binderfs", "./binderfs" [pid 6563] <... setpgid resumed>) = 0 [pid 6562] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6561] close(3 [pid 5077] getdents64(3, [pid 6564] <... symlink resumed>) = 0 [pid 6563] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6562] <... openat resumed>) = 4 [pid 5077] close(3 [pid 6563] <... openat resumed>) = 3 [pid 6562] ioctl(4, LOOP_SET_FD, 3 [pid 6561] <... close resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./293" [pid 6564] memfd_create("syzkaller", 0 [pid 6563] write(3, "1000", 4 [pid 5077] <... rmdir resumed>) = 0 [pid 6561] close(4 [pid 6564] <... memfd_create resumed>) = 3 [pid 6563] <... write resumed>) = 4 [pid 6564] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6563] close(3 [pid 6561] <... close resumed>) = 0 [pid 5077] mkdir("./294", 0777 [pid 6564] <... mmap resumed>) = 0x7f3feae00000 [pid 6563] <... close resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 6561] mkdir("./file0", 0777 [pid 6563] symlink("/dev/binderfs", "./binderfs" [pid 6561] <... mkdir resumed>) = 0 [pid 6563] <... symlink resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 6563] memfd_create("syzkaller", 0 [pid 6561] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [ 288.739590][ T6561] loop4: detected capacity change from 0 to 4096 [ 288.760538][ T6562] loop0: detected capacity change from 0 to 4096 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6563] <... memfd_create resumed>) = 3 [pid 6562] <... ioctl resumed>) = 0 [pid 6563] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6562] close(3 [pid 6563] <... mmap resumed>) = 0x7f3feae00000 [pid 6562] <... close resumed>) = 0 [pid 6562] close(4) = 0 [pid 6562] mkdir("./file0", 0777) = 0 [pid 6562] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [ 288.787698][ T6561] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 288.823212][ T6562] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6564] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... ioctl resumed>) = 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6565 attached , child_tidptr=0x555556d3f650) = 6565 [pid 6565] set_robust_list(0x555556d3f660, 24) = 0 [pid 6565] chdir("./294" [pid 6563] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6561] <... mount resumed>) = 0 [pid 6561] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6561] chdir("./file0") = 0 [pid 6561] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6565] <... chdir resumed>) = 0 [pid 6562] <... mount resumed>) = 0 [pid 6561] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6565] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6565] setpgid(0, 0 [pid 6561] exit_group(0) = ? [pid 6565] <... setpgid resumed>) = 0 [pid 6562] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6561] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6561, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=4 /* 0.04 s */} --- [pid 6565] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6562] <... openat resumed>) = 3 [pid 6565] <... openat resumed>) = 3 [pid 5080] umount2("./290", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6565] write(3, "1000", 4 [pid 6564] <... write resumed>) = 2097152 [pid 6565] <... write resumed>) = 4 [pid 6562] chdir("./file0" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6562] <... chdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./290", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6565] close(3 [pid 6564] munmap(0x7f3feae00000, 138412032 [pid 6562] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] <... openat resumed>) = 3 [pid 6565] <... close resumed>) = 0 [pid 6562] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] newfstatat(3, "", [pid 6565] symlink("/dev/binderfs", "./binderfs" [pid 6562] exit_group(0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6565] <... symlink resumed>) = 0 [pid 6562] <... exit_group resumed>) = ? [pid 5080] getdents64(3, [pid 6562] +++ exited with 0 +++ [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6562, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 6563] <... write resumed>) = 2097152 [pid 5080] umount2("./290/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] umount2("./292", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6564] <... munmap resumed>) = 0 [pid 6565] memfd_create("syzkaller", 0 [pid 6563] munmap(0x7f3feae00000, 138412032 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6565] <... memfd_create resumed>) = 3 [pid 6564] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] newfstatat(AT_FDCWD, "./290/binderfs", [pid 5076] openat(AT_FDCWD, "./292", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6564] <... openat resumed>) = 4 [pid 5076] <... openat resumed>) = 3 [pid 6565] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6564] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] newfstatat(3, "", [pid 5080] unlink("./290/binderfs" [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./292/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./292/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./292/binderfs") = 0 [pid 5076] umount2("./292/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... unlink resumed>) = 0 [pid 6565] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] umount2("./290/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = 0 [pid 6563] <... munmap resumed>) = 0 [pid 5076] umount2("./292/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... umount2 resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./292/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6563] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] umount2("./292/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6564] <... ioctl resumed>) = 0 [pid 6564] close(3 [pid 6563] <... openat resumed>) = 4 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6564] <... close resumed>) = 0 [pid 5080] umount2("./290/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "./292/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6564] close(4 [pid 6563] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... openat resumed>) = 4 [pid 6564] <... close resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./290/file0", [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 6564] mkdir("./file0", 0777 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... close resumed>) = 0 [pid 6564] <... mkdir resumed>) = 0 [pid 5080] umount2("./290/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] rmdir("./292/file0" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... rmdir resumed>) = 0 [pid 6564] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5080] openat(AT_FDCWD, "./290/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 289.008877][ T6564] loop2: detected capacity change from 0 to 4096 [ 289.036517][ T6563] loop3: detected capacity change from 0 to 4096 [pid 5076] getdents64(3, [pid 5080] <... openat resumed>) = 4 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./292") = 0 [pid 5076] mkdir("./293", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6563] <... ioctl resumed>) = 0 [pid 6565] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] newfstatat(4, "", [pid 6563] close(3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, [pid 6563] <... close resumed>) = 0 [pid 6563] close(4) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, [pid 6563] mkdir("./file0", 0777 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [ 289.070515][ T6564] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5080] rmdir("./290/file0" [pid 6563] <... mkdir resumed>) = 0 [pid 6563] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5080] <... rmdir resumed>) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 6565] <... write resumed>) = 2097152 [pid 5080] rmdir("./290") = 0 [pid 5080] mkdir("./291", 0777) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6565] munmap(0x7f3feae00000, 138412032 [pid 5076] <... ioctl resumed>) = 0 [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6566 ./strace-static-x86_64: Process 6566 attached [pid 6566] set_robust_list(0x555556d3f660, 24 [pid 6565] <... munmap resumed>) = 0 [pid 6564] <... mount resumed>) = 0 [pid 6566] <... set_robust_list resumed>) = 0 [pid 6564] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6566] chdir("./293") = 0 [pid 6566] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6566] setpgid(0, 0) = 0 [pid 6566] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6564] <... openat resumed>) = 3 [pid 6566] <... openat resumed>) = 3 [pid 6564] chdir("./file0" [pid 6566] write(3, "1000", 4) = 4 [ 289.137638][ T6563] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6566] close(3 [pid 6565] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6566] <... close resumed>) = 0 [pid 6564] <... chdir resumed>) = 0 [pid 6564] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6566] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6566] memfd_create("syzkaller", 0 [pid 6564] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6564] exit_group(0 [pid 6565] <... openat resumed>) = 4 [pid 6565] ioctl(4, LOOP_SET_FD, 3 [pid 6564] <... exit_group resumed>) = ? [pid 6566] <... memfd_create resumed>) = 3 [pid 6566] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6564] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6564, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=7 /* 0.07 s */} --- [pid 5078] umount2("./295", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./295", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./295/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6565] <... ioctl resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./295/binderfs", [pid 6565] close(3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6565] <... close resumed>) = 0 [pid 5078] unlink("./295/binderfs" [pid 6565] close(4 [pid 5078] <... unlink resumed>) = 0 [pid 6565] <... close resumed>) = 0 [pid 5078] umount2("./295/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6565] mkdir("./file0", 0777) = 0 [ 289.206617][ T6565] loop1: detected capacity change from 0 to 4096 [pid 6565] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5080] <... ioctl resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6563] <... mount resumed>) = 0 [pid 5078] umount2("./295/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6563] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6567 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./295/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6563] <... openat resumed>) = 3 [pid 5078] umount2("./295/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./295/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, ./strace-static-x86_64: Process 6567 attached 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6567] set_robust_list(0x555556d3f660, 24 [pid 5078] getdents64(4, [pid 6567] <... set_robust_list resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6567] chdir("./291") = 0 [pid 5078] close(4 [pid 6567] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5078] <... close resumed>) = 0 [pid 6567] setpgid(0, 0 [pid 5078] rmdir("./295/file0" [pid 6567] <... setpgid resumed>) = 0 [pid 6563] chdir("./file0" [pid 6567] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6563] <... chdir resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6563] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] close(3 [pid 6567] <... openat resumed>) = 3 [pid 6563] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... close resumed>) = 0 [pid 6567] write(3, "1000", 4 [pid 5078] rmdir("./295" [pid 6567] <... write resumed>) = 4 [pid 6563] exit_group(0 [pid 5078] <... rmdir resumed>) = 0 [ 289.251978][ T6565] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6567] close(3 [pid 6563] <... exit_group resumed>) = ? [pid 5078] mkdir("./296", 0777 [pid 6567] <... close resumed>) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 6567] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6563] +++ exited with 0 +++ [pid 6567] memfd_create("syzkaller", 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6563, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5079] restart_syscall(<... resuming interrupted clone ...> [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] <... restart_syscall resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5079] umount2("./292", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./292", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6567] <... memfd_create resumed>) = 3 [pid 5079] newfstatat(3, "", [pid 6567] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6567] <... mmap resumed>) = 0x7f3feae00000 [pid 6566] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./292/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./292/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./292/binderfs") = 0 [pid 5079] umount2("./292/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5079] umount2("./292/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./292/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./292/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6565] <... mount resumed>) = 0 [pid 6565] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6565] <... openat resumed>) = 3 [pid 5079] openat(AT_FDCWD, "./292/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6565] chdir("./file0" [pid 5079] getdents64(4, [pid 6565] <... chdir resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6565] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] close(4 [pid 6565] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... close resumed>) = 0 [pid 6565] exit_group(0 [pid 5079] rmdir("./292/file0") = 0 [pid 6565] <... exit_group resumed>) = ? [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./292") = 0 [pid 5079] mkdir("./293", 0777) = 0 [pid 6565] +++ exited with 0 +++ [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6565, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5077] umount2("./294", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./294", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6566] <... write resumed>) = 2097152 [pid 5078] <... ioctl resumed>) = 0 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] close(3 [pid 5077] getdents64(3, [pid 5078] <... close resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] umount2("./294/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./294/binderfs", [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6568 ./strace-static-x86_64: Process 6568 attached [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./294/binderfs" [pid 6568] set_robust_list(0x555556d3f660, 24 [pid 5077] <... unlink resumed>) = 0 [pid 6568] <... set_robust_list resumed>) = 0 [pid 5077] umount2("./294/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6568] chdir("./296") = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 5077] umount2("./294/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./294/file0", [pid 6568] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6568] setpgid(0, 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./294/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6568] <... setpgid resumed>) = 0 [pid 6567] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6566] munmap(0x7f3feae00000, 138412032 [pid 6568] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6566] <... munmap resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6568] <... openat resumed>) = 3 [pid 5077] openat(AT_FDCWD, "./294/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6568] write(3, "1000", 4 [pid 5077] <... openat resumed>) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, [pid 6568] <... write resumed>) = 4 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6568] close(3 [pid 5077] getdents64(4, [pid 6568] <... close resumed>) = 0 [pid 6568] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4 [pid 6566] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5077] <... close resumed>) = 0 [pid 6566] <... openat resumed>) = 4 [pid 5077] rmdir("./294/file0" [pid 6568] memfd_create("syzkaller", 0 [pid 6566] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... rmdir resumed>) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3 [pid 6568] <... memfd_create resumed>) = 3 [pid 6566] <... ioctl resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 6568] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] rmdir("./294" [pid 5079] close(3 [pid 6568] <... mmap resumed>) = 0x7f3feae00000 [pid 6567] <... write resumed>) = 2097152 [pid 6566] close(3 [pid 5077] <... rmdir resumed>) = 0 [pid 6566] <... close resumed>) = 0 [pid 6567] munmap(0x7f3feae00000, 138412032 [pid 5079] <... close resumed>) = 0 [pid 6566] close(4 [pid 5077] mkdir("./295", 0777 [pid 6566] <... close resumed>) = 0 [pid 6567] <... munmap resumed>) = 0 [pid 6566] mkdir("./file0", 0777 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... mkdir resumed>) = 0 [pid 6566] <... mkdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6566] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5077] <... openat resumed>) = 3 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6569 [ 289.488844][ T6566] loop0: detected capacity change from 0 to 4096 [pid 6567] openat(AT_FDCWD, "/dev/loop4", O_RDWR./strace-static-x86_64: Process 6569 attached [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6569] set_robust_list(0x555556d3f660, 24) = 0 [pid 6569] chdir("./293") = 0 [pid 6569] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6569] setpgid(0, 0) = 0 [pid 6567] <... openat resumed>) = 4 [pid 6569] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6567] ioctl(4, LOOP_SET_FD, 3 [pid 6569] <... openat resumed>) = 3 [pid 6569] write(3, "1000", 4) = 4 [pid 6566] <... mount resumed>) = 0 [pid 6569] close(3 [pid 6566] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6567] <... ioctl resumed>) = 0 [pid 6567] close(3) = 0 [pid 6567] close(4 [pid 6569] <... close resumed>) = 0 [pid 6566] chdir("./file0" [pid 6569] symlink("/dev/binderfs", "./binderfs" [pid 6567] <... close resumed>) = 0 [pid 6566] <... chdir resumed>) = 0 [pid 6569] <... symlink resumed>) = 0 [pid 6566] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6567] mkdir("./file0", 0777 [pid 6566] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6567] <... mkdir resumed>) = 0 [pid 6567] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6566] exit_group(0) = ? [ 289.541902][ T6566] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 289.565975][ T6567] loop4: detected capacity change from 0 to 4096 [pid 6569] memfd_create("syzkaller", 0) = 3 [pid 6569] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6566] +++ exited with 0 +++ [pid 6568] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6566, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 6569] <... mmap resumed>) = 0x7f3feae00000 [pid 5076] umount2("./293", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./293", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./293/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./293/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./293/binderfs") = 0 [ 289.613111][ T6567] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5076] umount2("./293/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5076] umount2("./293/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./293/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./293/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./293/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./293/file0") = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./293") = 0 [pid 5076] mkdir("./294", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD) = 0 [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6570 attached [pid 5077] <... ioctl resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6570 [pid 6570] set_robust_list(0x555556d3f660, 24) = 0 [pid 6570] chdir("./294") = 0 [pid 6568] <... write resumed>) = 2097152 [pid 6570] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] close(3) = 0 [pid 6570] <... prctl resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6570] setpgid(0, 0) = 0 [pid 6570] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6570] write(3, "1000", 4) = 4 [pid 6570] close(3) = 0 [pid 6568] munmap(0x7f3feae00000, 138412032 [pid 6570] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6571 ./strace-static-x86_64: Process 6571 attached [pid 6570] <... symlink resumed>) = 0 [pid 6571] set_robust_list(0x555556d3f660, 24) = 0 [pid 6571] chdir("./295" [pid 6570] memfd_create("syzkaller", 0 [pid 6568] <... munmap resumed>) = 0 [pid 6571] <... chdir resumed>) = 0 [pid 6571] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6570] <... memfd_create resumed>) = 3 [pid 6570] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6571] <... prctl resumed>) = 0 [pid 6571] setpgid(0, 0) = 0 [pid 6571] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6568] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6568] ioctl(4, LOOP_SET_FD, 3 [pid 6571] <... openat resumed>) = 3 [pid 6571] write(3, "1000", 4 [pid 6569] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6568] <... ioctl resumed>) = 0 [pid 6571] <... write resumed>) = 4 [pid 6567] <... mount resumed>) = 0 [pid 6571] close(3) = 0 [pid 6571] symlink("/dev/binderfs", "./binderfs" [pid 6568] close(3 [pid 6567] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6571] <... symlink resumed>) = 0 [pid 6568] <... close resumed>) = 0 [pid 6568] close(4 [pid 6571] memfd_create("syzkaller", 0 [pid 6568] <... close resumed>) = 0 [pid 6568] mkdir("./file0", 0777) = 0 [pid 6567] <... openat resumed>) = 3 [pid 6567] chdir("./file0") = 0 [pid 6571] <... memfd_create resumed>) = 3 [pid 6568] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [ 289.763575][ T6568] loop2: detected capacity change from 0 to 4096 [pid 6567] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6571] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6567] exit_group(0 [pid 6571] <... mmap resumed>) = 0x7f3feae00000 [pid 6567] <... exit_group resumed>) = ? [pid 6567] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6567, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5080] umount2("./291", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./291", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./291/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./291/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./291/binderfs") = 0 [pid 5080] umount2("./291/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5080] umount2("./291/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./291/file0", [pid 6570] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6569] <... write resumed>) = 2097152 [ 289.829275][ T6568] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6569] munmap(0x7f3feae00000, 138412032 [pid 6568] <... mount resumed>) = 0 [pid 5080] umount2("./291/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./291/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6568] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... openat resumed>) = 4 [pid 5080] newfstatat(4, "", [pid 6568] <... openat resumed>) = 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6568] chdir("./file0" [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6568] <... chdir resumed>) = 0 [pid 5080] close(4 [pid 6568] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./291/file0") = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3 [pid 6568] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./291" [pid 6568] exit_group(0 [pid 5080] <... rmdir resumed>) = 0 [pid 6568] <... exit_group resumed>) = ? [pid 6569] <... munmap resumed>) = 0 [pid 6568] +++ exited with 0 +++ [pid 5080] mkdir("./292", 0777 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6568, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5078] umount2("./296", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... mkdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./296", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6571] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6569] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6569] <... openat resumed>) = 4 [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./296/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6569] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... openat resumed>) = 3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./296/binderfs", [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./296/binderfs" [pid 6569] <... ioctl resumed>) = 0 [pid 6570] <... write resumed>) = 2097152 [pid 6569] close(3) = 0 [pid 6569] close(4) = 0 [pid 6570] munmap(0x7f3feae00000, 138412032 [pid 6569] mkdir("./file0", 0777 [pid 5078] <... unlink resumed>) = 0 [pid 6569] <... mkdir resumed>) = 0 [pid 5078] umount2("./296/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6569] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5078] <... umount2 resumed>) = 0 [pid 5078] umount2("./296/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 289.950767][ T6569] loop3: detected capacity change from 0 to 4096 [ 289.989220][ T6569] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5078] newfstatat(AT_FDCWD, "./296/file0", [pid 6571] <... write resumed>) = 2097152 [pid 6570] <... munmap resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./296/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./296/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, [pid 6571] munmap(0x7f3feae00000, 138412032 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6570] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] close(4) = 0 [pid 5078] rmdir("./296/file0" [pid 6570] <... openat resumed>) = 4 [pid 5080] <... ioctl resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 6570] ioctl(4, LOOP_SET_FD, 3 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3 [pid 5078] close(3 [pid 5080] <... close resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5078] rmdir("./296") = 0 [pid 5078] mkdir("./297", 0777 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... mkdir resumed>) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6572 ./strace-static-x86_64: Process 6572 attached [pid 6572] set_robust_list(0x555556d3f660, 24) = 0 [pid 6572] chdir("./292" [pid 6570] <... ioctl resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 6570] close(3 [pid 6572] <... chdir resumed>) = 0 [pid 6570] <... close resumed>) = 0 [pid 6572] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6570] close(4 [pid 6572] <... prctl resumed>) = 0 [pid 6570] <... close resumed>) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6571] <... munmap resumed>) = 0 [pid 6570] mkdir("./file0", 0777 [pid 6572] setpgid(0, 0 [pid 6571] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6570] <... mkdir resumed>) = 0 [pid 6572] <... setpgid resumed>) = 0 [pid 6571] <... openat resumed>) = 4 [pid 6570] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6569] <... mount resumed>) = 0 [pid 6571] ioctl(4, LOOP_SET_FD, 3 [pid 6569] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6572] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6572] write(3, "1000", 4) = 4 [pid 6572] close(3) = 0 [pid 6572] symlink("/dev/binderfs", "./binderfs" [pid 6569] <... openat resumed>) = 3 [pid 6572] <... symlink resumed>) = 0 [pid 6571] <... ioctl resumed>) = 0 [pid 6569] chdir("./file0" [pid 6572] memfd_create("syzkaller", 0 [pid 6571] close(3 [pid 6569] <... chdir resumed>) = 0 [ 290.046238][ T6570] loop0: detected capacity change from 0 to 4096 [ 290.083460][ T6571] loop1: detected capacity change from 0 to 4096 [pid 6571] <... close resumed>) = 0 [pid 6569] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6572] <... memfd_create resumed>) = 3 [pid 6572] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6569] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6571] close(4 [pid 6572] <... mmap resumed>) = 0x7f3feae00000 [pid 6569] exit_group(0 [pid 6571] <... close resumed>) = 0 [pid 6571] mkdir("./file0", 0777 [pid 6569] <... exit_group resumed>) = ? [pid 6571] <... mkdir resumed>) = 0 [pid 6569] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6569, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5079] umount2("./293", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./293", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", [pid 6571] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./293/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./293/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./293/binderfs") = 0 [pid 5079] umount2("./293/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [ 290.104249][ T6570] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5079] umount2("./293/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./293/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./293/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./293/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./293/file0") = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./293") = 0 [pid 5079] mkdir("./294", 0777) = 0 [ 290.151867][ T6571] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] close(3 [pid 5079] <... openat resumed>) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] <... close resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6573 ./strace-static-x86_64: Process 6573 attached [pid 6573] set_robust_list(0x555556d3f660, 24 [pid 6570] <... mount resumed>) = 0 [pid 6573] <... set_robust_list resumed>) = 0 [pid 6570] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6573] chdir("./297" [pid 6570] <... openat resumed>) = 3 [pid 6570] chdir("./file0" [pid 6573] <... chdir resumed>) = 0 [pid 6570] <... chdir resumed>) = 0 [pid 6573] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6570] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6573] <... prctl resumed>) = 0 [pid 6570] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6573] setpgid(0, 0 [pid 6572] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6570] exit_group(0 [pid 6573] <... setpgid resumed>) = 0 [pid 6571] <... mount resumed>) = 0 [pid 6570] <... exit_group resumed>) = ? [pid 6573] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6570] +++ exited with 0 +++ [pid 6573] <... openat resumed>) = 3 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6570, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=8 /* 0.08 s */} --- [pid 5076] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6571] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6573] write(3, "1000", 4 [pid 5076] umount2("./294", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6573] <... write resumed>) = 4 [pid 6571] <... openat resumed>) = 3 [pid 6571] chdir("./file0" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6571] <... chdir resumed>) = 0 [pid 6573] close(3 [pid 6571] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] openat(AT_FDCWD, "./294", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6571] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] <... openat resumed>) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6573] <... close resumed>) = 0 [pid 5076] getdents64(3, [pid 6573] symlink("/dev/binderfs", "./binderfs" [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6571] exit_group(0 [pid 6573] <... symlink resumed>) = 0 [pid 6571] <... exit_group resumed>) = ? [pid 5076] umount2("./294/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6571] +++ exited with 0 +++ [pid 5076] newfstatat(AT_FDCWD, "./294/binderfs", [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6571, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./294/binderfs" [pid 6573] memfd_create("syzkaller", 0 [pid 6572] <... write resumed>) = 2097152 [pid 5076] <... unlink resumed>) = 0 [pid 5076] umount2("./294/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6572] munmap(0x7f3feae00000, 138412032 [pid 5076] <... umount2 resumed>) = 0 [pid 5077] umount2("./295", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./295", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6572] <... munmap resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5076] umount2("./294/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6573] <... memfd_create resumed>) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6573] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] umount2("./295/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6573] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./295/binderfs", [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./294/file0", [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./295/binderfs") = 0 [pid 5076] umount2("./294/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] umount2("./295/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./294/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", [pid 5077] <... umount2 resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6572] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] getdents64(4, [pid 6572] <... openat resumed>) = 4 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, [pid 6572] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(3 [pid 5077] umount2("./295/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6572] <... ioctl resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5076] close(4 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6574 ./strace-static-x86_64: Process 6574 attached [pid 6574] set_robust_list(0x555556d3f660, 24) = 0 [pid 6574] chdir("./294") = 0 [pid 6574] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6574] setpgid(0, 0 [pid 5076] <... close resumed>) = 0 [pid 6574] <... setpgid resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./295/file0", [pid 5076] rmdir("./294/file0" [pid 6574] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6572] close(3 [pid 6574] <... openat resumed>) = 3 [pid 6572] <... close resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 6574] write(3, "1000", 4 [pid 5077] umount2("./295/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, [pid 6574] <... write resumed>) = 4 [pid 6572] close(4) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6574] close(3) = 0 [pid 5077] openat(AT_FDCWD, "./295/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6574] symlink("/dev/binderfs", "./binderfs" [pid 6572] mkdir("./file0", 0777 [pid 5077] <... openat resumed>) = 4 [pid 5076] close(3 [pid 5077] newfstatat(4, "", [pid 5076] <... close resumed>) = 0 [pid 6574] <... symlink resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] rmdir("./294" [pid 5077] getdents64(4, [pid 6574] memfd_create("syzkaller", 0 [pid 6573] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... rmdir resumed>) = 0 [pid 6572] <... mkdir resumed>) = 0 [pid 5077] getdents64(4, [pid 6572] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6574] <... memfd_create resumed>) = 3 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] mkdir("./295", 0777 [pid 6574] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5077] close(4) = 0 [pid 5076] <... mkdir resumed>) = 0 [ 290.350608][ T6572] loop4: detected capacity change from 0 to 4096 [pid 5077] rmdir("./295/file0") = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./295" [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5077] <... rmdir resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5077] mkdir("./296", 0777 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5077] <... mkdir resumed>) = 0 [pid 6573] <... write resumed>) = 2097152 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [ 290.416924][ T6572] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6573] munmap(0x7f3feae00000, 138412032) = 0 [pid 6573] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6573] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6574] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6573] close(3) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 6573] close(4) = 0 [pid 6573] mkdir("./file0", 0777) = 0 [ 290.481231][ T6573] loop2: detected capacity change from 0 to 4096 [pid 6572] <... mount resumed>) = 0 [pid 6573] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6572] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5077] <... ioctl resumed>) = 0 [pid 6572] <... openat resumed>) = 3 [pid 5077] close(3 [pid 6572] chdir("./file0" [pid 5077] <... close resumed>) = 0 [pid 6572] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 6575 attached [pid 6572] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6575 [pid 6575] set_robust_list(0x555556d3f660, 24) = 0 ./strace-static-x86_64: Process 6576 attached [pid 6575] chdir("./295" [pid 6576] set_robust_list(0x555556d3f660, 24 [pid 6575] <... chdir resumed>) = 0 [pid 6572] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6576 [pid 6576] <... set_robust_list resumed>) = 0 [pid 6576] chdir("./296" [pid 6575] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6576] <... chdir resumed>) = 0 [pid 6575] <... prctl resumed>) = 0 [pid 6576] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6575] setpgid(0, 0 [pid 6572] exit_group(0 [pid 6576] <... prctl resumed>) = 0 [pid 6575] <... setpgid resumed>) = 0 [pid 6574] <... write resumed>) = 2097152 [pid 6576] setpgid(0, 0 [pid 6575] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6576] <... setpgid resumed>) = 0 [pid 6576] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6575] <... openat resumed>) = 3 [ 290.556571][ T6573] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6575] write(3, "1000", 4) = 4 [pid 6572] <... exit_group resumed>) = ? [pid 6575] close(3) = 0 [pid 6575] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6576] <... openat resumed>) = 3 [pid 6576] write(3, "1000", 4) = 4 [pid 6576] close(3) = 0 [pid 6574] munmap(0x7f3feae00000, 138412032 [pid 6576] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6575] memfd_create("syzkaller", 0 [pid 6574] <... munmap resumed>) = 0 [pid 6572] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6572, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 6575] <... memfd_create resumed>) = 3 [pid 6576] memfd_create("syzkaller", 0 [pid 6574] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6575] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6574] <... openat resumed>) = 4 [pid 6575] <... mmap resumed>) = 0x7f3feae00000 [pid 6576] <... memfd_create resumed>) = 3 [pid 6574] ioctl(4, LOOP_SET_FD, 3 [pid 6576] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] umount2("./292", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./292", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", [pid 6576] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./292/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./292/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./292/binderfs") = 0 [pid 5080] umount2("./292/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5080] umount2("./292/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./292/file0", [pid 6574] <... ioctl resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6574] close(3) = 0 [pid 5080] umount2("./292/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6574] close(4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6574] <... close resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./292/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6574] mkdir("./file0", 0777 [pid 5080] <... openat resumed>) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, [pid 6574] <... mkdir resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4 [pid 6574] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5080] <... close resumed>) = 0 [ 290.667258][ T6574] loop3: detected capacity change from 0 to 4096 [pid 5080] rmdir("./292/file0") = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./292") = 0 [pid 5080] mkdir("./293", 0777) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6575] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6573] <... mount resumed>) = 0 [pid 6573] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6573] chdir("./file0") = 0 [pid 6573] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6573] exit_group(0) = ? [ 290.729357][ T6574] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6576] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6573] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6573, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5078] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6575] <... write resumed>) = 2097152 [pid 5078] umount2("./297", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6575] munmap(0x7f3feae00000, 138412032 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./297", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./297/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./297/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./297/binderfs" [pid 6575] <... munmap resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5078] umount2("./297/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6575] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5078] <... umount2 resumed>) = 0 [pid 6575] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5078] umount2("./297/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./297/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./297/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./297/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, [pid 5080] <... ioctl resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6574] <... mount resumed>) = 0 [pid 6575] close(3 [pid 5080] close(3 [pid 6574] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6575] <... close resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 6576] <... write resumed>) = 2097152 [pid 6575] close(4 [pid 6574] <... openat resumed>) = 3 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 ./strace-static-x86_64: Process 6577 attached [pid 6576] munmap(0x7f3feae00000, 138412032 [pid 6575] <... close resumed>) = 0 [pid 6574] chdir("./file0" [pid 5078] rmdir("./297/file0" [pid 6577] set_robust_list(0x555556d3f660, 24 [pid 6575] mkdir("./file0", 0777 [pid 6574] <... chdir resumed>) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6577 [pid 5078] <... rmdir resumed>) = 0 [pid 6577] <... set_robust_list resumed>) = 0 [pid 6574] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] getdents64(3, [pid 6577] chdir("./293" [pid 6575] <... mkdir resumed>) = 0 [pid 6574] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6577] <... chdir resumed>) = 0 [pid 6575] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6574] exit_group(0 [pid 5078] close(3 [pid 6577] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] <... close resumed>) = 0 [pid 6577] <... prctl resumed>) = 0 [pid 5078] rmdir("./297" [pid 6577] setpgid(0, 0 [pid 6574] <... exit_group resumed>) = ? [pid 5078] <... rmdir resumed>) = 0 [ 290.851214][ T6575] loop0: detected capacity change from 0 to 4096 [pid 6577] <... setpgid resumed>) = 0 [pid 5078] mkdir("./298", 0777 [pid 6577] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5078] <... mkdir resumed>) = 0 [pid 6577] write(3, "1000", 4 [pid 6576] <... munmap resumed>) = 0 [pid 6574] +++ exited with 0 +++ [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6577] <... write resumed>) = 4 [pid 6576] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6574, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=5 /* 0.05 s */} --- [pid 5078] <... openat resumed>) = 3 [pid 6577] close(3 [pid 6576] <... openat resumed>) = 4 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6577] <... close resumed>) = 0 [pid 6576] ioctl(4, LOOP_SET_FD, 3 [pid 6577] symlink("/dev/binderfs", "./binderfs" [pid 5079] umount2("./294", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6577] <... symlink resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./294", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, [pid 6576] <... ioctl resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6577] memfd_create("syzkaller", 0 [pid 6576] close(3 [pid 5079] umount2("./294/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6577] <... memfd_create resumed>) = 3 [pid 6576] <... close resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6576] close(4 [pid 5079] newfstatat(AT_FDCWD, "./294/binderfs", [pid 6577] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6576] <... close resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./294/binderfs" [pid 6577] <... mmap resumed>) = 0x7f3feae00000 [ 290.897312][ T6575] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 290.927926][ T6576] loop1: detected capacity change from 0 to 4096 [pid 6576] mkdir("./file0", 0777) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 5079] umount2("./294/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6576] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6575] <... mount resumed>) = 0 [pid 6575] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... umount2 resumed>) = 0 [pid 6575] <... openat resumed>) = 3 [pid 5079] umount2("./294/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... ioctl resumed>) = 0 [pid 6575] chdir("./file0" [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./294/file0", [pid 6575] <... chdir resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6575] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] umount2("./294/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6575] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./294/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6575] exit_group(0 [pid 5079] <... openat resumed>) = 4 [pid 6575] <... exit_group resumed>) = ? [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] close(3 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] <... close resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [ 290.994487][ T6576] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6575] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6575, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- ./strace-static-x86_64: Process 6578 attached [pid 6577] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] close(4 [pid 6578] set_robust_list(0x555556d3f660, 24 [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./294/file0" [pid 5076] umount2("./295", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6578 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./295", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", [pid 6578] <... set_robust_list resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 6578] chdir("./298") = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6578] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5079] getdents64(3, [pid 5076] getdents64(3, [pid 6578] setpgid(0, 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6578] <... setpgid resumed>) = 0 [pid 5079] close(3 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./294") = 0 [pid 6578] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6576] <... mount resumed>) = 0 [pid 5079] mkdir("./295", 0777 [pid 5076] umount2("./295/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6576] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6578] <... openat resumed>) = 3 [pid 6576] <... openat resumed>) = 3 [pid 6576] chdir("./file0" [pid 6578] write(3, "1000", 4 [pid 6576] <... chdir resumed>) = 0 [pid 6576] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6578] <... write resumed>) = 4 [pid 6576] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... mkdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6578] close(3 [pid 6576] exit_group(0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] newfstatat(AT_FDCWD, "./295/binderfs", [pid 6578] <... close resumed>) = 0 [pid 6576] <... exit_group resumed>) = ? [pid 5079] <... openat resumed>) = 3 [pid 6578] symlink("/dev/binderfs", "./binderfs" [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6578] <... symlink resumed>) = 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6576] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6576, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5077] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6578] memfd_create("syzkaller", 0 [pid 5077] umount2("./296", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] unlink("./295/binderfs" [pid 5077] openat(AT_FDCWD, "./296", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] <... unlink resumed>) = 0 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./296/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./296/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./296/binderfs") = 0 [pid 5077] umount2("./296/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6578] <... memfd_create resumed>) = 3 [pid 5077] <... umount2 resumed>) = 0 [pid 5076] umount2("./295/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6578] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... umount2 resumed>) = 0 [pid 6578] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] umount2("./296/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] umount2("./295/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6577] <... write resumed>) = 2097152 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./296/file0", [pid 5076] newfstatat(AT_FDCWD, "./295/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./295/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] umount2("./296/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./295/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] openat(AT_FDCWD, "./296/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] <... openat resumed>) = 4 [pid 6577] munmap(0x7f3feae00000, 138412032 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] newfstatat(4, "", [pid 5077] getdents64(4, [pid 6578] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6577] <... munmap resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6577] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] getdents64(4, [pid 5076] getdents64(4, [pid 6577] <... openat resumed>) = 4 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] close(4 [pid 5076] getdents64(4, [pid 5077] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] rmdir("./296/file0" [pid 5076] close(4 [pid 6577] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... ioctl resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./295/file0" [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] getdents64(3, [pid 5076] <... rmdir resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] getdents64(3, [pid 5077] close(3 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] close(3 [pid 5077] rmdir("./296" [pid 5076] <... close resumed>) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6579 ./strace-static-x86_64: Process 6579 attached [pid 5077] <... rmdir resumed>) = 0 [pid 5076] rmdir("./295" [pid 6579] set_robust_list(0x555556d3f660, 24) = 0 [pid 6579] chdir("./295" [pid 5076] <... rmdir resumed>) = 0 [pid 6579] <... chdir resumed>) = 0 [pid 6577] <... ioctl resumed>) = 0 [pid 6579] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6577] close(3 [pid 5076] mkdir("./296", 0777 [pid 6579] <... prctl resumed>) = 0 [pid 6577] <... close resumed>) = 0 [pid 6577] close(4) = 0 [pid 6577] mkdir("./file0", 0777 [pid 6579] setpgid(0, 0 [pid 6577] <... mkdir resumed>) = 0 [pid 5077] mkdir("./297", 0777 [pid 5076] <... mkdir resumed>) = 0 [pid 6579] <... setpgid resumed>) = 0 [pid 6579] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] <... mkdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6579] <... openat resumed>) = 3 [pid 6577] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6579] write(3, "1000", 4) = 4 [pid 6579] close(3) = 0 [pid 6579] symlink("/dev/binderfs", "./binderfs") = 0 [ 291.181774][ T6577] loop4: detected capacity change from 0 to 4096 [pid 6579] memfd_create("syzkaller", 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] <... openat resumed>) = 3 [pid 6579] <... memfd_create resumed>) = 3 [pid 6579] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5077] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6578] <... write resumed>) = 2097152 [pid 6578] munmap(0x7f3feae00000, 138412032) = 0 [ 291.232078][ T6577] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6578] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6578] ioctl(4, LOOP_SET_FD, 3 [pid 6577] <... mount resumed>) = 0 [pid 6577] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6577] chdir("./file0") = 0 [pid 6577] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6578] <... ioctl resumed>) = 0 [pid 6578] close(3 [pid 6577] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6578] <... close resumed>) = 0 [pid 6577] exit_group(0 [pid 6578] close(4 [pid 6577] <... exit_group resumed>) = ? [pid 6578] <... close resumed>) = 0 [pid 6577] +++ exited with 0 +++ [pid 6578] mkdir("./file0", 0777 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6577, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5080] umount2("./293", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6578] <... mkdir resumed>) = 0 [pid 6578] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5080] openat(AT_FDCWD, "./293", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... ioctl resumed>) = 0 [ 291.317147][ T6578] loop2: detected capacity change from 0 to 4096 [pid 5080] <... openat resumed>) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./293/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./293/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5076] close(3) = 0 [pid 5080] unlink("./293/binderfs" [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] close(3) = 0 [pid 5080] <... unlink resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] umount2("./293/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6580 ./strace-static-x86_64: Process 6580 attached [pid 6580] set_robust_list(0x555556d3f660, 24 [pid 5080] <... umount2 resumed>) = 0 [pid 6580] <... set_robust_list resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6581 [pid 6580] chdir("./297" [pid 5080] umount2("./293/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6580] <... chdir resumed>) = 0 [pid 6580] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 6581 attached ) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./293/file0", [pid 6581] set_robust_list(0x555556d3f660, 24) = 0 [pid 6580] setpgid(0, 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6580] <... setpgid resumed>) = 0 [pid 6581] chdir("./296" [pid 6580] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] umount2("./293/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6581] <... chdir resumed>) = 0 [pid 6581] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6580] <... openat resumed>) = 3 [pid 5080] openat(AT_FDCWD, "./293/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6581] <... prctl resumed>) = 0 [pid 6581] setpgid(0, 0 [pid 6580] write(3, "1000", 4 [pid 5080] newfstatat(4, "", [pid 6580] <... write resumed>) = 4 [pid 6579] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6581] <... setpgid resumed>) = 0 [pid 6580] close(3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6581] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6580] <... close resumed>) = 0 [pid 6581] <... openat resumed>) = 3 [pid 6580] symlink("/dev/binderfs", "./binderfs" [pid 5080] getdents64(4, [pid 6581] write(3, "1000", 4) = 4 [pid 6580] <... symlink resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6581] close(3 [pid 6580] memfd_create("syzkaller", 0 [ 291.371917][ T6578] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5080] getdents64(4, [pid 6581] <... close resumed>) = 0 [pid 6580] <... memfd_create resumed>) = 3 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6581] symlink("/dev/binderfs", "./binderfs" [pid 6580] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6581] <... symlink resumed>) = 0 [pid 5080] close(4 [pid 6581] memfd_create("syzkaller", 0 [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./293/file0") = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 6581] <... memfd_create resumed>) = 3 [pid 6581] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5080] rmdir("./293") = 0 [pid 5080] mkdir("./294", 0777) = 0 [pid 6578] <... mount resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6578] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6579] <... write resumed>) = 2097152 [pid 6578] <... openat resumed>) = 3 [pid 6579] munmap(0x7f3feae00000, 138412032 [pid 6578] chdir("./file0") = 0 [pid 6578] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6578] exit_group(0) = ? [pid 6578] +++ exited with 0 +++ [pid 6579] <... munmap resumed>) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6578, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 6579] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] umount2("./298", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./298", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", [pid 6579] <... openat resumed>) = 4 [pid 6579] ioctl(4, LOOP_SET_FD, 3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, [pid 6580] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./298/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./298/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./298/binderfs") = 0 [pid 5078] umount2("./298/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5078] umount2("./298/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6579] <... ioctl resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./298/file0", [pid 6579] close(3 [pid 5080] <... ioctl resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] close(3 [pid 5078] umount2("./298/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6581] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6579] <... close resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6579] close(4 [pid 5078] openat(AT_FDCWD, "./298/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6579] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... openat resumed>) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, [pid 6579] mkdir("./file0", 0777 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6579] <... mkdir resumed>) = 0 [ 291.562587][ T6579] loop3: detected capacity change from 0 to 4096 [pid 5078] getdents64(4, ./strace-static-x86_64: Process 6582 attached [pid 6579] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6582 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 6582] set_robust_list(0x555556d3f660, 24) = 0 [pid 5078] rmdir("./298/file0") = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3 [pid 6582] chdir("./294" [pid 5078] <... close resumed>) = 0 [pid 6582] <... chdir resumed>) = 0 [pid 5078] rmdir("./298" [pid 6582] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6582] setpgid(0, 0) = 0 [pid 6582] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6582] write(3, "1000", 4) = 4 [pid 6582] close(3 [pid 5078] <... rmdir resumed>) = 0 [pid 6582] <... close resumed>) = 0 [pid 6582] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5078] mkdir("./299", 0777 [pid 6582] memfd_create("syzkaller", 0 [pid 6580] <... write resumed>) = 2097152 [pid 5078] <... mkdir resumed>) = 0 [pid 6582] <... memfd_create resumed>) = 3 [pid 6582] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [ 291.624857][ T6579] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6580] munmap(0x7f3feae00000, 138412032 [pid 6581] <... write resumed>) = 2097152 [pid 6581] munmap(0x7f3feae00000, 138412032 [pid 6580] <... munmap resumed>) = 0 [pid 6581] <... munmap resumed>) = 0 [pid 6580] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6579] <... mount resumed>) = 0 [pid 6581] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6580] <... openat resumed>) = 4 [pid 6579] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6581] ioctl(4, LOOP_SET_FD, 3 [pid 6580] ioctl(4, LOOP_SET_FD, 3 [pid 6579] <... openat resumed>) = 3 [pid 6579] chdir("./file0") = 0 [pid 6579] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6580] <... ioctl resumed>) = 0 [pid 6580] close(3) = 0 [pid 6580] close(4) = 0 [pid 6579] exit_group(0) = ? [pid 6580] mkdir("./file0", 0777) = 0 [pid 6579] +++ exited with 0 +++ [pid 6580] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6579, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=10 /* 0.10 s */} --- [pid 6581] <... ioctl resumed>) = 0 [pid 5079] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5079] umount2("./295", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... ioctl resumed>) = 0 [pid 6581] close(3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./295", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [ 291.721897][ T6580] loop1: detected capacity change from 0 to 4096 [ 291.730555][ T6581] loop0: detected capacity change from 0 to 4096 [pid 5079] umount2("./295/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6582] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6581] <... close resumed>) = 0 [pid 5078] close(3 [pid 6581] close(4) = 0 [pid 5078] <... close resumed>) = 0 [pid 6581] mkdir("./file0", 0777 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] newfstatat(AT_FDCWD, "./295/binderfs", ./strace-static-x86_64: Process 6583 attached [pid 6581] <... mkdir resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6583] set_robust_list(0x555556d3f660, 24 [pid 6581] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6583 [pid 5079] unlink("./295/binderfs") = 0 [pid 5079] umount2("./295/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6583] <... set_robust_list resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 6583] chdir("./299" [pid 5079] umount2("./295/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6583] <... chdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6583] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5079] newfstatat(AT_FDCWD, "./295/file0", [pid 6583] setpgid(0, 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./295/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6583] <... setpgid resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./295/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6583] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... openat resumed>) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6583] <... openat resumed>) = 3 [pid 5079] getdents64(4, [pid 6583] write(3, "1000", 4) = 4 [pid 6583] close(3 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6583] <... close resumed>) = 0 [pid 5079] close(4 [pid 6583] symlink("/dev/binderfs", "./binderfs" [pid 5079] <... close resumed>) = 0 [pid 6583] <... symlink resumed>) = 0 [pid 5079] rmdir("./295/file0") = 0 [ 291.777200][ T6580] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 291.797654][ T6581] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 6583] memfd_create("syzkaller", 0) = 3 [pid 6581] <... mount resumed>) = 0 [pid 6583] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6581] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6583] <... mmap resumed>) = 0x7f3feae00000 [pid 6581] chdir("./file0") = 0 [pid 6581] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] rmdir("./295" [pid 6582] <... write resumed>) = 2097152 [pid 6581] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... rmdir resumed>) = 0 [pid 6582] munmap(0x7f3feae00000, 138412032 [pid 5079] mkdir("./296", 0777) = 0 [pid 6581] exit_group(0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6581] <... exit_group resumed>) = ? [pid 5079] <... openat resumed>) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6581] +++ exited with 0 +++ [pid 6582] <... munmap resumed>) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6581, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5076] umount2("./296", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6582] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5076] openat(AT_FDCWD, "./296", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6582] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... openat resumed>) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./296/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./296/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./296/binderfs") = 0 [pid 5076] umount2("./296/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5076] umount2("./296/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./296/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6582] <... ioctl resumed>) = 0 [pid 6580] <... mount resumed>) = 0 [pid 5076] umount2("./296/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6582] close(3 [pid 6580] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6582] <... close resumed>) = 0 [pid 6582] close(4 [pid 6583] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6582] <... close resumed>) = 0 [pid 6580] <... openat resumed>) = 3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6582] mkdir("./file0", 0777 [pid 6580] chdir("./file0" [pid 5076] openat(AT_FDCWD, "./296/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, [pid 6582] <... mkdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6582] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6580] <... chdir resumed>) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 6580] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] <... close resumed>) = 0 [pid 6580] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 291.910975][ T6582] loop4: detected capacity change from 0 to 4096 [pid 5076] rmdir("./296/file0" [pid 6580] exit_group(0 [pid 5076] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./296") = 0 [pid 6580] <... exit_group resumed>) = ? [pid 5076] mkdir("./297", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6580] +++ exited with 0 +++ [pid 5076] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6580, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=7 /* 0.07 s */} --- [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] umount2("./297", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./297", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", [pid 5079] <... ioctl resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 6584 attached [pid 5079] close(3 [pid 5077] getdents64(3, [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6584 [pid 6584] set_robust_list(0x555556d3f660, 24 [pid 5079] <... close resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6584] <... set_robust_list resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] umount2("./297/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6584] chdir("./297" [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6584] <... chdir resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./297/binderfs", [ 291.968002][ T6582] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6584] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6584] <... prctl resumed>) = 0 [pid 6584] setpgid(0, 0 [pid 5077] unlink("./297/binderfs" [pid 6584] <... setpgid resumed>) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6585 [pid 5077] <... unlink resumed>) = 0 [pid 6584] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] umount2("./297/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6585 attached [pid 6584] <... openat resumed>) = 3 [pid 6585] set_robust_list(0x555556d3f660, 24 [pid 6584] write(3, "1000", 4) = 4 [pid 6584] close(3 [pid 6585] <... set_robust_list resumed>) = 0 [pid 6584] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 6584] symlink("/dev/binderfs", "./binderfs" [pid 6585] chdir("./296" [pid 6584] <... symlink resumed>) = 0 [pid 6585] <... chdir resumed>) = 0 [pid 6585] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6584] memfd_create("syzkaller", 0 [pid 5077] umount2("./297/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6585] setpgid(0, 0) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./297/file0", [pid 6585] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./297/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./297/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6585] <... openat resumed>) = 3 [pid 5077] <... openat resumed>) = 4 [pid 5077] newfstatat(4, "", [pid 6585] write(3, "1000", 4 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6585] <... write resumed>) = 4 [pid 5077] getdents64(4, [pid 6585] close(3 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6585] <... close resumed>) = 0 [pid 6585] symlink("/dev/binderfs", "./binderfs" [pid 6582] <... mount resumed>) = 0 [pid 5077] getdents64(4, [pid 6585] <... symlink resumed>) = 0 [pid 6584] <... memfd_create resumed>) = 3 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6584] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] close(4 [pid 6584] <... mmap resumed>) = 0x7f3feae00000 [pid 6582] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6585] memfd_create("syzkaller", 0) = 3 [pid 6583] <... write resumed>) = 2097152 [pid 6582] <... openat resumed>) = 3 [pid 5077] <... close resumed>) = 0 [pid 6585] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6583] munmap(0x7f3feae00000, 138412032 [pid 6582] chdir("./file0" [pid 6585] <... mmap resumed>) = 0x7f3feae00000 [pid 6582] <... chdir resumed>) = 0 [pid 5077] rmdir("./297/file0") = 0 [pid 5077] getdents64(3, [pid 6582] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./297" [pid 6583] <... munmap resumed>) = 0 [pid 6582] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] <... rmdir resumed>) = 0 [pid 5077] mkdir("./298", 0777) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6582] exit_group(0 [pid 5077] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6582] <... exit_group resumed>) = ? [pid 6583] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6582] +++ exited with 0 +++ [pid 6583] <... openat resumed>) = 4 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6582, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 6583] ioctl(4, LOOP_SET_FD, 3 [pid 5080] umount2("./294", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./294", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, [pid 6584] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6583] <... ioctl resumed>) = 0 [pid 6583] close(3) = 0 [pid 6585] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6583] close(4 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./294/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./294/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./294/binderfs") = 0 [pid 5080] umount2("./294/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6583] <... close resumed>) = 0 [pid 5080] <... umount2 resumed>) = 0 [ 292.164828][ T6583] loop2: detected capacity change from 0 to 4096 [pid 6583] mkdir("./file0", 0777) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5080] umount2("./294/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6583] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5080] newfstatat(AT_FDCWD, "./294/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6586 ./strace-static-x86_64: Process 6586 attached [pid 6586] set_robust_list(0x555556d3f660, 24) = 0 [pid 6586] chdir("./298") = 0 [pid 6586] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6586] setpgid(0, 0 [pid 5080] umount2("./294/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6586] <... setpgid resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6586] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] openat(AT_FDCWD, "./294/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6586] <... openat resumed>) = 3 [pid 5080] <... openat resumed>) = 4 [pid 6586] write(3, "1000", 4) = 4 [pid 5080] newfstatat(4, "", [pid 6586] close(3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6586] <... close resumed>) = 0 [pid 6586] symlink("/dev/binderfs", "./binderfs" [pid 5080] getdents64(4, [pid 6586] <... symlink resumed>) = 0 [pid 6585] <... write resumed>) = 2097152 [pid 6584] <... write resumed>) = 2097152 [pid 6585] munmap(0x7f3feae00000, 138412032) = 0 [pid 6584] munmap(0x7f3feae00000, 138412032 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6586] memfd_create("syzkaller", 0 [ 292.249264][ T6583] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5080] close(4 [pid 6584] <... munmap resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./294/file0" [pid 6584] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6585] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6584] <... openat resumed>) = 4 [pid 6586] <... memfd_create resumed>) = 3 [pid 6585] <... openat resumed>) = 4 [pid 6584] ioctl(4, LOOP_SET_FD, 3 [pid 6585] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... rmdir resumed>) = 0 [pid 6586] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6584] <... ioctl resumed>) = 0 [pid 6586] <... mmap resumed>) = 0x7f3feae00000 [pid 6584] close(3 [pid 5080] getdents64(3, [pid 6584] <... close resumed>) = 0 [pid 6584] close(4 [pid 6585] <... ioctl resumed>) = 0 [pid 6584] <... close resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6584] mkdir("./file0", 0777 [pid 6585] close(3) = 0 [pid 6584] <... mkdir resumed>) = 0 [pid 6583] <... mount resumed>) = 0 [pid 5080] close(3 [pid 6585] close(4 [pid 5080] <... close resumed>) = 0 [pid 6585] <... close resumed>) = 0 [pid 5080] rmdir("./294" [pid 6585] mkdir("./file0", 0777 [pid 5080] <... rmdir resumed>) = 0 [pid 6585] <... mkdir resumed>) = 0 [pid 6584] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6583] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] mkdir("./295", 0777 [pid 6583] <... openat resumed>) = 3 [pid 5080] <... mkdir resumed>) = 0 [ 292.320798][ T6585] loop3: detected capacity change from 0 to 4096 [ 292.329614][ T6584] loop0: detected capacity change from 0 to 4096 [pid 6585] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6583] chdir("./file0" [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6583] <... chdir resumed>) = 0 [pid 6583] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6583] exit_group(0) = ? [pid 6583] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6583, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5078] umount2("./299", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./299", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./299/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./299/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./299/binderfs") = 0 [pid 5078] umount2("./299/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [ 292.373745][ T6584] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 292.374385][ T6585] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5078] umount2("./299/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./299/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./299/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./299/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5078] getdents64(4, [pid 5080] close(3 [pid 6586] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./299/file0" [pid 5080] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... rmdir resumed>) = 0 [pid 5078] getdents64(3, [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6587 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3./strace-static-x86_64: Process 6587 attached [pid 6585] <... mount resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 6587] set_robust_list(0x555556d3f660, 24 [pid 6585] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] rmdir("./299" [pid 6585] <... openat resumed>) = 3 [pid 6585] chdir("./file0" [pid 6587] <... set_robust_list resumed>) = 0 [pid 6585] <... chdir resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 6587] chdir("./295" [pid 6585] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6584] <... mount resumed>) = 0 [pid 5078] mkdir("./300", 0777 [pid 6587] <... chdir resumed>) = 0 [pid 6585] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6587] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6585] exit_group(0 [pid 6584] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] <... mkdir resumed>) = 0 [pid 6587] <... prctl resumed>) = 0 [pid 6585] <... exit_group resumed>) = ? [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6587] setpgid(0, 0 [pid 6585] +++ exited with 0 +++ [pid 6584] <... openat resumed>) = 3 [pid 5078] <... openat resumed>) = 3 [pid 6587] <... setpgid resumed>) = 0 [pid 6584] chdir("./file0" [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6585, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6587] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6584] <... chdir resumed>) = 0 [pid 6587] <... openat resumed>) = 3 [pid 6584] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6587] write(3, "1000", 4 [pid 6586] <... write resumed>) = 2097152 [pid 6584] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6587] <... write resumed>) = 4 [pid 6586] munmap(0x7f3feae00000, 138412032 [pid 6584] exit_group(0 [pid 6587] close(3 [pid 6584] <... exit_group resumed>) = ? [pid 6587] <... close resumed>) = 0 [pid 6587] symlink("/dev/binderfs", "./binderfs" [pid 5079] umount2("./296", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6584] +++ exited with 0 +++ [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6587] <... symlink resumed>) = 0 [pid 6586] <... munmap resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./296", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6586] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] <... openat resumed>) = 3 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6584, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5079] newfstatat(3, "", [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 6586] <... openat resumed>) = 4 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... restart_syscall resumed>) = 0 [pid 6586] ioctl(4, LOOP_SET_FD, 3 [pid 5079] getdents64(3, [pid 6587] memfd_create("syzkaller", 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./297", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./297", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./297/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./297/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./297/binderfs" [pid 5079] umount2("./296/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6587] <... memfd_create resumed>) = 3 [pid 6586] <... ioctl resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6587] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6586] close(3 [pid 5079] newfstatat(AT_FDCWD, "./296/binderfs", [pid 5076] <... unlink resumed>) = 0 [pid 5076] umount2("./297/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6586] <... close resumed>) = 0 [pid 6586] close(4) = 0 [pid 5079] unlink("./296/binderfs" [pid 6586] mkdir("./file0", 0777) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 5079] umount2("./296/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = 0 [pid 6586] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5076] umount2("./297/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./297/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./297/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./297/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./297/file0") = 0 [pid 5076] getdents64(3, [pid 5079] <... umount2 resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./297") = 0 [ 292.567101][ T6586] loop1: detected capacity change from 0 to 4096 [ 292.598326][ T6586] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5076] mkdir("./298", 0777 [pid 5079] umount2("./296/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] close(3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... close resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] newfstatat(AT_FDCWD, "./296/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./296/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./296/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... openat resumed>) = 4 ./strace-static-x86_64: Process 6588 attached [pid 6588] set_robust_list(0x555556d3f660, 24 [pid 6586] <... mount resumed>) = 0 [pid 5079] newfstatat(4, "", [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6588 [pid 5076] <... openat resumed>) = 3 [pid 6586] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6588] <... set_robust_list resumed>) = 0 [pid 6588] chdir("./300" [pid 6587] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6586] chdir("./file0") = 0 [pid 6588] <... chdir resumed>) = 0 [pid 6586] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, [pid 6588] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6586] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6588] <... prctl resumed>) = 0 [pid 6586] exit_group(0 [pid 5079] getdents64(4, [pid 6588] setpgid(0, 0 [pid 6586] <... exit_group resumed>) = ? [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./296/file0") = 0 [pid 6586] +++ exited with 0 +++ [pid 5079] getdents64(3, [pid 6588] <... setpgid resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./296") = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6586, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5079] mkdir("./297", 0777 [pid 5077] umount2("./298", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... mkdir resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./298", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6588] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] newfstatat(3, "", [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6588] <... openat resumed>) = 3 [pid 6588] write(3, "1000", 4 [pid 5079] <... openat resumed>) = 3 [pid 5077] getdents64(3, [pid 6588] <... write resumed>) = 4 [pid 6588] close(3) = 0 [pid 6587] <... write resumed>) = 2097152 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6588] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6588] <... symlink resumed>) = 0 [pid 5077] umount2("./298/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6588] memfd_create("syzkaller", 0 [pid 6587] munmap(0x7f3feae00000, 138412032 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./298/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./298/binderfs") = 0 [pid 5077] umount2("./298/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 6588] <... memfd_create resumed>) = 3 [pid 6587] <... munmap resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 6587] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] umount2("./298/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6588] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] close(3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... close resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./298/file0", [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./298/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6588] <... mmap resumed>) = 0x7f3feae00000 [pid 6587] <... openat resumed>) = 4 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6587] ioctl(4, LOOP_SET_FD, 3 [pid 5077] openat(AT_FDCWD, "./298/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6589 attached ) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./298/file0") = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6589 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./298") = 0 [pid 5077] mkdir("./299", 0777) = 0 [pid 6589] set_robust_list(0x555556d3f660, 24) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6587] <... ioctl resumed>) = 0 [pid 6587] close(3) = 0 [pid 6587] close(4) = 0 [pid 6587] mkdir("./file0", 0777) = 0 [pid 6587] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5079] <... ioctl resumed>) = 0 [pid 6589] chdir("./298") = 0 [pid 5079] close(3) = 0 [ 292.787142][ T6587] loop4: detected capacity change from 0 to 4096 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6589] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6590 [pid 6589] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 6590 attached [pid 6590] set_robust_list(0x555556d3f660, 24) = 0 [pid 6590] chdir("./297") = 0 [pid 6590] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6590] setpgid(0, 0) = 0 [pid 6589] setpgid(0, 0) = 0 [pid 6590] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6589] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6589] write(3, "1000", 4) = 4 [pid 6589] close(3) = 0 [pid 6589] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6590] <... openat resumed>) = 3 [pid 6590] write(3, "1000", 4 [pid 6589] memfd_create("syzkaller", 0 [pid 6590] <... write resumed>) = 4 [pid 6589] <... memfd_create resumed>) = 3 [pid 6590] close(3 [pid 6589] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6588] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6589] <... mmap resumed>) = 0x7f3feae00000 [pid 6590] <... close resumed>) = 0 [pid 6590] symlink("/dev/binderfs", "./binderfs") = 0 [ 292.836369][ T6587] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6590] memfd_create("syzkaller", 0 [pid 5077] <... ioctl resumed>) = 0 [pid 6590] <... memfd_create resumed>) = 3 [pid 6590] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6591 attached , child_tidptr=0x555556d3f650) = 6591 [pid 6591] set_robust_list(0x555556d3f660, 24) = 0 [pid 6591] chdir("./299") = 0 [pid 6591] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6591] setpgid(0, 0) = 0 [pid 6591] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6591] write(3, "1000", 4) = 4 [pid 6591] close(3) = 0 [pid 6588] <... write resumed>) = 2097152 [pid 6591] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6588] munmap(0x7f3feae00000, 138412032 [pid 6589] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6590] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6591] memfd_create("syzkaller", 0 [pid 6587] <... mount resumed>) = 0 [pid 6588] <... munmap resumed>) = 0 [pid 6588] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6587] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6591] <... memfd_create resumed>) = 3 [pid 6588] <... openat resumed>) = 4 [pid 6587] <... openat resumed>) = 3 [pid 6591] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6588] ioctl(4, LOOP_SET_FD, 3 [pid 6587] chdir("./file0") = 0 [pid 6587] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6591] <... mmap resumed>) = 0x7f3feae00000 [pid 6587] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6590] <... write resumed>) = 2097152 [pid 6587] exit_group(0) = ? [pid 6590] munmap(0x7f3feae00000, 138412032 [pid 6589] <... write resumed>) = 2097152 [pid 6587] +++ exited with 0 +++ [pid 6588] <... ioctl resumed>) = 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6587, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 6588] close(3 [pid 5080] restart_syscall(<... resuming interrupted clone ...> [pid 6588] <... close resumed>) = 0 [pid 6588] close(4 [pid 6590] <... munmap resumed>) = 0 [pid 6588] <... close resumed>) = 0 [pid 6589] munmap(0x7f3feae00000, 138412032 [pid 6590] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6588] mkdir("./file0", 0777 [pid 5080] <... restart_syscall resumed>) = 0 [pid 6590] <... openat resumed>) = 4 [pid 6589] <... munmap resumed>) = 0 [pid 6590] ioctl(4, LOOP_SET_FD, 3 [pid 6588] <... mkdir resumed>) = 0 [pid 6588] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [ 293.023361][ T6588] loop2: detected capacity change from 0 to 4096 [pid 5080] umount2("./295", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6591] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6589] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./295", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", [pid 6590] <... ioctl resumed>) = 0 [pid 6589] <... openat resumed>) = 4 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6590] close(3) = 0 [pid 6590] close(4) = 0 [pid 6589] ioctl(4, LOOP_SET_FD, 3 [pid 5080] getdents64(3, [pid 6590] mkdir("./file0", 0777 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [ 293.081560][ T6590] loop3: detected capacity change from 0 to 4096 [ 293.094291][ T6588] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6590] <... mkdir resumed>) = 0 [pid 6591] <... write resumed>) = 2097152 [pid 6589] <... ioctl resumed>) = 0 [pid 5080] umount2("./295/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6590] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6591] munmap(0x7f3feae00000, 138412032 [pid 6589] close(3 [pid 5080] newfstatat(AT_FDCWD, "./295/binderfs", [pid 6589] <... close resumed>) = 0 [pid 6589] close(4 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6589] <... close resumed>) = 0 [pid 5080] unlink("./295/binderfs" [pid 6589] mkdir("./file0", 0777 [pid 5080] <... unlink resumed>) = 0 [pid 5080] umount2("./295/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6589] <... mkdir resumed>) = 0 [pid 6589] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6591] <... munmap resumed>) = 0 [pid 5080] <... umount2 resumed>) = 0 [pid 6591] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] umount2("./295/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./295/file0", [pid 6591] <... openat resumed>) = 4 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6591] ioctl(4, LOOP_SET_FD, 3 [ 293.123003][ T6589] loop0: detected capacity change from 0 to 4096 [ 293.135509][ T6590] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 293.161472][ T6589] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5080] umount2("./295/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6590] <... mount resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./295/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6590] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] newfstatat(4, "", [pid 6590] <... openat resumed>) = 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6590] chdir("./file0" [pid 5080] getdents64(4, [pid 6590] <... chdir resumed>) = 0 [pid 6591] <... ioctl resumed>) = 0 [pid 6590] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6590] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6590] exit_group(0) = ? [pid 6590] +++ exited with 0 +++ [pid 6591] close(3 [pid 5080] getdents64(4, [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6590, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 6591] <... close resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6591] close(4 [ 293.182343][ T6591] loop1: detected capacity change from 0 to 4096 [pid 5080] close(4 [pid 6591] <... close resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5079] umount2("./297", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6591] mkdir("./file0", 0777 [pid 5080] rmdir("./295/file0" [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./297", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./297/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... rmdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./297/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] getdents64(3, [pid 5079] unlink("./297/binderfs" [pid 6588] <... mount resumed>) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] umount2("./297/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] close(3) = 0 [pid 5080] rmdir("./295" [pid 5079] <... umount2 resumed>) = 0 [pid 6588] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... rmdir resumed>) = 0 [pid 5079] umount2("./297/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6588] <... openat resumed>) = 3 [pid 5080] mkdir("./296", 0777 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6588] chdir("./file0" [pid 5080] <... mkdir resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./297/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6591] <... mkdir resumed>) = 0 [pid 6588] <... chdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] umount2("./297/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6588] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6591] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6588] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... openat resumed>) = 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6588] exit_group(0 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5079] openat(AT_FDCWD, "./297/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6588] <... exit_group resumed>) = ? [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4 [pid 6588] +++ exited with 0 +++ [pid 5079] <... close resumed>) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6588, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 6589] <... mount resumed>) = 0 [pid 5079] rmdir("./297/file0" [pid 6589] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... rmdir resumed>) = 0 [pid 6589] <... openat resumed>) = 3 [pid 5079] getdents64(3, [pid 6589] chdir("./file0" [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6589] <... chdir resumed>) = 0 [pid 5079] close(3 [pid 6589] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5079] <... close resumed>) = 0 [pid 5078] umount2("./300", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6589] exit_group(0 [pid 5079] rmdir("./297" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6589] <... exit_group resumed>) = ? [pid 5078] openat(AT_FDCWD, "./300", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6589] +++ exited with 0 +++ [pid 5079] <... rmdir resumed>) = 0 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6589, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5076] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5078] getdents64(3, [pid 5079] mkdir("./298", 0777 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./300/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] umount2("./298", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... mkdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] openat(AT_FDCWD, "./298", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... openat resumed>) = 3 [pid 5078] newfstatat(AT_FDCWD, "./300/binderfs", [pid 5076] <... openat resumed>) = 3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./300/binderfs") = 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, [pid 5078] umount2("./300/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./298/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 293.299930][ T6591] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5076] newfstatat(AT_FDCWD, "./298/binderfs", [pid 5078] umount2("./300/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./300/file0", [pid 5076] unlink("./298/binderfs" [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./300/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... unlink resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./300/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] umount2("./298/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5078] close(4 [pid 5080] close(3 [pid 5078] <... close resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5078] rmdir("./300/file0" [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5078] getdents64(3, ./strace-static-x86_64: Process 6592 attached 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] umount2("./298/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6592] set_robust_list(0x555556d3f660, 24 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6592 [pid 6592] <... set_robust_list resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./298/file0", [pid 6592] chdir("./296" [pid 5078] close(3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6592] <... chdir resumed>) = 0 [pid 6592] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] umount2("./298/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6592] <... prctl resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6592] setpgid(0, 0 [pid 5076] openat(AT_FDCWD, "./298/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] rmdir("./300" [pid 5076] <... openat resumed>) = 4 [pid 5078] <... rmdir resumed>) = 0 [pid 5076] newfstatat(4, "", [pid 6592] <... setpgid resumed>) = 0 [pid 5078] mkdir("./301", 0777 [pid 6592] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... ioctl resumed>) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6592] <... openat resumed>) = 3 [pid 6591] <... mount resumed>) = 0 [pid 5079] close(3 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6592] write(3, "1000", 4 [pid 6591] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... close resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5076] getdents64(4, [pid 6592] <... write resumed>) = 4 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6592] close(3 [pid 6591] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] getdents64(4, [pid 6592] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6592] symlink("/dev/binderfs", "./binderfs" [pid 6591] chdir("./file0" [pid 5076] close(4./strace-static-x86_64: Process 6593 attached [pid 6592] <... symlink resumed>) = 0 [pid 6591] <... chdir resumed>) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6593 [pid 5076] <... close resumed>) = 0 [pid 6593] set_robust_list(0x555556d3f660, 24 [pid 6592] memfd_create("syzkaller", 0 [pid 6591] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] rmdir("./298/file0" [pid 6592] <... memfd_create resumed>) = 3 [pid 6591] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] <... rmdir resumed>) = 0 [pid 6593] <... set_robust_list resumed>) = 0 [pid 6592] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] getdents64(3, [pid 6591] exit_group(0 [pid 6593] chdir("./298" [pid 6592] <... mmap resumed>) = 0x7f3feae00000 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./298") = 0 [pid 6593] <... chdir resumed>) = 0 [pid 5076] mkdir("./299", 0777 [pid 6593] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6591] <... exit_group resumed>) = ? [pid 6593] <... prctl resumed>) = 0 [pid 6591] +++ exited with 0 +++ [pid 6593] setpgid(0, 0) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6591, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5076] <... mkdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6593] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] restart_syscall(<... resuming interrupted clone ...> [pid 6593] <... openat resumed>) = 3 [pid 5077] <... restart_syscall resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5077] umount2("./299", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./299", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6593] write(3, "1000", 4 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6593] <... write resumed>) = 4 [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./299/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./299/binderfs", [pid 6593] close(3) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6593] symlink("/dev/binderfs", "./binderfs" [pid 5077] unlink("./299/binderfs" [pid 6593] <... symlink resumed>) = 0 [pid 6593] memfd_create("syzkaller", 0 [pid 5077] <... unlink resumed>) = 0 [pid 6593] <... memfd_create resumed>) = 3 [pid 5078] <... ioctl resumed>) = 0 [pid 5077] umount2("./299/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6593] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5077] <... umount2 resumed>) = 0 [pid 5077] umount2("./299/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] close(3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./299/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./299/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./299/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... close resumed>) = 0 [pid 5077] getdents64(4, [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./299/file0") = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./299") = 0 [pid 5077] mkdir("./300", 0777./strace-static-x86_64: Process 6594 attached [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6594 [pid 5077] <... mkdir resumed>) = 0 [pid 6594] set_robust_list(0x555556d3f660, 24 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6594] <... set_robust_list resumed>) = 0 [pid 6594] chdir("./301" [pid 5076] <... ioctl resumed>) = 0 [pid 6594] <... chdir resumed>) = 0 [pid 6594] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6592] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6594] <... prctl resumed>) = 0 [pid 6594] setpgid(0, 0) = 0 [pid 6594] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] close(3 [pid 6594] <... openat resumed>) = 3 [pid 5076] <... close resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6594] write(3, "1000", 4) = 4 ./strace-static-x86_64: Process 6595 attached [pid 6594] close(3 [pid 6595] set_robust_list(0x555556d3f660, 24 [pid 6594] <... close resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6595 [pid 6595] <... set_robust_list resumed>) = 0 [pid 6594] symlink("/dev/binderfs", "./binderfs" [pid 6595] chdir("./299") = 0 [pid 6595] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6594] <... symlink resumed>) = 0 [pid 6595] <... prctl resumed>) = 0 [pid 6595] setpgid(0, 0) = 0 [pid 6595] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6595] write(3, "1000", 4 [pid 6594] memfd_create("syzkaller", 0 [pid 6592] <... write resumed>) = 2097152 [pid 6595] <... write resumed>) = 4 [pid 6595] close(3 [pid 6593] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6595] <... close resumed>) = 0 [pid 6594] <... memfd_create resumed>) = 3 [pid 6592] munmap(0x7f3feae00000, 138412032 [pid 6595] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6594] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6595] memfd_create("syzkaller", 0) = 3 [pid 6594] <... mmap resumed>) = 0x7f3feae00000 [pid 6592] <... munmap resumed>) = 0 [pid 6595] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6592] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6592] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... ioctl resumed>) = 0 [pid 6592] <... ioctl resumed>) = 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6593] <... write resumed>) = 2097152 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6596 [pid 6592] close(3 [pid 6593] munmap(0x7f3feae00000, 138412032 [pid 6592] <... close resumed>) = 0 ./strace-static-x86_64: Process 6596 attached [pid 6592] close(4 [pid 6596] set_robust_list(0x555556d3f660, 24 [pid 6592] <... close resumed>) = 0 [pid 6596] <... set_robust_list resumed>) = 0 [pid 6592] mkdir("./file0", 0777 [pid 6596] chdir("./300" [pid 6594] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6593] <... munmap resumed>) = 0 [pid 6596] <... chdir resumed>) = 0 [pid 6596] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6596] setpgid(0, 0) = 0 [pid 6596] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6593] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6592] <... mkdir resumed>) = 0 [pid 6593] <... openat resumed>) = 4 [ 293.680533][ T6592] loop4: detected capacity change from 0 to 4096 [pid 6593] ioctl(4, LOOP_SET_FD, 3 [pid 6592] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6596] write(3, "1000", 4) = 4 [pid 6596] close(3) = 0 [pid 6596] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6595] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6596] memfd_create("syzkaller", 0) = 3 [pid 6596] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6593] <... ioctl resumed>) = 0 [pid 6593] close(3) = 0 [pid 6593] close(4) = 0 [pid 6593] mkdir("./file0", 0777) = 0 [ 293.726497][ T6593] loop3: detected capacity change from 0 to 4096 [ 293.740562][ T6592] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6593] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6594] <... write resumed>) = 2097152 [ 293.773335][ T6593] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6594] munmap(0x7f3feae00000, 138412032 [pid 6592] <... mount resumed>) = 0 [pid 6594] <... munmap resumed>) = 0 [pid 6592] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6594] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6592] <... openat resumed>) = 3 [pid 6592] chdir("./file0" [pid 6594] <... openat resumed>) = 4 [pid 6592] <... chdir resumed>) = 0 [pid 6594] ioctl(4, LOOP_SET_FD, 3 [pid 6592] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6596] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6595] <... write resumed>) = 2097152 [pid 6594] <... ioctl resumed>) = 0 [pid 6592] exit_group(0 [pid 6595] munmap(0x7f3feae00000, 138412032 [pid 6592] <... exit_group resumed>) = ? [pid 6594] close(3 [pid 6592] +++ exited with 0 +++ [pid 6594] <... close resumed>) = 0 [pid 6594] close(4 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6592, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=7 /* 0.07 s */} --- [pid 6594] <... close resumed>) = 0 [pid 6594] mkdir("./file0", 0777 [pid 6595] <... munmap resumed>) = 0 [pid 6595] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] umount2("./296", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6594] <... mkdir resumed>) = 0 [ 293.856758][ T6594] loop2: detected capacity change from 0 to 4096 [pid 6595] <... openat resumed>) = 4 [pid 6594] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6593] <... mount resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./296", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6595] ioctl(4, LOOP_SET_FD, 3 [pid 6593] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] newfstatat(3, "", [pid 6593] <... openat resumed>) = 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./296/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6593] chdir("./file0" [pid 5080] newfstatat(AT_FDCWD, "./296/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./296/binderfs") = 0 [pid 6593] <... chdir resumed>) = 0 [pid 6593] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] umount2("./296/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6595] <... ioctl resumed>) = 0 [pid 6595] close(3 [pid 6593] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6595] <... close resumed>) = 0 [pid 6593] exit_group(0 [pid 5080] <... umount2 resumed>) = 0 [pid 6593] <... exit_group resumed>) = ? [pid 6595] close(4) = 0 [ 293.904874][ T6594] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 293.911650][ T6595] loop0: detected capacity change from 0 to 4096 [pid 6595] mkdir("./file0", 0777) = 0 [pid 6595] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5080] umount2("./296/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./296/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./296/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./296/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6593] +++ exited with 0 +++ [pid 5080] newfstatat(4, "", [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6593, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 6596] <... write resumed>) = 2097152 [pid 6594] <... mount resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6596] munmap(0x7f3feae00000, 138412032 [pid 5079] umount2("./298", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] getdents64(4, [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6594] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] openat(AT_FDCWD, "./298", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6594] <... openat resumed>) = 3 [pid 6596] <... munmap resumed>) = 0 [pid 6594] chdir("./file0" [pid 5080] getdents64(4, [pid 5079] <... openat resumed>) = 3 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 6594] <... chdir resumed>) = 0 [pid 5080] rmdir("./296/file0" [pid 5079] newfstatat(3, "", [pid 6596] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6594] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] <... rmdir resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6594] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] getdents64(3, [pid 5079] getdents64(3, [pid 6596] <... openat resumed>) = 4 [pid 6594] exit_group(0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [ 293.977611][ T6595] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6596] ioctl(4, LOOP_SET_FD, 3 [pid 6594] <... exit_group resumed>) = ? [pid 5080] close(3 [pid 5079] umount2("./298/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6596] <... ioctl resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] rmdir("./296" [pid 5079] newfstatat(AT_FDCWD, "./298/binderfs", [pid 6596] close(3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6596] <... close resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 6596] close(4 [pid 5080] mkdir("./297", 0777 [pid 5079] unlink("./298/binderfs" [pid 6596] <... close resumed>) = 0 [pid 6596] mkdir("./file0", 0777 [pid 5079] <... unlink resumed>) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 6596] <... mkdir resumed>) = 0 [pid 5079] umount2("./298/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6596] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6594] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6594, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=7 /* 0.07 s */} --- [pid 5078] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5078] umount2("./301", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] <... umount2 resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... openat resumed>) = 3 [pid 5078] openat(AT_FDCWD, "./301", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5079] umount2("./298/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... openat resumed>) = 3 [pid 5078] newfstatat(3, "", [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] newfstatat(AT_FDCWD, "./298/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] getdents64(3, [pid 5079] umount2("./298/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./298/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] umount2("./301/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./301/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./301/binderfs") = 0 [pid 5079] getdents64(4, [pid 5078] umount2("./301/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] <... umount2 resumed>) = 0 [pid 5078] umount2("./301/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./301/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./301/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./301/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, [pid 5078] getdents64(4, [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] close(4) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./301/file0" [pid 5079] rmdir("./298/file0" [pid 6595] <... mount resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [ 294.027113][ T6596] loop1: detected capacity change from 0 to 4096 [ 294.054884][ T6596] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6595] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] getdents64(3, [pid 5078] <... rmdir resumed>) = 0 [pid 6595] <... openat resumed>) = 3 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6595] chdir("./file0" [pid 5079] close(3 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./301" [pid 6595] <... chdir resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 6595] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] rmdir("./298" [pid 6595] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... rmdir resumed>) = 0 [pid 6595] exit_group(0 [pid 5078] mkdir("./302", 0777 [pid 5079] mkdir("./299", 0777 [pid 5078] <... mkdir resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5080] close(3 [pid 5079] <... mkdir resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6595] <... exit_group resumed>) = ? [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5079] <... openat resumed>) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6597 ./strace-static-x86_64: Process 6597 attached [pid 6597] set_robust_list(0x555556d3f660, 24) = 0 [pid 6597] chdir("./297" [pid 6595] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6595, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 6597] <... chdir resumed>) = 0 [pid 6597] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] umount2("./299", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6597] <... prctl resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./299", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6597] setpgid(0, 0) = 0 [pid 5076] <... openat resumed>) = 3 [pid 6597] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6596] <... mount resumed>) = 0 [pid 5076] newfstatat(3, "", [pid 6596] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6597] <... openat resumed>) = 3 [pid 6596] <... openat resumed>) = 3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6597] write(3, "1000", 4 [pid 6596] chdir("./file0" [pid 6597] <... write resumed>) = 4 [pid 6596] <... chdir resumed>) = 0 [pid 5076] getdents64(3, [pid 6597] close(3 [pid 6596] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6597] <... close resumed>) = 0 [pid 6596] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6597] symlink("/dev/binderfs", "./binderfs" [pid 5076] umount2("./299/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6597] <... symlink resumed>) = 0 [pid 6596] exit_group(0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./299/binderfs", [pid 6596] <... exit_group resumed>) = ? [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./299/binderfs") = 0 [pid 5076] umount2("./299/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6597] memfd_create("syzkaller", 0 [pid 6596] +++ exited with 0 +++ [pid 5076] <... umount2 resumed>) = 0 [pid 6597] <... memfd_create resumed>) = 3 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6596, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5076] umount2("./299/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6597] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./299/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./299/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] umount2("./300", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./299/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] openat(AT_FDCWD, "./300", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... openat resumed>) = 4 [pid 5077] <... openat resumed>) = 3 [pid 5076] newfstatat(4, "", [pid 5079] <... ioctl resumed>) = 0 [pid 5077] newfstatat(3, "", [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, [pid 5077] getdents64(3, [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] getdents64(4, [pid 5077] umount2("./300/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./299/file0" [pid 5077] newfstatat(AT_FDCWD, "./300/binderfs", [pid 5076] <... rmdir resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] getdents64(3, [pid 5077] unlink("./300/binderfs" [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5079] close(3 [pid 5077] <... unlink resumed>) = 0 [pid 5076] close(3 [pid 5077] umount2("./300/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... close resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] rmdir("./299") = 0 [pid 5076] mkdir("./300", 0777./strace-static-x86_64: Process 6598 attached ) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6598 [pid 5078] close(3 [pid 6598] set_robust_list(0x555556d3f660, 24 [pid 5078] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 6598] <... set_robust_list resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 6599 attached [pid 6598] chdir("./299" [pid 6597] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] umount2("./300/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6599] set_robust_list(0x555556d3f660, 24 [pid 6598] <... chdir resumed>) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6599 [pid 6599] <... set_robust_list resumed>) = 0 [pid 6598] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6599] chdir("./302" [pid 6598] <... prctl resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./300/file0", [pid 6599] <... chdir resumed>) = 0 [pid 6599] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6598] setpgid(0, 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6599] <... prctl resumed>) = 0 [pid 5077] umount2("./300/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6598] <... setpgid resumed>) = 0 [pid 6598] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6599] setpgid(0, 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6599] <... setpgid resumed>) = 0 [pid 6598] <... openat resumed>) = 3 [pid 5077] openat(AT_FDCWD, "./300/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6599] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6598] write(3, "1000", 4 [pid 5077] <... openat resumed>) = 4 [pid 6599] <... openat resumed>) = 3 [pid 6598] <... write resumed>) = 4 [pid 5077] newfstatat(4, "", [pid 6599] write(3, "1000", 4 [pid 6598] close(3 [pid 6599] <... write resumed>) = 4 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6598] <... close resumed>) = 0 [pid 6599] close(3 [pid 5077] getdents64(4, [pid 6599] <... close resumed>) = 0 [pid 6598] symlink("/dev/binderfs", "./binderfs" [pid 6599] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6599] <... symlink resumed>) = 0 [pid 6598] <... symlink resumed>) = 0 [pid 6597] <... write resumed>) = 2097152 [pid 5077] getdents64(4, [pid 6599] memfd_create("syzkaller", 0 [pid 6598] memfd_create("syzkaller", 0 [pid 6597] munmap(0x7f3feae00000, 138412032 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./300/file0") = 0 [pid 6599] <... memfd_create resumed>) = 3 [pid 6599] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6598] <... memfd_create resumed>) = 3 [pid 6599] <... mmap resumed>) = 0x7f3feae00000 [pid 6598] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 6597] <... munmap resumed>) = 0 [pid 5077] rmdir("./300") = 0 [pid 5077] mkdir("./301", 0777) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6597] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] <... ioctl resumed>) = 0 [pid 6597] <... openat resumed>) = 4 [pid 6597] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6600 ./strace-static-x86_64: Process 6600 attached [pid 6600] set_robust_list(0x555556d3f660, 24) = 0 [pid 6600] chdir("./300") = 0 [pid 6600] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6600] setpgid(0, 0) = 0 [pid 6600] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6597] close(3 [pid 6600] <... openat resumed>) = 3 [pid 6597] <... close resumed>) = 0 [pid 6597] close(4) = 0 [pid 6597] mkdir("./file0", 0777) = 0 [pid 6600] write(3, "1000", 4 [pid 6597] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6600] <... write resumed>) = 4 [pid 6600] close(3) = 0 [ 294.351549][ T6597] loop4: detected capacity change from 0 to 4096 [pid 6600] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6600] memfd_create("syzkaller", 0) = 3 [pid 6600] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5077] <... ioctl resumed>) = 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [ 294.419240][ T6597] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6598] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6601 ./strace-static-x86_64: Process 6601 attached [pid 6599] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6601] set_robust_list(0x555556d3f660, 24) = 0 [pid 6601] chdir("./301") = 0 [pid 6601] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6601] setpgid(0, 0) = 0 [pid 6601] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6601] write(3, "1000", 4) = 4 [pid 6601] close(3 [pid 6597] <... mount resumed>) = 0 [pid 6601] <... close resumed>) = 0 [pid 6601] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6601] memfd_create("syzkaller", 0 [pid 6597] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6597] chdir("./file0") = 0 [pid 6597] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6597] exit_group(0 [pid 6601] <... memfd_create resumed>) = 3 [pid 6601] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6597] <... exit_group resumed>) = ? [pid 6597] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6597, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5080] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5080] umount2("./297", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./297", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", [pid 6598] <... write resumed>) = 2097152 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6598] munmap(0x7f3feae00000, 138412032 [pid 5080] getdents64(3, [pid 6599] <... write resumed>) = 2097152 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./297/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./297/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./297/binderfs") = 0 [pid 5080] umount2("./297/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6598] <... munmap resumed>) = 0 [pid 5080] <... umount2 resumed>) = 0 [pid 6598] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6599] munmap(0x7f3feae00000, 138412032 [pid 6598] <... openat resumed>) = 4 [pid 6598] ioctl(4, LOOP_SET_FD, 3 [pid 5080] umount2("./297/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6600] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6599] <... munmap resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./297/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./297/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./297/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6601] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6599] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6598] <... ioctl resumed>) = 0 [pid 5080] newfstatat(4, "", [pid 6599] <... openat resumed>) = 4 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6599] ioctl(4, LOOP_SET_FD, 3 [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6598] close(3) = 0 [pid 6598] close(4) = 0 [pid 6598] mkdir("./file0", 0777) = 0 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6598] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5080] close(4) = 0 [pid 5080] rmdir("./297/file0" [pid 6599] <... ioctl resumed>) = 0 [pid 6599] close(3 [pid 5080] <... rmdir resumed>) = 0 [pid 6599] <... close resumed>) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [ 294.591424][ T6598] loop3: detected capacity change from 0 to 4096 [ 294.610129][ T6599] loop2: detected capacity change from 0 to 4096 [pid 5080] close(3 [pid 6599] close(4 [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./297" [pid 6599] <... close resumed>) = 0 [pid 6599] mkdir("./file0", 0777 [pid 6600] <... write resumed>) = 2097152 [pid 6599] <... mkdir resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 6600] munmap(0x7f3feae00000, 138412032 [pid 5080] mkdir("./298", 0777 [pid 6599] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6601] <... write resumed>) = 2097152 [pid 6600] <... munmap resumed>) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6601] munmap(0x7f3feae00000, 138412032 [ 294.637837][ T6598] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 294.674417][ T6599] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6600] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] <... openat resumed>) = 3 [pid 6600] <... openat resumed>) = 4 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6600] ioctl(4, LOOP_SET_FD, 3 [pid 6601] <... munmap resumed>) = 0 [pid 6601] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6599] <... mount resumed>) = 0 [pid 6599] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6601] <... openat resumed>) = 4 [pid 6601] ioctl(4, LOOP_SET_FD, 3 [pid 6599] <... openat resumed>) = 3 [pid 6599] chdir("./file0") = 0 [pid 6599] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6599] exit_group(0) = ? [pid 6600] <... ioctl resumed>) = 0 [pid 6600] close(3) = 0 [pid 6600] close(4) = 0 [pid 6600] mkdir("./file0", 0777) = 0 [pid 6599] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6599, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5078] restart_syscall(<... resuming interrupted clone ...> [pid 6600] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5078] <... restart_syscall resumed>) = 0 [ 294.716320][ T6600] loop0: detected capacity change from 0 to 4096 [ 294.733783][ T6601] loop1: detected capacity change from 0 to 4096 [pid 6601] <... ioctl resumed>) = 0 [pid 6601] close(3) = 0 [pid 6601] close(4) = 0 [pid 5078] umount2("./302", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6601] mkdir("./file0", 0777 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./302", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6601] <... mkdir resumed>) = 0 [pid 5078] newfstatat(3, "", [pid 6601] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./302/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./302/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./302/binderfs") = 0 [pid 5078] umount2("./302/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5078] umount2("./302/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./302/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./302/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6598] <... mount resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6598] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] openat(AT_FDCWD, "./302/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6598] <... openat resumed>) = 3 [pid 5078] <... openat resumed>) = 4 [pid 5080] close(3 [pid 6598] chdir("./file0") = 0 [pid 5080] <... close resumed>) = 0 [pid 5078] newfstatat(4, "", [pid 6598] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6598] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] getdents64(4, [pid 6598] exit_group(0) = ? [ 294.763486][ T6600] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 294.786474][ T6601] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 6602 attached [pid 5078] close(4) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6602 [pid 6602] set_robust_list(0x555556d3f660, 24 [pid 5078] rmdir("./302/file0" [pid 6602] <... set_robust_list resumed>) = 0 [pid 6602] chdir("./298" [pid 5078] <... rmdir resumed>) = 0 [pid 6602] <... chdir resumed>) = 0 [pid 6602] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] getdents64(3, [pid 6602] <... prctl resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6602] setpgid(0, 0) = 0 [pid 5078] close(3 [pid 6602] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6598] +++ exited with 0 +++ [pid 5078] <... close resumed>) = 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6598, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5078] rmdir("./302" [pid 6602] <... openat resumed>) = 3 [pid 5079] umount2("./299", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... rmdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6602] write(3, "1000", 4 [pid 5079] openat(AT_FDCWD, "./299", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6602] <... write resumed>) = 4 [pid 5079] <... openat resumed>) = 3 [pid 5078] mkdir("./303", 0777 [pid 6602] close(3 [pid 5079] newfstatat(3, "", [pid 5078] <... mkdir resumed>) = 0 [pid 6602] <... close resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6602] symlink("/dev/binderfs", "./binderfs" [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6602] <... symlink resumed>) = 0 [pid 5079] umount2("./299/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6602] memfd_create("syzkaller", 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... openat resumed>) = 3 [pid 5079] newfstatat(AT_FDCWD, "./299/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5079] unlink("./299/binderfs" [pid 5078] <... ioctl resumed>) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 5078] close(3 [pid 5079] umount2("./299/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... close resumed>) = 0 [pid 6602] <... memfd_create resumed>) = 3 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6602] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] <... umount2 resumed>) = 0 [pid 6602] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6603 [pid 5079] umount2("./299/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6603 attached [pid 6600] <... mount resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6603] set_robust_list(0x555556d3f660, 24) = 0 [pid 6603] chdir("./303" [pid 5079] newfstatat(AT_FDCWD, "./299/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6603] <... chdir resumed>) = 0 [pid 5079] umount2("./299/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6600] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6600] chdir("./file0") = 0 [pid 6600] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6603] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6600] exit_group(0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6603] <... prctl resumed>) = 0 [pid 6600] <... exit_group resumed>) = ? [pid 5079] openat(AT_FDCWD, "./299/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6603] setpgid(0, 0 [pid 6600] +++ exited with 0 +++ [pid 5079] <... openat resumed>) = 4 [pid 6603] <... setpgid resumed>) = 0 [pid 5079] newfstatat(4, "", [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6600, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=6 /* 0.06 s */} --- [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6603] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] getdents64(4, [pid 6603] <... openat resumed>) = 3 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6603] write(3, "1000", 4) = 4 [pid 6603] close(3 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6603] <... close resumed>) = 0 [pid 5079] close(4 [pid 5076] umount2("./300", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6603] symlink("/dev/binderfs", "./binderfs" [pid 5079] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6603] <... symlink resumed>) = 0 [pid 5079] rmdir("./299/file0" [pid 5076] openat(AT_FDCWD, "./300", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6603] memfd_create("syzkaller", 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6603] <... memfd_create resumed>) = 3 [pid 6603] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] umount2("./300/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6603] <... mmap resumed>) = 0x7f3feae00000 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] getdents64(3, [pid 5076] newfstatat(AT_FDCWD, "./300/binderfs", [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./299") = 0 [pid 5076] unlink("./300/binderfs") = 0 [pid 5076] umount2("./300/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5079] mkdir("./300", 0777) = 0 [pid 5076] umount2("./300/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6601] <... mount resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6601] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6601] chdir("./file0" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6601] <... chdir resumed>) = 0 [pid 6601] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5076] newfstatat(AT_FDCWD, "./300/file0", [pid 6601] exit_group(0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6601] <... exit_group resumed>) = ? [pid 5076] umount2("./300/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6601] +++ exited with 0 +++ [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6601, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5076] openat(AT_FDCWD, "./300/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] umount2("./301", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] newfstatat(4, "", [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6602] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] openat(AT_FDCWD, "./301", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] getdents64(4, [pid 5077] <... openat resumed>) = 3 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, [pid 5077] getdents64(3, [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] close(4) = 0 [pid 5077] umount2("./301/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] rmdir("./300/file0" [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./301/binderfs", [pid 5076] <... rmdir resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] getdents64(3, [pid 5077] unlink("./301/binderfs" [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 5076] close(3 [pid 5077] umount2("./301/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 5076] rmdir("./300" [pid 5079] <... ioctl resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5077] umount2("./301/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./301/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./301/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./301/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] mkdir("./301", 0777 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... mkdir resumed>) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./301/file0") = 0 [pid 5076] <... openat resumed>) = 3 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./301") = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5077] mkdir("./302", 0777) = 0 [pid 6603] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6604 attached [pid 6602] <... write resumed>) = 2097152 [pid 6604] set_robust_list(0x555556d3f660, 24 [pid 6602] munmap(0x7f3feae00000, 138412032 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6604 [pid 6604] <... set_robust_list resumed>) = 0 [pid 6604] chdir("./300") = 0 [pid 6604] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6604] setpgid(0, 0) = 0 [pid 6604] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6604] write(3, "1000", 4) = 4 [pid 6604] close(3 [pid 6602] <... munmap resumed>) = 0 [pid 6604] <... close resumed>) = 0 [pid 6604] symlink("/dev/binderfs", "./binderfs" [pid 5076] <... ioctl resumed>) = 0 [pid 6604] <... symlink resumed>) = 0 [pid 6602] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6603] <... write resumed>) = 2097152 [pid 6603] munmap(0x7f3feae00000, 138412032 [pid 6604] memfd_create("syzkaller", 0 [pid 6603] <... munmap resumed>) = 0 [pid 6602] <... openat resumed>) = 4 [pid 6604] <... memfd_create resumed>) = 3 [pid 6602] ioctl(4, LOOP_SET_FD, 3 [pid 5076] close(3 [pid 6603] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6602] <... ioctl resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 6603] <... openat resumed>) = 4 [pid 6604] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6604] <... mmap resumed>) = 0x7f3feae00000 ./strace-static-x86_64: Process 6605 attached [pid 6603] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... ioctl resumed>) = 0 [pid 6603] <... ioctl resumed>) = 0 [pid 6605] set_robust_list(0x555556d3f660, 24 [pid 5077] close(3 [pid 6605] <... set_robust_list resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6605 [pid 6605] chdir("./301" [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6605] <... chdir resumed>) = 0 [pid 6605] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6605] setpgid(0, 0) = 0 [pid 6605] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6606 [pid 6605] <... openat resumed>) = 3 [pid 6602] close(3 [pid 6605] write(3, "1000", 4 [pid 6602] <... close resumed>) = 0 [pid 6602] close(4) = 0 [pid 6605] <... write resumed>) = 4 [pid 6602] mkdir("./file0", 0777 [pid 6605] close(3) = 0 ./strace-static-x86_64: Process 6606 attached [pid 6602] <... mkdir resumed>) = 0 [pid 6606] set_robust_list(0x555556d3f660, 24 [ 295.150165][ T6602] loop4: detected capacity change from 0 to 4096 [ 295.170084][ T6603] loop2: detected capacity change from 0 to 4096 [pid 6602] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6606] <... set_robust_list resumed>) = 0 [pid 6605] symlink("/dev/binderfs", "./binderfs" [pid 6606] chdir("./302" [pid 6603] close(3) = 0 [pid 6603] close(4) = 0 [pid 6606] <... chdir resumed>) = 0 [pid 6603] mkdir("./file0", 0777 [pid 6606] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6605] <... symlink resumed>) = 0 [pid 6603] <... mkdir resumed>) = 0 [pid 6606] <... prctl resumed>) = 0 [pid 6605] memfd_create("syzkaller", 0 [pid 6606] setpgid(0, 0 [pid 6603] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6606] <... setpgid resumed>) = 0 [pid 6606] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6605] <... memfd_create resumed>) = 3 [pid 6605] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6606] <... openat resumed>) = 3 [pid 6606] write(3, "1000", 4) = 4 [pid 6606] close(3 [pid 6604] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6606] <... close resumed>) = 0 [pid 6606] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6606] memfd_create("syzkaller", 0) = 3 [pid 6606] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [ 295.199721][ T6602] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 295.223432][ T6603] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6602] <... mount resumed>) = 0 [pid 6602] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6602] chdir("./file0") = 0 [pid 6602] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6602] exit_group(0) = ? [pid 6602] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6602, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=7 /* 0.07 s */} --- [pid 5080] umount2("./298", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./298", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6605] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6603] <... mount resumed>) = 0 [pid 5080] getdents64(3, [pid 6604] <... write resumed>) = 2097152 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6604] munmap(0x7f3feae00000, 138412032 [pid 6603] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] umount2("./298/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6603] <... openat resumed>) = 3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6603] chdir("./file0" [pid 5080] newfstatat(AT_FDCWD, "./298/binderfs", [pid 6603] <... chdir resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6604] <... munmap resumed>) = 0 [pid 6603] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] unlink("./298/binderfs" [pid 6604] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6603] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... unlink resumed>) = 0 [pid 6604] <... openat resumed>) = 4 [pid 6603] exit_group(0 [pid 5080] umount2("./298/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6604] ioctl(4, LOOP_SET_FD, 3 [pid 6603] <... exit_group resumed>) = ? [pid 5080] <... umount2 resumed>) = 0 [pid 6603] +++ exited with 0 +++ [pid 5080] umount2("./298/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./298/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./298/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6603, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 6606] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6604] <... ioctl resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6604] close(3 [pid 5080] openat(AT_FDCWD, "./298/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6604] <... close resumed>) = 0 [pid 5080] <... openat resumed>) = 4 [pid 6604] close(4 [pid 5080] newfstatat(4, "", [pid 6604] <... close resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, [pid 6604] mkdir("./file0", 0777 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./298/file0" [pid 6604] <... mkdir resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5078] umount2("./303", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6604] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5080] getdents64(3, [pid 5078] openat(AT_FDCWD, "./303", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5080] close(3) = 0 [pid 5080] rmdir("./298") = 0 [pid 5080] mkdir("./299", 0777 [pid 5078] newfstatat(3, "", [pid 6605] <... write resumed>) = 2097152 [pid 5080] <... mkdir resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6605] munmap(0x7f3feae00000, 138412032 [pid 5078] getdents64(3, [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6605] <... munmap resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./303/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6606] <... write resumed>) = 2097152 [pid 6605] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] newfstatat(AT_FDCWD, "./303/binderfs", [pid 6606] munmap(0x7f3feae00000, 138412032 [pid 6605] <... openat resumed>) = 4 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./303/binderfs") = 0 [pid 5078] umount2("./303/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [ 295.383731][ T6604] loop3: detected capacity change from 0 to 4096 [ 295.420278][ T6604] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6605] ioctl(4, LOOP_SET_FD, 3 [pid 6606] <... munmap resumed>) = 0 [pid 5078] umount2("./303/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6606] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6606] <... openat resumed>) = 4 [pid 5078] newfstatat(AT_FDCWD, "./303/file0", [pid 6606] ioctl(4, LOOP_SET_FD, 3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./303/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./303/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6605] <... ioctl resumed>) = 0 [pid 5078] getdents64(4, [pid 6605] close(3 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./303/file0" [pid 6605] <... close resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 6605] close(4 [pid 5078] getdents64(3, [pid 6606] <... ioctl resumed>) = 0 [pid 6605] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6606] close(3 [pid 6605] mkdir("./file0", 0777 [pid 5078] close(3 [pid 6606] <... close resumed>) = 0 [pid 6605] <... mkdir resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 6605] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5078] rmdir("./303") = 0 [pid 6606] close(4 [ 295.464964][ T6605] loop0: detected capacity change from 0 to 4096 [ 295.477362][ T6606] loop1: detected capacity change from 0 to 4096 [pid 5078] mkdir("./304", 0777 [pid 6606] <... close resumed>) = 0 [pid 6604] <... mount resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 6606] mkdir("./file0", 0777 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6606] <... mkdir resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 6604] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] close(3 [pid 6604] <... openat resumed>) = 3 [pid 5080] <... close resumed>) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6606] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6607 ./strace-static-x86_64: Process 6607 attached [pid 6607] set_robust_list(0x555556d3f660, 24) = 0 [pid 6607] chdir("./299" [pid 6604] chdir("./file0" [pid 6607] <... chdir resumed>) = 0 [pid 6604] <... chdir resumed>) = 0 [pid 6607] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6604] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6607] <... prctl resumed>) = 0 [pid 6604] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6607] setpgid(0, 0) = 0 [pid 6604] exit_group(0 [pid 6607] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6604] <... exit_group resumed>) = ? [pid 6607] <... openat resumed>) = 3 [pid 6607] write(3, "1000", 4) = 4 [pid 6607] close(3) = 0 [pid 6607] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6607] memfd_create("syzkaller", 0) = 3 [pid 6607] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6604] +++ exited with 0 +++ [pid 6605] <... mount resumed>) = 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6604, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5079] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5079] umount2("./300", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6605] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6605] chdir("./file0" [ 295.516366][ T6605] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 295.540777][ T6606] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5079] openat(AT_FDCWD, "./300", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6605] <... chdir resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5079] newfstatat(3, "", [pid 6605] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, [pid 6605] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./300/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6605] exit_group(0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... ioctl resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./300/binderfs", [pid 6605] <... exit_group resumed>) = ? [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./300/binderfs") = 0 [pid 5079] umount2("./300/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 6605] +++ exited with 0 +++ [pid 5079] umount2("./300/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6605, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./300/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./301", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] umount2("./300/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./300/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] close(3) = 0 [pid 5079] getdents64(4, [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./301", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] getdents64(4, [pid 5076] <... openat resumed>) = 3 [pid 5076] newfstatat(3, "", [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] close(4) = 0 [pid 5076] getdents64(3, [pid 5079] rmdir("./300/file0") = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6608 [pid 5076] umount2("./301/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6608 attached [pid 5079] getdents64(3, [pid 5076] newfstatat(AT_FDCWD, "./301/binderfs", [pid 6608] set_robust_list(0x555556d3f660, 24 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6608] <... set_robust_list resumed>) = 0 [pid 5079] close(3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6608] chdir("./304" [pid 5079] <... close resumed>) = 0 [pid 6608] <... chdir resumed>) = 0 [pid 5079] rmdir("./300" [pid 5076] unlink("./301/binderfs" [pid 6608] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... rmdir resumed>) = 0 [pid 6606] <... mount resumed>) = 0 [pid 5079] mkdir("./301", 0777 [pid 5076] <... unlink resumed>) = 0 [pid 6608] <... prctl resumed>) = 0 [pid 6606] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... mkdir resumed>) = 0 [pid 6608] setpgid(0, 0 [pid 6607] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6606] <... openat resumed>) = 3 [pid 5076] umount2("./301/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6608] <... setpgid resumed>) = 0 [pid 6608] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] <... umount2 resumed>) = 0 [pid 6608] <... openat resumed>) = 3 [pid 5079] <... openat resumed>) = 3 [pid 5076] umount2("./301/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6608] write(3, "1000", 4 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6608] <... write resumed>) = 4 [pid 5076] newfstatat(AT_FDCWD, "./301/file0", [pid 6608] close(3) = 0 [pid 6606] chdir("./file0" [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6608] symlink("/dev/binderfs", "./binderfs" [pid 6606] <... chdir resumed>) = 0 [pid 5076] umount2("./301/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6606] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6608] <... symlink resumed>) = 0 [pid 6606] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6606] exit_group(0 [pid 5076] openat(AT_FDCWD, "./301/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6606] <... exit_group resumed>) = ? [pid 6608] memfd_create("syzkaller", 0 [pid 6606] +++ exited with 0 +++ [pid 5076] <... openat resumed>) = 4 [pid 6608] <... memfd_create resumed>) = 3 [pid 5076] newfstatat(4, "", [pid 6608] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6606, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 6608] <... mmap resumed>) = 0x7f3feae00000 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] umount2("./302", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(4, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] openat(AT_FDCWD, "./302", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] getdents64(4, [pid 5077] <... openat resumed>) = 3 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] newfstatat(3, "", [pid 5076] close(4 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, [pid 5076] <... close resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] rmdir("./301/file0" [pid 5077] umount2("./302/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... rmdir resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./302/binderfs", [pid 5076] getdents64(3, [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] unlink("./302/binderfs" [pid 5076] close(3 [pid 5077] <... unlink resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5077] umount2("./302/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] rmdir("./301") = 0 [pid 5076] mkdir("./302", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5077] <... umount2 resumed>) = 0 [pid 5077] umount2("./302/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./302/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./302/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./302/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, [pid 6607] <... write resumed>) = 2097152 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./302/file0" [pid 5079] <... ioctl resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5077] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5079] close(3 [pid 5077] rmdir("./302" [pid 5079] <... close resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6607] munmap(0x7f3feae00000, 138412032 [pid 5077] mkdir("./303", 0777) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6609 [pid 5077] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 6609 attached [pid 6609] set_robust_list(0x555556d3f660, 24) = 0 [pid 6609] chdir("./301") = 0 [pid 6609] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6609] setpgid(0, 0) = 0 [pid 6609] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6609] write(3, "1000", 4) = 4 [pid 6609] close(3 [pid 6607] <... munmap resumed>) = 0 [pid 6609] <... close resumed>) = 0 [pid 6609] symlink("/dev/binderfs", "./binderfs" [pid 6608] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6609] <... symlink resumed>) = 0 [pid 6609] memfd_create("syzkaller", 0 [pid 6607] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6607] ioctl(4, LOOP_SET_FD, 3 [pid 6609] <... memfd_create resumed>) = 3 [pid 6609] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5076] <... ioctl resumed>) = 0 [pid 6607] <... ioctl resumed>) = 0 [pid 5076] close(3) = 0 [pid 6607] close(3 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6607] <... close resumed>) = 0 [pid 6607] close(4) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6610 [pid 6607] mkdir("./file0", 0777./strace-static-x86_64: Process 6610 attached [pid 6610] set_robust_list(0x555556d3f660, 24) = 0 [pid 6610] chdir("./302" [pid 6607] <... mkdir resumed>) = 0 [ 295.827799][ T6607] loop4: detected capacity change from 0 to 4096 [pid 6607] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6610] <... chdir resumed>) = 0 [pid 6610] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6610] setpgid(0, 0) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 6610] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6610] write(3, "1000", 4) = 4 [pid 6610] close(3) = 0 [pid 6610] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6610] memfd_create("syzkaller", 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6611 attached [pid 6610] <... memfd_create resumed>) = 3 [pid 6611] set_robust_list(0x555556d3f660, 24 [pid 6610] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6611] <... set_robust_list resumed>) = 0 [pid 6610] <... mmap resumed>) = 0x7f3feae00000 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6611 [pid 6611] chdir("./303") = 0 [pid 6611] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6611] setpgid(0, 0) = 0 [pid 6611] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 295.881595][ T6607] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6611] write(3, "1000", 4 [pid 6608] <... write resumed>) = 2097152 [pid 6611] <... write resumed>) = 4 [pid 6609] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6608] munmap(0x7f3feae00000, 138412032 [pid 6611] close(3) = 0 [pid 6611] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6608] <... munmap resumed>) = 0 [pid 6611] memfd_create("syzkaller", 0 [pid 6607] <... mount resumed>) = 0 [pid 6611] <... memfd_create resumed>) = 3 [pid 6608] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6607] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6608] <... openat resumed>) = 4 [pid 6607] <... openat resumed>) = 3 [pid 6608] ioctl(4, LOOP_SET_FD, 3 [pid 6607] chdir("./file0" [pid 6611] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6608] <... ioctl resumed>) = 0 [pid 6607] <... chdir resumed>) = 0 [pid 6607] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6607] exit_group(0) = ? [pid 6611] <... mmap resumed>) = 0x7f3feae00000 [pid 6607] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6607, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5080] umount2("./299", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./299", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6608] close(3) = 0 [pid 6608] close(4) = 0 [pid 6608] mkdir("./file0", 0777 [pid 5080] newfstatat(3, "", [pid 6608] <... mkdir resumed>) = 0 [pid 6610] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6608] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 295.981242][ T6608] loop2: detected capacity change from 0 to 4096 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./299/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./299/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./299/binderfs") = 0 [pid 5080] umount2("./299/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6609] <... write resumed>) = 2097152 [pid 5080] <... umount2 resumed>) = 0 [pid 6609] munmap(0x7f3feae00000, 138412032 [pid 5080] umount2("./299/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./299/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./299/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./299/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6609] <... munmap resumed>) = 0 [pid 5080] <... openat resumed>) = 4 [pid 5080] newfstatat(4, "", [pid 6609] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6609] <... openat resumed>) = 4 [ 296.031075][ T6608] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6609] ioctl(4, LOOP_SET_FD, 3 [pid 5080] close(4 [pid 6611] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./299/file0") = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./299") = 0 [pid 5080] mkdir("./300", 0777) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6610] <... write resumed>) = 2097152 [pid 6609] <... ioctl resumed>) = 0 [pid 6608] <... mount resumed>) = 0 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6608] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6608] chdir("./file0") = 0 [pid 6610] munmap(0x7f3feae00000, 138412032 [pid 6609] close(3 [pid 6608] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6609] <... close resumed>) = 0 [pid 6609] close(4 [pid 6608] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6609] <... close resumed>) = 0 [pid 6608] exit_group(0) = ? [pid 6609] mkdir("./file0", 0777 [pid 6608] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6608, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5078] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5078] umount2("./304", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./304", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6609] <... mkdir resumed>) = 0 [pid 5078] newfstatat(3, "", [pid 6610] <... munmap resumed>) = 0 [pid 6609] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 296.097045][ T6609] loop3: detected capacity change from 0 to 4096 [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./304/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./304/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./304/binderfs") = 0 [pid 5078] umount2("./304/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6610] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] <... umount2 resumed>) = 0 [pid 6610] <... openat resumed>) = 4 [pid 6610] ioctl(4, LOOP_SET_FD, 3 [pid 5078] umount2("./304/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6611] <... write resumed>) = 2097152 [pid 5078] newfstatat(AT_FDCWD, "./304/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./304/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./304/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./304/file0") = 0 [pid 6611] munmap(0x7f3feae00000, 138412032 [pid 6610] <... ioctl resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5078] getdents64(3, [pid 6610] close(3 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6610] <... close resumed>) = 0 [pid 5078] close(3 [pid 6610] close(4 [pid 5078] <... close resumed>) = 0 [pid 6611] <... munmap resumed>) = 0 [pid 6610] <... close resumed>) = 0 [ 296.157503][ T6609] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 296.190018][ T6610] loop0: detected capacity change from 0 to 4096 [pid 5078] rmdir("./304") = 0 [pid 5078] mkdir("./305", 0777 [pid 6610] mkdir("./file0", 0777 [pid 6609] <... mount resumed>) = 0 [pid 6611] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] <... mkdir resumed>) = 0 [pid 6611] <... openat resumed>) = 4 [pid 6610] <... mkdir resumed>) = 0 [pid 6609] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6611] ioctl(4, LOOP_SET_FD, 3 [pid 5080] close(3 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6610] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6609] <... openat resumed>) = 3 [pid 5080] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6609] chdir("./file0" [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6612 [pid 5078] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 6612 attached [pid 6612] set_robust_list(0x555556d3f660, 24) = 0 [pid 6612] chdir("./300") = 0 [pid 6612] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6612] setpgid(0, 0) = 0 [pid 6612] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6609] <... chdir resumed>) = 0 [pid 6609] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6612] <... openat resumed>) = 3 [pid 6612] write(3, "1000", 4) = 4 [pid 6612] close(3 [pid 6609] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6612] <... close resumed>) = 0 [pid 6611] <... ioctl resumed>) = 0 [pid 6612] symlink("/dev/binderfs", "./binderfs" [pid 6611] close(3 [pid 6609] exit_group(0 [pid 6612] <... symlink resumed>) = 0 [pid 6611] <... close resumed>) = 0 [pid 6609] <... exit_group resumed>) = ? [pid 6612] memfd_create("syzkaller", 0 [pid 6611] close(4) = 0 [pid 6611] mkdir("./file0", 0777 [pid 6609] +++ exited with 0 +++ [pid 6611] <... mkdir resumed>) = 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6609, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [ 296.250352][ T6611] loop1: detected capacity change from 0 to 4096 [ 296.264045][ T6610] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6612] <... memfd_create resumed>) = 3 [pid 6611] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5079] umount2("./301", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6612] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./301", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./301/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... ioctl resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./301/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./301/binderfs") = 0 [pid 5079] umount2("./301/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] close(3) = 0 [ 296.310485][ T6611] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5079] <... umount2 resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] umount2("./301/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./301/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6613 [pid 5079] umount2("./301/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./301/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6613 attached ) = 4 [pid 6613] set_robust_list(0x555556d3f660, 24 [pid 5079] newfstatat(4, "", [pid 6613] <... set_robust_list resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6613] chdir("./305" [pid 5079] getdents64(4, [pid 6613] <... chdir resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6613] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] getdents64(4, [pid 6613] <... prctl resumed>) = 0 [pid 6611] <... mount resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6613] setpgid(0, 0 [pid 5079] close(4 [pid 6613] <... setpgid resumed>) = 0 [pid 6611] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6610] <... mount resumed>) = 0 [pid 6613] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6611] <... openat resumed>) = 3 [pid 6610] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6613] <... openat resumed>) = 3 [pid 6611] chdir("./file0" [pid 6610] chdir("./file0" [pid 5079] <... close resumed>) = 0 [pid 6610] <... chdir resumed>) = 0 [pid 5079] rmdir("./301/file0" [pid 6610] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... rmdir resumed>) = 0 [pid 6611] <... chdir resumed>) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6613] write(3, "1000", 4 [pid 5079] close(3 [pid 6613] <... write resumed>) = 4 [pid 5079] <... close resumed>) = 0 [pid 6613] close(3 [pid 5079] rmdir("./301" [pid 6613] <... close resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 6613] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6611] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6610] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] mkdir("./302", 0777 [pid 6611] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6610] exit_group(0 [pid 5079] <... mkdir resumed>) = 0 [pid 6610] <... exit_group resumed>) = ? [pid 6611] exit_group(0 [pid 6610] +++ exited with 0 +++ [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6613] memfd_create("syzkaller", 0 [pid 5079] <... openat resumed>) = 3 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6610, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=7 /* 0.07 s */} --- [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] umount2("./302", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6613] <... memfd_create resumed>) = 3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6613] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5076] openat(AT_FDCWD, "./302", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6611] <... exit_group resumed>) = ? [pid 5076] <... openat resumed>) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, [pid 6612] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6611] +++ exited with 0 +++ [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6611, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5076] umount2("./302/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] umount2("./303", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./303", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(AT_FDCWD, "./302/binderfs", [pid 5077] newfstatat(3, "", [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] unlink("./302/binderfs" [pid 5077] getdents64(3, [pid 5076] <... unlink resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./303/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./302/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] newfstatat(AT_FDCWD, "./303/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5077] unlink("./303/binderfs") = 0 [pid 5077] umount2("./303/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... ioctl resumed>) = 0 [pid 5076] umount2("./302/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./302/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./302/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./302/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./302/file0") = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5079] close(3 [pid 5076] rmdir("./302" [pid 5079] <... close resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] mkdir("./303", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5077] umount2("./303/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6614 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./303/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./303/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6614 attached [pid 5077] openat(AT_FDCWD, "./303/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6614] set_robust_list(0x555556d3f660, 24 [pid 5077] newfstatat(4, "", [pid 6614] <... set_robust_list resumed>) = 0 [pid 6614] chdir("./302" [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6614] <... chdir resumed>) = 0 [pid 5077] getdents64(4, [pid 6614] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6614] <... prctl resumed>) = 0 [pid 5077] getdents64(4, [pid 6614] setpgid(0, 0 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6614] <... setpgid resumed>) = 0 [pid 5077] close(4 [pid 6614] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6612] <... write resumed>) = 2097152 [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./303/file0" [pid 6614] <... openat resumed>) = 3 [pid 5077] <... rmdir resumed>) = 0 [pid 6614] write(3, "1000", 4) = 4 [pid 5077] getdents64(3, [pid 6614] close(3) = 0 [pid 6614] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3 [pid 6614] memfd_create("syzkaller", 0 [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./303" [pid 6613] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... rmdir resumed>) = 0 [pid 6612] munmap(0x7f3feae00000, 138412032 [pid 5077] mkdir("./304", 0777 [pid 6614] <... memfd_create resumed>) = 3 [pid 6614] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6612] <... munmap resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6612] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] <... openat resumed>) = 3 [pid 6612] <... openat resumed>) = 4 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6612] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... ioctl resumed>) = 0 [pid 6612] <... ioctl resumed>) = 0 [pid 5076] close(3 [pid 6612] close(3) = 0 [pid 5076] <... close resumed>) = 0 [pid 6612] close(4 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6612] <... close resumed>) = 0 [pid 6612] mkdir("./file0", 0777) = 0 [pid 6612] mount("/dev/loop4", "./file0", "ntfs3", 0, ""./strace-static-x86_64: Process 6615 attached [ 296.602116][ T6612] loop4: detected capacity change from 0 to 4096 [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6615 [pid 6615] set_robust_list(0x555556d3f660, 24 [pid 6613] <... write resumed>) = 2097152 [pid 6615] <... set_robust_list resumed>) = 0 [pid 6613] munmap(0x7f3feae00000, 138412032) = 0 [pid 6615] chdir("./303") = 0 [pid 6615] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6615] setpgid(0, 0) = 0 [pid 6615] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6615] write(3, "1000", 4) = 4 [pid 5077] <... ioctl resumed>) = 0 [pid 6615] close(3) = 0 [pid 6613] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6615] symlink("/dev/binderfs", "./binderfs" [pid 6614] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6613] <... openat resumed>) = 4 [pid 6615] <... symlink resumed>) = 0 [pid 6615] memfd_create("syzkaller", 0 [pid 6613] ioctl(4, LOOP_SET_FD, 3 [pid 5077] close(3) = 0 [pid 6615] <... memfd_create resumed>) = 3 [pid 6615] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6613] <... ioctl resumed>) = 0 [pid 6613] close(3) = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6616 [pid 6613] close(4) = 0 [pid 6613] mkdir("./file0", 0777) = 0 ./strace-static-x86_64: Process 6616 attached [pid 6613] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6616] set_robust_list(0x555556d3f660, 24) = 0 [ 296.661047][ T6612] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 296.694792][ T6613] loop2: detected capacity change from 0 to 4096 [pid 6616] chdir("./304") = 0 [pid 6616] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6612] <... mount resumed>) = 0 [pid 6612] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6616] <... prctl resumed>) = 0 [pid 6616] setpgid(0, 0) = 0 [pid 6612] <... openat resumed>) = 3 [pid 6616] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6616] write(3, "1000", 4) = 4 [pid 6612] chdir("./file0" [pid 6616] close(3 [pid 6612] <... chdir resumed>) = 0 [pid 6616] <... close resumed>) = 0 [pid 6612] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6616] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6612] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6612] exit_group(0) = ? [pid 6616] memfd_create("syzkaller", 0 [pid 6614] <... write resumed>) = 2097152 [pid 6616] <... memfd_create resumed>) = 3 [pid 6614] munmap(0x7f3feae00000, 138412032) = 0 [pid 6612] +++ exited with 0 +++ [pid 6616] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6612, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5080] umount2("./300", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./300", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6615] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... openat resumed>) = 3 [ 296.759235][ T6613] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./300/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6614] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6614] <... openat resumed>) = 4 [pid 5080] newfstatat(AT_FDCWD, "./300/binderfs", [pid 6614] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./300/binderfs") = 0 [pid 5080] umount2("./300/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5080] umount2("./300/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./300/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./300/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./300/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6614] <... ioctl resumed>) = 0 [pid 5080] <... openat resumed>) = 4 [pid 6614] close(3 [pid 5080] newfstatat(4, "", [pid 6614] <... close resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6614] close(4 [pid 5080] getdents64(4, [pid 6614] <... close resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6614] mkdir("./file0", 0777 [pid 5080] getdents64(4, [pid 6614] <... mkdir resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 6614] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5080] rmdir("./300/file0") = 0 [ 296.826106][ T6614] loop3: detected capacity change from 0 to 4096 [pid 5080] getdents64(3, [pid 6616] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./300") = 0 [pid 5080] mkdir("./301", 0777 [pid 6613] <... mount resumed>) = 0 [pid 6613] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5080] <... mkdir resumed>) = 0 [pid 6613] chdir("./file0") = 0 [pid 6613] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6613] exit_group(0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6613] <... exit_group resumed>) = ? [pid 5080] <... openat resumed>) = 3 [pid 6613] +++ exited with 0 +++ [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6613, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=11 /* 0.11 s */} --- [pid 5078] umount2("./305", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./305", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6615] <... write resumed>) = 2097152 [pid 5078] <... openat resumed>) = 3 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./305/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./305/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./305/binderfs") = 0 [ 296.868234][ T6614] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6615] munmap(0x7f3feae00000, 138412032 [pid 5078] umount2("./305/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 6615] <... munmap resumed>) = 0 [pid 5078] umount2("./305/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./305/file0", [pid 6615] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6615] <... openat resumed>) = 4 [pid 5078] umount2("./305/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6615] ioctl(4, LOOP_SET_FD, 3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./305/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6615] <... ioctl resumed>) = 0 [pid 5078] <... openat resumed>) = 4 [pid 6615] close(3) = 0 [pid 6615] close(4 [pid 6616] <... write resumed>) = 2097152 [pid 6615] <... close resumed>) = 0 [pid 5078] newfstatat(4, "", [pid 6616] munmap(0x7f3feae00000, 138412032 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6615] mkdir("./file0", 0777 [pid 5078] getdents64(4, [pid 6614] <... mount resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6615] <... mkdir resumed>) = 0 [pid 6614] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] getdents64(4, [pid 6615] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6614] <... openat resumed>) = 3 [ 296.948315][ T6615] loop0: detected capacity change from 0 to 4096 [pid 5078] close(4 [pid 6614] chdir("./file0" [pid 5078] <... close resumed>) = 0 [pid 5078] rmdir("./305/file0") = 0 [pid 6616] <... munmap resumed>) = 0 [pid 6614] <... chdir resumed>) = 0 [pid 6614] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6614] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6614] exit_group(0 [pid 5078] close(3) = 0 [pid 6614] <... exit_group resumed>) = ? [pid 6614] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6614, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5079] umount2("./302", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./302", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] rmdir("./305") = 0 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] mkdir("./306", 0777 [pid 5079] getdents64(3, [pid 5078] <... mkdir resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] umount2("./302/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... openat resumed>) = 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5080] <... ioctl resumed>) = 0 [pid 6616] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5079] newfstatat(AT_FDCWD, "./302/binderfs", [pid 6616] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./302/binderfs") = 0 [pid 5079] umount2("./302/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] close(3 [pid 6616] <... ioctl resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 6616] close(3 [pid 5080] <... close resumed>) = 0 [pid 5079] umount2("./302/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6616] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6616] close(4) = 0 [ 296.991027][ T6615] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 297.007995][ T6616] loop1: detected capacity change from 0 to 4096 [pid 6616] mkdir("./file0", 0777) = 0 ./strace-static-x86_64: Process 6617 attached [pid 6616] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6617 [pid 5079] newfstatat(AT_FDCWD, "./302/file0", [pid 6617] set_robust_list(0x555556d3f660, 24 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6617] <... set_robust_list resumed>) = 0 [pid 6617] chdir("./301" [pid 5079] umount2("./302/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./302/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", [pid 6617] <... chdir resumed>) = 0 [pid 6617] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, [pid 6617] <... prctl resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6617] setpgid(0, 0 [pid 5079] getdents64(4, [pid 6617] <... setpgid resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4 [pid 6617] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... close resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5079] rmdir("./302/file0") = 0 [pid 5079] getdents64(3, [pid 6617] <... openat resumed>) = 3 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./302") = 0 [pid 6617] write(3, "1000", 4) = 4 [pid 5078] close(3 [pid 6617] close(3 [pid 5078] <... close resumed>) = 0 [pid 6617] <... close resumed>) = 0 [pid 6617] symlink("/dev/binderfs", "./binderfs" [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] mkdir("./303", 0777 [pid 6617] <... symlink resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 6618 attached [pid 6617] memfd_create("syzkaller", 0 [pid 6618] set_robust_list(0x555556d3f660, 24 [pid 6617] <... memfd_create resumed>) = 3 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6618 [ 297.057068][ T6616] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6617] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6618] <... set_robust_list resumed>) = 0 [pid 6617] <... mmap resumed>) = 0x7f3feae00000 [pid 6615] <... mount resumed>) = 0 [pid 6618] chdir("./306" [pid 6615] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6618] <... chdir resumed>) = 0 [pid 6618] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6618] setpgid(0, 0 [pid 6615] chdir("./file0") = 0 [pid 6615] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6618] <... setpgid resumed>) = 0 [pid 6615] exit_group(0 [pid 6618] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6615] <... exit_group resumed>) = ? [pid 6618] <... openat resumed>) = 3 [pid 6616] <... mount resumed>) = 0 [pid 6615] +++ exited with 0 +++ [pid 6618] write(3, "1000", 4) = 4 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6615, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 6618] close(3) = 0 [pid 6618] symlink("/dev/binderfs", "./binderfs" [pid 6616] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6618] <... symlink resumed>) = 0 [pid 6616] <... openat resumed>) = 3 [pid 6618] memfd_create("syzkaller", 0 [pid 6616] chdir("./file0") = 0 [pid 5076] umount2("./303", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6616] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6618] <... memfd_create resumed>) = 3 [pid 6616] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] openat(AT_FDCWD, "./303", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6618] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5076] <... openat resumed>) = 3 [pid 6616] exit_group(0 [pid 5076] newfstatat(3, "", [pid 6616] <... exit_group resumed>) = ? [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6616] +++ exited with 0 +++ [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6616, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5077] umount2("./304", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] umount2("./303/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./304", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] newfstatat(AT_FDCWD, "./303/binderfs", [pid 5077] <... openat resumed>) = 3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] newfstatat(3, "", [pid 5076] unlink("./303/binderfs" [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, [pid 5076] <... unlink resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./303/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] umount2("./304/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./304/binderfs", [pid 6617] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5077] unlink("./304/binderfs") = 0 [pid 5076] umount2("./303/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./303/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./304/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] close(3 [pid 5077] <... umount2 resumed>) = 0 [pid 5076] umount2("./303/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5079] <... close resumed>) = 0 [pid 6618] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./303/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 ./strace-static-x86_64: Process 6619 attached [pid 5077] umount2("./304/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] newfstatat(4, "", [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6619 [pid 6619] set_robust_list(0x555556d3f660, 24) = 0 [pid 6619] chdir("./303" [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] newfstatat(AT_FDCWD, "./304/file0", [pid 5076] getdents64(4, [pid 6619] <... chdir resumed>) = 0 [pid 6619] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6619] <... prctl resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6619] setpgid(0, 0 [pid 5076] getdents64(4, [pid 5077] umount2("./304/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] close(4 [pid 5077] openat(AT_FDCWD, "./304/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... close resumed>) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5076] rmdir("./303/file0" [pid 5077] newfstatat(4, "", [pid 6619] <... setpgid resumed>) = 0 [pid 6619] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5077] getdents64(4, [pid 5076] getdents64(3, [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6619] <... openat resumed>) = 3 [pid 6618] <... write resumed>) = 2097152 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6619] write(3, "1000", 4 [pid 5077] close(4 [pid 5076] close(3 [pid 6619] <... write resumed>) = 4 [pid 6618] munmap(0x7f3feae00000, 138412032 [pid 6619] close(3 [pid 5077] <... close resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5077] rmdir("./304/file0" [pid 5076] rmdir("./303" [pid 6619] <... close resumed>) = 0 [pid 6619] symlink("/dev/binderfs", "./binderfs" [pid 5076] <... rmdir resumed>) = 0 [pid 6619] <... symlink resumed>) = 0 [pid 5076] mkdir("./304", 0777 [pid 6619] memfd_create("syzkaller", 0 [pid 6618] <... munmap resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5077] getdents64(3, [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6618] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6619] <... memfd_create resumed>) = 3 [pid 6618] <... openat resumed>) = 4 [pid 6617] <... write resumed>) = 2097152 [pid 5077] close(3 [pid 5076] <... openat resumed>) = 3 [pid 6619] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6618] ioctl(4, LOOP_SET_FD, 3 [pid 6617] munmap(0x7f3feae00000, 138412032 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5077] <... close resumed>) = 0 [pid 6619] <... mmap resumed>) = 0x7f3feae00000 [pid 6618] <... ioctl resumed>) = 0 [pid 6617] <... munmap resumed>) = 0 [pid 6618] close(3 [pid 5077] rmdir("./304") = 0 [pid 5077] mkdir("./305", 0777 [pid 6618] <... close resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6618] close(4 [pid 5077] <... openat resumed>) = 3 [pid 6618] <... close resumed>) = 0 [pid 6617] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6618] mkdir("./file0", 0777 [pid 6617] ioctl(4, LOOP_SET_FD, 3 [pid 6618] <... mkdir resumed>) = 0 [pid 6618] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6617] <... ioctl resumed>) = 0 [ 297.293222][ T6618] loop2: detected capacity change from 0 to 4096 [ 297.320803][ T6617] loop4: detected capacity change from 0 to 4096 [pid 6617] close(3) = 0 [pid 6617] close(4) = 0 [pid 6617] mkdir("./file0", 0777) = 0 [pid 6619] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [ 297.338778][ T6618] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 297.362420][ T6617] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 6617] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5077] <... ioctl resumed>) = 0 [pid 6619] <... write resumed>) = 2097152 [pid 5077] close(3 [pid 6619] munmap(0x7f3feae00000, 138412032 [pid 5077] <... close resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6618] <... mount resumed>) = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6620 [pid 6619] <... munmap resumed>) = 0 [pid 6618] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6618] chdir("./file0"./strace-static-x86_64: Process 6620 attached [pid 6620] set_robust_list(0x555556d3f660, 24) = 0 [pid 6620] chdir("./305" [pid 6619] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6620] <... chdir resumed>) = 0 [pid 6618] <... chdir resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 6620] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6619] <... openat resumed>) = 4 [pid 6618] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6620] <... prctl resumed>) = 0 [pid 6620] setpgid(0, 0 [pid 6619] ioctl(4, LOOP_SET_FD, 3 [pid 6618] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6620] <... setpgid resumed>) = 0 [pid 6618] exit_group(0 [pid 6620] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6620] write(3, "1000", 4 [pid 5076] close(3 [pid 6620] <... write resumed>) = 4 [pid 5076] <... close resumed>) = 0 [pid 6620] close(3 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6620] <... close resumed>) = 0 [pid 6618] <... exit_group resumed>) = ? [pid 6617] <... mount resumed>) = 0 [pid 6620] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6617] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6621 [pid 6617] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6621 attached [pid 6619] <... ioctl resumed>) = 0 [pid 6618] +++ exited with 0 +++ [pid 6617] chdir("./file0" [pid 6621] set_robust_list(0x555556d3f660, 24 [pid 6620] memfd_create("syzkaller", 0 [pid 6619] close(3 [pid 6617] <... chdir resumed>) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6618, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 6621] <... set_robust_list resumed>) = 0 [pid 6617] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6619] <... close resumed>) = 0 [pid 6621] chdir("./304" [pid 6619] close(4 [pid 6617] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6621] <... chdir resumed>) = 0 [pid 6620] <... memfd_create resumed>) = 3 [pid 6619] <... close resumed>) = 0 [pid 6617] exit_group(0 [pid 5078] umount2("./306", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6619] mkdir("./file0", 0777 [pid 6617] <... exit_group resumed>) = ? [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./306", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6621] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6620] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] <... openat resumed>) = 3 [pid 6621] <... prctl resumed>) = 0 [pid 6620] <... mmap resumed>) = 0x7f3feae00000 [pid 5078] newfstatat(3, "", [pid 6621] setpgid(0, 0 [pid 6617] +++ exited with 0 +++ [pid 6621] <... setpgid resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6617, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=11 /* 0.11 s */} --- [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./301", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] umount2("./306/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./301", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] newfstatat(AT_FDCWD, "./306/binderfs", [pid 6621] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6619] <... mkdir resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6619] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5080] newfstatat(3, "", [pid 5078] unlink("./306/binderfs" [pid 6621] <... openat resumed>) = 3 [pid 5078] <... unlink resumed>) = 0 [ 297.462907][ T6619] loop3: detected capacity change from 0 to 4096 [pid 5078] umount2("./306/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6621] write(3, "1000", 4 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6621] <... write resumed>) = 4 [pid 6621] close(3) = 0 [pid 6621] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6621] memfd_create("syzkaller", 0 [pid 5078] <... umount2 resumed>) = 0 [pid 6621] <... memfd_create resumed>) = 3 [pid 6621] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5078] umount2("./306/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] getdents64(3, [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] newfstatat(AT_FDCWD, "./306/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./306/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] umount2("./301/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./301/binderfs", [pid 5078] openat(AT_FDCWD, "./306/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... openat resumed>) = 4 [pid 5080] unlink("./301/binderfs" [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, [pid 5080] <... unlink resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] umount2("./301/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] close(4) = 0 [pid 5078] rmdir("./306/file0") = 0 [pid 5078] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./306") = 0 [pid 5080] <... umount2 resumed>) = 0 [pid 5078] mkdir("./307", 0777) = 0 [ 297.529583][ T6619] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6620] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5080] umount2("./301/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./301/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./301/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./301/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./301/file0") = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./301") = 0 [pid 5080] mkdir("./302", 0777) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 6621] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5078] <... ioctl resumed>) = 0 [pid 5078] close(3) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6622 attached [pid 6619] <... mount resumed>) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6622 [pid 6622] set_robust_list(0x555556d3f660, 24 [pid 6620] <... write resumed>) = 2097152 [pid 6619] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6622] <... set_robust_list resumed>) = 0 [pid 6619] <... openat resumed>) = 3 [pid 6622] chdir("./307" [pid 6621] <... write resumed>) = 2097152 [pid 6622] <... chdir resumed>) = 0 [pid 6619] chdir("./file0" [pid 6622] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6620] munmap(0x7f3feae00000, 138412032 [pid 6619] <... chdir resumed>) = 0 [pid 6622] <... prctl resumed>) = 0 [pid 6619] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6622] setpgid(0, 0 [pid 6619] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6622] <... setpgid resumed>) = 0 [pid 6619] exit_group(0 [pid 6622] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6620] <... munmap resumed>) = 0 [pid 6619] <... exit_group resumed>) = ? [pid 6622] <... openat resumed>) = 3 [pid 6619] +++ exited with 0 +++ [pid 6622] write(3, "1000", 4 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6619, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=8 /* 0.08 s */} --- [pid 6622] <... write resumed>) = 4 [pid 6621] munmap(0x7f3feae00000, 138412032 [pid 6622] close(3 [pid 6621] <... munmap resumed>) = 0 [pid 6620] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... ioctl resumed>) = 0 [pid 6622] <... close resumed>) = 0 [pid 6622] symlink("/dev/binderfs", "./binderfs" [pid 6620] <... openat resumed>) = 4 [pid 5079] umount2("./303", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5080] close(3 [pid 6620] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6622] <... symlink resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./303", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... openat resumed>) = 3 [pid 6621] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] newfstatat(3, "", [pid 6621] <... openat resumed>) = 4 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6621] ioctl(4, LOOP_SET_FD, 3 [pid 5079] getdents64(3, [pid 6622] memfd_create("syzkaller", 0 [pid 6620] <... ioctl resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 6623 attached [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6623 [pid 6623] set_robust_list(0x555556d3f660, 24) = 0 [pid 6623] chdir("./302" [pid 6620] close(3) = 0 [pid 5079] umount2("./303/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6622] <... memfd_create resumed>) = 3 [pid 6620] close(4 [pid 6622] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6620] <... close resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./303/binderfs", [pid 6620] mkdir("./file0", 0777 [pid 6622] <... mmap resumed>) = 0x7f3feae00000 [pid 6620] <... mkdir resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6623] <... chdir resumed>) = 0 [pid 6623] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] unlink("./303/binderfs" [pid 6623] <... prctl resumed>) = 0 [pid 6623] setpgid(0, 0) = 0 [pid 6623] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6621] <... ioctl resumed>) = 0 [pid 6623] write(3, "1000", 4 [pid 6621] close(3 [pid 6623] <... write resumed>) = 4 [pid 6621] <... close resumed>) = 0 [pid 6623] close(3 [pid 6621] close(4 [pid 6623] <... close resumed>) = 0 [pid 6621] <... close resumed>) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 6623] symlink("/dev/binderfs", "./binderfs" [pid 6621] mkdir("./file0", 0777 [pid 6623] <... symlink resumed>) = 0 [pid 6621] <... mkdir resumed>) = 0 [ 297.731925][ T6620] loop1: detected capacity change from 0 to 4096 [ 297.743370][ T6621] loop0: detected capacity change from 0 to 4096 [pid 5079] umount2("./303/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6620] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6623] memfd_create("syzkaller", 0 [pid 6621] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6623] <... memfd_create resumed>) = 3 [pid 6623] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5079] <... umount2 resumed>) = 0 [pid 5079] umount2("./303/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./303/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./303/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./303/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [ 297.785790][ T6620] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 297.786797][ T6621] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./303/file0") = 0 [pid 5079] getdents64(3, [pid 6622] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 6621] <... mount resumed>) = 0 [pid 5079] rmdir("./303" [pid 6621] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5079] <... rmdir resumed>) = 0 [pid 6621] chdir("./file0") = 0 [pid 6621] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] mkdir("./304", 0777 [pid 6621] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6621] exit_group(0) = ? [pid 5079] <... mkdir resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6620] <... mount resumed>) = 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6621] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6621, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5076] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5076] umount2("./304", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./304", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, [pid 6620] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6620] <... openat resumed>) = 3 [pid 5076] umount2("./304/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6620] chdir("./file0" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./304/binderfs", [pid 6620] <... chdir resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./304/binderfs" [pid 6620] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] <... unlink resumed>) = 0 [pid 6620] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] umount2("./304/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6620] exit_group(0) = ? [pid 5076] <... umount2 resumed>) = 0 [pid 5076] umount2("./304/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6622] <... write resumed>) = 2097152 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./304/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./304/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6623] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6622] munmap(0x7f3feae00000, 138412032 [pid 6620] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6620, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5077] umount2("./305", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "./304/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... openat resumed>) = 4 [pid 5077] openat(AT_FDCWD, "./305", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] newfstatat(4, "", [pid 5077] <... openat resumed>) = 3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, [pid 5077] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] umount2("./305/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] getdents64(4, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] newfstatat(AT_FDCWD, "./305/binderfs", [pid 5076] close(4 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... close resumed>) = 0 [pid 5077] unlink("./305/binderfs" [pid 6622] <... munmap resumed>) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 5076] rmdir("./304/file0" [pid 5077] umount2("./305/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6622] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] close(3 [pid 6622] <... openat resumed>) = 4 [pid 5076] <... close resumed>) = 0 [pid 6622] ioctl(4, LOOP_SET_FD, 3 [pid 5076] rmdir("./304") = 0 [pid 5076] mkdir("./305", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6623] <... write resumed>) = 2097152 [pid 6622] <... ioctl resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 6622] close(3 [pid 5079] close(3 [pid 6622] <... close resumed>) = 0 [pid 5077] umount2("./305/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./305/file0", [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./305/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./305/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./305/file0") = 0 [pid 6622] close(4) = 0 [pid 5077] getdents64(3, [pid 6622] mkdir("./file0", 0777 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3 [pid 6622] <... mkdir resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 6622] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [ 297.984180][ T6622] loop2: detected capacity change from 0 to 4096 [pid 5077] rmdir("./305" [pid 6623] munmap(0x7f3feae00000, 138412032 [pid 5077] <... rmdir resumed>) = 0 [pid 5077] mkdir("./306", 0777) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 6623] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 6624 attached [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6624 [pid 6623] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6624] set_robust_list(0x555556d3f660, 24 [pid 6623] <... openat resumed>) = 4 [pid 6624] <... set_robust_list resumed>) = 0 [pid 6624] chdir("./304" [pid 6623] ioctl(4, LOOP_SET_FD, 3 [pid 6624] <... chdir resumed>) = 0 [pid 6624] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... ioctl resumed>) = 0 [pid 6624] <... prctl resumed>) = 0 [pid 6622] <... mount resumed>) = 0 [ 298.026490][ T6622] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6622] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6624] setpgid(0, 0) = 0 [pid 6624] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5076] close(3 [pid 6622] chdir("./file0" [pid 5076] <... close resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6624] write(3, "1000", 4 [pid 6622] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 6625 attached [pid 6624] <... write resumed>) = 4 [pid 6622] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6625 [pid 6625] set_robust_list(0x555556d3f660, 24 [pid 6624] close(3 [pid 6622] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6622] exit_group(0) = ? [pid 5077] <... ioctl resumed>) = 0 [pid 6625] <... set_robust_list resumed>) = 0 [pid 6624] <... close resumed>) = 0 [pid 6623] <... ioctl resumed>) = 0 [pid 6622] +++ exited with 0 +++ [pid 6625] chdir("./305" [pid 6624] symlink("/dev/binderfs", "./binderfs" [pid 6623] close(3 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6622, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5077] close(3 [pid 6625] <... chdir resumed>) = 0 [pid 6624] <... symlink resumed>) = 0 [pid 6623] <... close resumed>) = 0 [pid 6625] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6623] close(4 [pid 5077] <... close resumed>) = 0 [pid 6625] <... prctl resumed>) = 0 [pid 6623] <... close resumed>) = 0 [pid 5078] umount2("./307", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6625] setpgid(0, 0 [pid 6624] memfd_create("syzkaller", 0 [pid 6623] mkdir("./file0", 0777 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6625] <... setpgid resumed>) = 0 [ 298.078262][ T6623] loop4: detected capacity change from 0 to 4096 ./strace-static-x86_64: Process 6626 attached [pid 6625] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6624] <... memfd_create resumed>) = 3 [pid 6623] <... mkdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./307", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6626 [pid 6626] set_robust_list(0x555556d3f660, 24 [pid 6625] <... openat resumed>) = 3 [pid 6624] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6623] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5078] <... openat resumed>) = 3 [pid 6625] write(3, "1000", 4 [pid 6624] <... mmap resumed>) = 0x7f3feae00000 [pid 6625] <... write resumed>) = 4 [pid 6625] close(3) = 0 [pid 6625] symlink("/dev/binderfs", "./binderfs" [pid 6626] <... set_robust_list resumed>) = 0 [pid 6625] <... symlink resumed>) = 0 [pid 5078] newfstatat(3, "", [pid 6625] memfd_create("syzkaller", 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6626] chdir("./306" [pid 5078] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 6625] <... memfd_create resumed>) = 3 [pid 6625] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6626] <... chdir resumed>) = 0 [pid 5078] umount2("./307/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6626] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6626] <... prctl resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./307/binderfs", [pid 6626] setpgid(0, 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6626] <... setpgid resumed>) = 0 [pid 5078] unlink("./307/binderfs") = 0 [pid 6626] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] umount2("./307/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6626] <... openat resumed>) = 3 [pid 6626] write(3, "1000", 4) = 4 [pid 5078] <... umount2 resumed>) = 0 [pid 6626] close(3 [pid 5078] umount2("./307/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6626] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6626] symlink("/dev/binderfs", "./binderfs" [pid 5078] newfstatat(AT_FDCWD, "./307/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./307/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./307/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./307/file0") = 0 [ 298.144295][ T6623] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5078] getdents64(3, [pid 6626] <... symlink resumed>) = 0 [pid 6624] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6623] <... mount resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3 [pid 6623] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5078] <... close resumed>) = 0 [pid 6626] memfd_create("syzkaller", 0 [pid 6623] <... openat resumed>) = 3 [pid 5078] rmdir("./307" [pid 6626] <... memfd_create resumed>) = 3 [pid 6623] chdir("./file0" [pid 5078] <... rmdir resumed>) = 0 [pid 6626] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6623] <... chdir resumed>) = 0 [pid 6626] <... mmap resumed>) = 0x7f3feae00000 [pid 6623] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] mkdir("./308", 0777 [pid 6623] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... mkdir resumed>) = 0 [pid 6623] exit_group(0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6623] <... exit_group resumed>) = ? [pid 5078] <... openat resumed>) = 3 [pid 6623] +++ exited with 0 +++ [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6623, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=11 /* 0.11 s */} --- [pid 5080] restart_syscall(<... resuming interrupted clone ...> [pid 5078] <... ioctl resumed>) = 0 [pid 5080] <... restart_syscall resumed>) = 0 [pid 5078] close(3) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] umount2("./302", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./302", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6625] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] <... openat resumed>) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./302/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./302/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./302/binderfs") = 0 [pid 5080] umount2("./302/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6627 attached [pid 5080] umount2("./302/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6627 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6627] set_robust_list(0x555556d3f660, 24 [pid 5080] newfstatat(AT_FDCWD, "./302/file0", [pid 6627] <... set_robust_list resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6627] chdir("./308" [pid 5080] umount2("./302/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6627] <... chdir resumed>) = 0 [pid 6626] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6627] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6627] setpgid(0, 0) = 0 [pid 6627] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./302/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./302/file0") = 0 [pid 5080] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./302" [pid 6627] <... openat resumed>) = 3 [pid 5080] <... rmdir resumed>) = 0 [pid 5080] mkdir("./303", 0777 [pid 6627] write(3, "1000", 4 [pid 5080] <... mkdir resumed>) = 0 [pid 6627] <... write resumed>) = 4 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6627] close(3 [pid 5080] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6627] <... close resumed>) = 0 [pid 6627] symlink("/dev/binderfs", "./binderfs" [pid 6624] <... write resumed>) = 2097152 [pid 6627] <... symlink resumed>) = 0 [pid 6624] munmap(0x7f3feae00000, 138412032 [pid 6627] memfd_create("syzkaller", 0) = 3 [pid 6625] <... write resumed>) = 2097152 [pid 6624] <... munmap resumed>) = 0 [pid 6627] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6624] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6627] <... mmap resumed>) = 0x7f3feae00000 [pid 6624] <... openat resumed>) = 4 [pid 6624] ioctl(4, LOOP_SET_FD, 3 [pid 6626] <... write resumed>) = 2097152 [pid 6625] munmap(0x7f3feae00000, 138412032 [pid 6624] <... ioctl resumed>) = 0 [pid 6624] close(3 [pid 6626] munmap(0x7f3feae00000, 138412032 [pid 6625] <... munmap resumed>) = 0 [pid 6624] <... close resumed>) = 0 [pid 6624] close(4) = 0 [pid 6625] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6624] mkdir("./file0", 0777 [ 298.382283][ T6624] loop3: detected capacity change from 0 to 4096 [pid 6625] ioctl(4, LOOP_SET_FD, 3 [pid 6624] <... mkdir resumed>) = 0 [pid 6624] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6626] <... munmap resumed>) = 0 [pid 6625] <... ioctl resumed>) = 0 [pid 6625] close(3 [ 298.441350][ T6625] loop0: detected capacity change from 0 to 4096 [ 298.444996][ T6624] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6626] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6625] <... close resumed>) = 0 [pid 6625] close(4 [pid 6626] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... ioctl resumed>) = 0 [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6625] <... close resumed>) = 0 [pid 6625] mkdir("./file0", 0777) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555556d3f650) = 6628 [pid 6625] mount("/dev/loop0", "./file0", "ntfs3", 0, ""./strace-static-x86_64: Process 6628 attached [pid 6628] set_robust_list(0x555556d3f660, 24) = 0 [pid 6628] chdir("./303") = 0 [pid 6628] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6628] setpgid(0, 0) = 0 [pid 6628] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6626] <... ioctl resumed>) = 0 [pid 6628] write(3, "1000", 4 [pid 6626] close(3 [pid 6628] <... write resumed>) = 4 [pid 6626] <... close resumed>) = 0 [pid 6628] close(3 [pid 6626] close(4 [pid 6628] <... close resumed>) = 0 [pid 6626] <... close resumed>) = 0 [pid 6628] symlink("/dev/binderfs", "./binderfs" [pid 6627] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6626] mkdir("./file0", 0777 [pid 6628] <... symlink resumed>) = 0 [pid 6626] <... mkdir resumed>) = 0 [ 298.489080][ T6626] loop1: detected capacity change from 0 to 4096 [ 298.509677][ T6625] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6628] memfd_create("syzkaller", 0 [pid 6626] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6628] <... memfd_create resumed>) = 3 [pid 6628] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6624] <... mount resumed>) = 0 [pid 6624] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6627] <... write resumed>) = 2097152 [pid 6624] chdir("./file0" [pid 6627] munmap(0x7f3feae00000, 138412032 [pid 6624] <... chdir resumed>) = 0 [pid 6624] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [ 298.584458][ T6626] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6624] exit_group(0) = ? [pid 6627] <... munmap resumed>) = 0 [pid 6624] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6624, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 6627] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5079] umount2("./304", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6627] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./304", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./304/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./304/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./304/binderfs") = 0 [pid 6627] <... ioctl resumed>) = 0 [pid 6627] close(3) = 0 [pid 6627] close(4) = 0 [pid 6627] mkdir("./file0", 0777 [pid 5079] umount2("./304/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6627] <... mkdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5079] umount2("./304/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6627] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5079] newfstatat(AT_FDCWD, "./304/file0", [pid 6625] <... mount resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./304/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./304/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./304/file0") = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./304") = 0 [pid 5079] mkdir("./305", 0777 [pid 6628] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6625] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5079] <... mkdir resumed>) = 0 [pid 6625] chdir("./file0") = 0 [ 298.660836][ T6627] loop2: detected capacity change from 0 to 4096 [ 298.700387][ T6627] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6625] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... openat resumed>) = 3 [pid 6625] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6625] exit_group(0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 6625] <... exit_group resumed>) = ? [pid 6627] <... mount resumed>) = 0 [pid 6626] <... mount resumed>) = 0 [pid 6627] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6625] +++ exited with 0 +++ [pid 6627] <... openat resumed>) = 3 [pid 6626] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6627] chdir("./file0" [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6625, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5076] umount2("./305", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6627] <... chdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6627] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] openat(AT_FDCWD, "./305", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6627] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6626] <... openat resumed>) = 3 [pid 5076] <... openat resumed>) = 3 [pid 6626] chdir("./file0" [pid 5076] newfstatat(3, "", [pid 6627] exit_group(0) = ? [pid 6626] <... chdir resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6626] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6626] exit_group(0) = ? [pid 6627] +++ exited with 0 +++ [pid 6626] +++ exited with 0 +++ [pid 5076] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6627, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=9 /* 0.09 s */} --- [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6626, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5076] umount2("./305/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6628] <... write resumed>) = 2097152 [pid 5076] newfstatat(AT_FDCWD, "./305/binderfs", [pid 5078] umount2("./308", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] unlink("./305/binderfs" [pid 5078] openat(AT_FDCWD, "./308", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] umount2("./306", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] <... unlink resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./305/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] newfstatat(3, "", [pid 5077] openat(AT_FDCWD, "./306", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5078] getdents64(3, [pid 5077] newfstatat(3, "", [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] umount2("./308/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] getdents64(3, [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5078] newfstatat(AT_FDCWD, "./308/binderfs", [pid 5077] umount2("./306/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] unlink("./308/binderfs" [pid 5077] newfstatat(AT_FDCWD, "./306/binderfs", [pid 5078] <... unlink resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./308/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] unlink("./306/binderfs") = 0 [pid 5077] umount2("./306/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6628] munmap(0x7f3feae00000, 138412032 [pid 5078] <... umount2 resumed>) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 6628] <... munmap resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5078] umount2("./308/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] umount2("./306/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] umount2("./305/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./308/file0", [pid 5077] newfstatat(AT_FDCWD, "./306/file0", [pid 5076] newfstatat(AT_FDCWD, "./305/file0", [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./306/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5076] umount2("./305/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./306/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] openat(AT_FDCWD, "./305/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] close(3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5076] <... openat resumed>) = 4 [pid 5079] <... close resumed>) = 0 [pid 5077] newfstatat(4, "", [pid 5076] newfstatat(4, "", [pid 6628] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6628] <... openat resumed>) = 4 [pid 5077] getdents64(4, [pid 5076] getdents64(4, [pid 6628] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5076] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5078] umount2("./308/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6629 attached [pid 6628] <... ioctl resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] getdents64(4, [pid 5076] getdents64(4, [pid 6629] set_robust_list(0x555556d3f660, 24 [pid 6628] close(3 [pid 5079] <... clone resumed>, child_tidptr=0x555556d3f650) = 6629 [pid 5078] openat(AT_FDCWD, "./308/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5078] <... openat resumed>) = 4 [pid 5076] close(4 [pid 5078] newfstatat(4, "", [pid 5077] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] <... close resumed>) = 0 [pid 6628] <... close resumed>) = 0 [pid 6629] <... set_robust_list resumed>) = 0 [pid 6628] close(4 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] close(4 [pid 5076] rmdir("./305/file0" [pid 6629] chdir("./305" [pid 6628] <... close resumed>) = 0 [pid 5078] getdents64(4, [pid 5077] <... close resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 5077] rmdir("./306/file0" [pid 5076] getdents64(3, 0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5078] getdents64(4, [pid 5076] rmdir("./305" [pid 5078] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5076] mkdir("./306", 0777 [pid 6628] mkdir("./file0", 0777 [pid 5078] close(4 [pid 5077] getdents64(3, [pid 6629] <... chdir resumed>) = 0 [pid 6628] <... mkdir resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 6629] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] rmdir("./308/file0" [pid 5077] close(3 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6629] <... prctl resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 6629] setpgid(0, 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 6629] <... setpgid resumed>) = 0 [pid 5077] rmdir("./306" [pid 6628] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5078] getdents64(3, [pid 6629] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 6629] <... openat resumed>) = 3 [pid 6629] write(3, "1000", 4) = 4 [pid 6629] close(3) = 0 [pid 6629] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6629] memfd_create("syzkaller", 0) = 3 [pid 5078] close(3 [pid 5077] mkdir("./307", 0777 [pid 5078] <... close resumed>) = 0 [pid 6629] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 5078] rmdir("./308" [pid 5077] <... mkdir resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] mkdir("./309", 0777 [pid 5077] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5078] <... mkdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [ 298.868913][ T6628] loop4: detected capacity change from 0 to 4096 [ 298.900357][ T6628] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5078] ioctl(3, LOOP_CLR_FD [pid 6629] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] <... ioctl resumed>) = 0 [pid 6628] <... mount resumed>) = 0 [pid 5076] close(3) = 0 [pid 6628] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6628] <... openat resumed>) = 3 [pid 6628] chdir("./file0" [pid 5076] <... clone resumed>, child_tidptr=0x555556d3f650) = 6630 ./strace-static-x86_64: Process 6630 attached [pid 6628] <... chdir resumed>) = 0 [pid 6630] set_robust_list(0x555556d3f660, 24 [pid 6628] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6630] <... set_robust_list resumed>) = 0 [pid 6628] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6628] exit_group(0 [pid 6630] chdir("./306" [pid 6628] <... exit_group resumed>) = ? [pid 6628] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6628, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5080] umount2("./303", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./303", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, [pid 5078] <... ioctl resumed>) = 0 [pid 6630] <... chdir resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./303/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./303/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./303/binderfs" [pid 6630] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] <... unlink resumed>) = 0 [pid 5078] close(3 [pid 5077] close(3 [pid 6630] <... prctl resumed>) = 0 [pid 6630] setpgid(0, 0 [pid 5077] <... close resumed>) = 0 [pid 6630] <... setpgid resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] umount2("./303/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6630] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6630] write(3, "1000", 4 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6630] <... write resumed>) = 4 ./strace-static-x86_64: Process 6631 attached [pid 6630] close(3 [pid 5080] <... umount2 resumed>) = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555556d3f650) = 6631 [pid 6630] <... close resumed>) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555556d3f650) = 6632 [pid 6630] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 6632 attached [pid 6631] set_robust_list(0x555556d3f660, 24 [pid 6630] <... symlink resumed>) = 0 [pid 6631] <... set_robust_list resumed>) = 0 [pid 6631] chdir("./307" [pid 6630] memfd_create("syzkaller", 0 [pid 6632] set_robust_list(0x555556d3f660, 24 [pid 5080] umount2("./303/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6632] <... set_robust_list resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6631] <... chdir resumed>) = 0 [pid 6630] <... memfd_create resumed>) = 3 [pid 6631] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6630] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6631] <... prctl resumed>) = 0 [pid 6632] chdir("./309" [pid 6631] setpgid(0, 0 [pid 6630] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] newfstatat(AT_FDCWD, "./303/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6631] <... setpgid resumed>) = 0 [pid 5080] umount2("./303/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6631] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./303/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6632] <... chdir resumed>) = 0 [pid 6631] <... openat resumed>) = 3 [pid 5080] <... openat resumed>) = 4 [pid 6632] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] newfstatat(4, "", [pid 6632] <... prctl resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6632] setpgid(0, 0 [pid 6631] write(3, "1000", 4 [pid 5080] getdents64(4, [pid 6632] <... setpgid resumed>) = 0 [pid 6629] <... write resumed>) = 2097152 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 2 entries */, 32768) = 48 [pid 6632] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6631] <... write resumed>) = 4 [pid 5080] getdents64(4, [pid 6631] close(3 [pid 6629] munmap(0x7f3feae00000, 138412032 [pid 5080] <... getdents64 resumed>0x555556d48730 /* 0 entries */, 32768) = 0 [pid 6631] <... close resumed>) = 0 [pid 5080] close(4 [pid 6632] <... openat resumed>) = 3 [pid 6631] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... close resumed>) = 0 [pid 6632] write(3, "1000", 4 [pid 6631] <... symlink resumed>) = 0 [pid 5080] rmdir("./303/file0" [pid 6632] <... write resumed>) = 4 [pid 5080] <... rmdir resumed>) = 0 [pid 6632] close(3) = 0 [pid 6632] symlink("/dev/binderfs", "./binderfs" [pid 5080] getdents64(3, [pid 6632] <... symlink resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555556d406f0 /* 0 entries */, 32768) = 0 [pid 6632] memfd_create("syzkaller", 0 [pid 6631] memfd_create("syzkaller", 0 [pid 6629] <... munmap resumed>) = 0 [pid 6631] <... memfd_create resumed>) = 3 [pid 6629] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6631] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] close(3) = 0 [pid 6632] <... memfd_create resumed>) = 3 [pid 5080] rmdir("./303") = 0 [pid 5080] mkdir("./304", 0777 [pid 6632] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... mkdir resumed>) = 0 [pid 6632] <... mmap resumed>) = 0x7f3feae00000 [pid 5080] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6631] <... mmap resumed>) = 0x7f3feae00000 [pid 6629] <... openat resumed>) = 4 [pid 5080] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 6629] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6629] close(3) = 0 [pid 6629] close(4) = 0 [pid 6629] mkdir("./file0", 0777) = 0 [ 299.139806][ T6629] loop3: detected capacity change from 0 to 4096 [pid 6632] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6630] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6629] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5080] <... ioctl resumed>) = 0 [pid 6631] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d3f650) = 6633 [ 299.205130][ T6629] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). ./strace-static-x86_64: Process 6633 attached [pid 6632] <... write resumed>) = 2097152 [pid 6633] set_robust_list(0x555556d3f660, 24) = 0 [pid 6633] chdir("./304") = 0 [pid 6633] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6633] setpgid(0, 0) = 0 [pid 6633] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6633] write(3, "1000", 4) = 4 [pid 6633] close(3) = 0 [pid 6633] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6633] memfd_create("syzkaller", 0 [pid 6632] munmap(0x7f3feae00000, 138412032) = 0 [pid 6633] <... memfd_create resumed>) = 3 [pid 6633] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3feae00000 [pid 6630] <... write resumed>) = 2097152 [pid 6632] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 299.305561][ C1] ================================================================== [ 299.314323][ C1] BUG: KASAN: out-of-bounds in end_buffer_read_sync+0xc1/0xd0 [ 299.322031][ C1] Write of size 4 at addr ffffc9000a0f76c0 by task ksoftirqd/1/23 [ 299.330181][ C1] [ 299.332537][ C1] CPU: 1 PID: 23 Comm: ksoftirqd/1 Not tainted 6.9.0-rc5-syzkaller-00159-gc942a0cd3603 #0 [ 299.342537][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 299.349894][ T6632] loop2: detected capacity change from 0 to 4096 [ 299.353354][ C1] Call Trace: [ 299.353376][ C1] [ 299.366686][ C1] dump_stack_lvl+0x241/0x360 [ 299.367170][ T6631] loop1: detected capacity change from 0 to 4096 [ 299.371625][ C1] ? __pfx_dump_stack_lvl+0x10/0x10 [ 299.371694][ C1] ? __pfx__printk+0x10/0x10 [ 299.381568][ T6630] loop0: detected capacity change from 0 to 4096 [ 299.385125][ C1] ? _printk+0xd5/0x120 [ 299.407909][ C1] print_report+0x169/0x550 [ 299.414029][ C1] ? wake_bit_function+0xee/0x220 [ 299.419955][ C1] ? __virt_addr_valid+0xbd/0x520 [ 299.426094][ C1] ? end_buffer_read_sync+0xc1/0xd0 [ 299.431975][ C1] kasan_report+0x143/0x180 [ 299.436746][ C1] ? end_buffer_read_sync+0xc1/0xd0 [ 299.443166][ C1] kasan_check_range+0x282/0x290 [ 299.449148][ C1] ? __pfx_end_buffer_read_sync+0x10/0x10 [ 299.457058][ C1] end_buffer_read_sync+0xc1/0xd0 [ 299.464074][ C1] end_bio_bh_io_sync+0xbf/0x120 [ 299.469821][ C1] blk_update_request+0x545/0x1020 [ 299.475201][ C1] blk_mq_end_request+0x3e/0x70 [ 299.481191][ C1] blk_done_softirq+0x100/0x150 [ 299.487075][ C1] __do_softirq+0x2c6/0x980 [ 299.490552][ T6633] loop4: detected capacity change from 0 to 4096 [ 299.492865][ C1] ? run_ksoftirqd+0xc5/0x130 [ 299.492907][ C1] ? __pfx___do_softirq+0x10/0x10 [ 299.511042][ C1] run_ksoftirqd+0xc5/0x130 [ 299.517182][ C1] ? __pfx_run_ksoftirqd+0x10/0x10 [ 299.522984][ C1] ? __pfx_ksoftirqd_should_run+0x10/0x10 [ 299.529589][ C1] ? __pfx_run_ksoftirqd+0x10/0x10 [ 299.534856][ C1] smpboot_thread_fn+0x544/0xa30 [ 299.539434][ T6632] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 299.540556][ C1] ? smpboot_thread_fn+0x4e/0xa30 [ 299.551244][ T6631] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 299.556134][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 299.566693][ T6630] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 299.572471][ C1] kthread+0x2f0/0x390 [ 299.572524][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 299.572560][ C1] ? __pfx_kthread+0x10/0x10 [ 299.602519][ C1] ret_from_fork+0x4b/0x80 [ 299.607260][ C1] ? __pfx_kthread+0x10/0x10 [ 299.612102][ C1] ret_from_fork_asm+0x1a/0x30 [ 299.617101][ C1] [ 299.620206][ T6633] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 299.620258][ C1] [ 299.620272][ C1] The buggy address belongs to the virtual mapping at [ 299.620272][ C1] [ffffc9000a0f0000, ffffc9000a0f9000) created by: [ 299.620272][ C1] copy_process+0x5d1/0x3df0 [ 299.651401][ C1] [ 299.653777][ C1] The buggy address belongs to the physical page: [ 299.660238][ C1] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1e5fa [ 299.669310][ C1] flags: 0xfff80000000000(node=0|zone=1|lastcpupid=0xfff) [ 299.676477][ C1] page_type: 0xffffffff() [ 299.681213][ C1] raw: 00fff80000000000 0000000000000000 dead000000000122 0000000000000000 [ 299.692901][ C1] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [pid 6633] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6632] ioctl(4, LOOP_SET_FD, 3 [pid 6631] <... write resumed>) = 2097152 [pid 6630] munmap(0x7f3feae00000, 138412032) = 0 [pid 6631] munmap(0x7f3feae00000, 138412032) = 0 [pid 6631] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6631] ioctl(4, LOOP_SET_FD, 3 [pid 6630] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6630] ioctl(4, LOOP_SET_FD, 3 [pid 6632] <... ioctl resumed>) = 0 [pid 6632] close(3) = 0 [pid 6632] close(4) = 0 [pid 6632] mkdir("./file0", 0777) = 0 [pid 6632] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6631] <... ioctl resumed>) = 0 [pid 6631] close(3) = 0 [pid 6631] close(4) = 0 [pid 6631] mkdir("./file0", 0777) = 0 [pid 6631] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6630] <... ioctl resumed>) = 0 [pid 6630] close(3) = 0 [pid 6630] close(4) = 0 [pid 6630] mkdir("./file0", 0777) = 0 [pid 6630] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6633] <... write resumed>) = 2097152 [pid 6633] munmap(0x7f3feae00000, 138412032) = 0 [pid 6633] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6633] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6633] close(3) = 0 [pid 6633] close(4) = 0 [pid 6633] mkdir("./file0", 0777) = 0 [pid 6633] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6629] <... mount resumed>) = 0 [pid 6629] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6629] chdir("./file0") = 0 [pid 6629] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6629] exit_group(0) = ? [pid 6629] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6629, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5079] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5079] umount2("./305", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./305", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555556d406f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./305/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./305/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./305/binderfs") = 0 [ 299.702407][ C1] page dumped because: kasan: bad access detected [ 299.709916][ C1] page_owner tracks the page as allocated [ 299.716296][ C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 5077, tgid 1967969602 (syz-executor318), ts 5077, free_ts 289725075341 [ 299.735912][ C1] post_alloc_hook+0x1ea/0x210 [ 299.741074][ C1] get_page_from_freelist+0x3410/0x35b0 [ 299.748928][ C1] __alloc_pages+0x256/0x6c0 [ 299.753947][ C1] alloc_pages_mpol+0x3e8/0x680 [ 299.758866][ C1] __vmalloc_node_range+0x9a4/0x1490 [ 299.764234][ C1] dup_task_struct+0x3e9/0x7d0 [ 299.769066][ C1] copy_process+0x5d1/0x3df0 [ 299.774187][ C1] kernel_clone+0x223/0x870 [ 299.779258][ C1] __x64_sys_clone+0x258/0x2a0 [ 299.785800][ C1] do_syscall_64+0xf5/0x240 [ 299.790964][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.803283][ C1] page last free pid 5089 tgid 5089 stack trace: [ 299.809926][ C1] free_unref_page_prepare+0x97b/0xaa0 [ 299.815564][ C1] free_unref_folios+0x185/0xb30 [ 299.820836][ C1] folios_put_refs+0x8eb/0xa10 [ 299.825711][ C1] truncate_inode_pages_range+0x47b/0xfc0 [ 299.831866][ C1] blkdev_flush_mapping+0x156/0x2b0 [ 299.837663][ C1] bdev_release+0x489/0x720 [ 299.842407][ C1] blkdev_release+0x15/0x20 [ 299.847506][ C1] __fput+0x429/0x8a0 [ 299.851578][ C1] __x64_sys_close+0x7f/0x110 [ 299.857705][ C1] do_syscall_64+0xf5/0x240 [ 299.863671][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.871103][ C1] [ 299.873454][ C1] Memory state around the buggy address: [ 299.879286][ C1] ffffc9000a0f7580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 299.888871][ C1] ffffc9000a0f7600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 299.901138][ C1] >ffffc9000a0f7680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 299.909323][ C1] ^ [ 299.916649][ C1] ffffc9000a0f7700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 299.924843][ C1] ffffc9000a0f7780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 299.935602][ C1] ================================================================== [ 299.945500][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 299.953955][ C1] CPU: 1 PID: 23 Comm: ksoftirqd/1 Not tainted 6.9.0-rc5-syzkaller-00159-gc942a0cd3603 #0 [ 299.964849][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 299.975510][ C1] Call Trace: [ 299.978808][ C1] [ 299.981845][ C1] dump_stack_lvl+0x241/0x360 [ 299.986595][ C1] ? __pfx_dump_stack_lvl+0x10/0x10 [ 299.992113][ C1] ? __pfx__printk+0x10/0x10 [ 299.996788][ C1] ? vscnprintf+0x5d/0x90 [ 300.001187][ C1] panic+0x349/0x860 [ 300.005149][ C1] ? check_panic_on_warn+0x21/0xb0 [ 300.010961][ C1] ? __pfx_panic+0x10/0x10 [ 300.015472][ C1] ? _raw_spin_unlock_irqrestore+0xd8/0x140 [ 300.021552][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 300.027496][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 300.034227][ C1] ? print_report+0x502/0x550 [ 300.039145][ C1] check_panic_on_warn+0x86/0xb0 [ 300.044867][ C1] ? end_buffer_read_sync+0xc1/0xd0 [ 300.050116][ C1] end_report+0x77/0x160 [ 300.055128][ C1] kasan_report+0x154/0x180 [ 300.059902][ C1] ? end_buffer_read_sync+0xc1/0xd0 [ 300.066020][ C1] kasan_check_range+0x282/0x290 [ 300.072042][ C1] ? __pfx_end_buffer_read_sync+0x10/0x10 [ 300.079602][ C1] end_buffer_read_sync+0xc1/0xd0 [ 300.085088][ C1] end_bio_bh_io_sync+0xbf/0x120 [ 300.091501][ C1] blk_update_request+0x545/0x1020 [ 300.096755][ C1] blk_mq_end_request+0x3e/0x70 [ 300.104727][ C1] blk_done_softirq+0x100/0x150 [ 300.109677][ C1] __do_softirq+0x2c6/0x980 [ 300.114331][ C1] ? run_ksoftirqd+0xc5/0x130 [ 300.120546][ C1] ? __pfx___do_softirq+0x10/0x10 [ 300.126226][ C1] run_ksoftirqd+0xc5/0x130 [ 300.132205][ C1] ? __pfx_run_ksoftirqd+0x10/0x10 [ 300.138521][ C1] ? __pfx_ksoftirqd_should_run+0x10/0x10 [ 300.145083][ C1] ? __pfx_run_ksoftirqd+0x10/0x10 [ 300.153113][ C1] smpboot_thread_fn+0x544/0xa30 [ 300.158309][ C1] ? smpboot_thread_fn+0x4e/0xa30 [ 300.163669][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 300.170230][ C1] kthread+0x2f0/0x390 [ 300.174352][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 300.180025][ C1] ? __pfx_kthread+0x10/0x10 [ 300.184859][ C1] ret_from_fork+0x4b/0x80 [ 300.189519][ C1] ? __pfx_kthread+0x10/0x10 [ 300.194209][ C1] ret_from_fork_asm+0x1a/0x30 [ 300.199206][ C1] [ 300.203146][ C1] Kernel Offset: disabled [ 300.207675][ C1] Rebooting in 86400 seconds..