./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor722251307 <...> \x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5630] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5630] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5630] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5630] close(3) = 0 [pid 5630] mkdir("./file0", 0777) = 0 [pid 5630] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5630] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5630] chdir("./file0") = 0 [pid 5630] ioctl(4, LOOP_CLR_FD) = 0 [pid 5630] close(4) = 0 [pid 5630] exit_group(0) = ? [pid 5630] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5630, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./602", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./602", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./602/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./602/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./602/binderfs") = 0 umount2("./602/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./602/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./602/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./602/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./602/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./602/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./602") = 0 mkdir("./603", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 93.303741][ T5630] loop0: detected capacity change from 0 to 4096 [ 93.312004][ T5630] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5631 attached , child_tidptr=0x5555568435d0) = 5631 [pid 5631] chdir("./603") = 0 [pid 5631] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5631] setpgid(0, 0) = 0 [pid 5631] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5631] write(3, "1000", 4) = 4 [pid 5631] close(3) = 0 [pid 5631] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5631] memfd_create("syzkaller", 0) = 3 [pid 5631] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5631] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5631] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5631] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5631] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5631] close(3) = 0 [pid 5631] mkdir("./file0", 0777) = 0 [pid 5631] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5631] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5631] chdir("./file0") = 0 [pid 5631] ioctl(4, LOOP_CLR_FD) = 0 [pid 5631] close(4) = 0 [pid 5631] exit_group(0) = ? [pid 5631] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5631, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./603", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./603", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./603/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./603/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./603/binderfs") = 0 umount2("./603/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./603/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./603/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./603/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./603/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./603/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./603") = 0 mkdir("./604", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 93.390697][ T5631] loop0: detected capacity change from 0 to 4096 [ 93.398990][ T5631] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5632 attached [pid 5632] chdir("./604") = 0 [pid 5632] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5632] setpgid(0, 0) = 0 [pid 5632] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5632] write(3, "1000", 4) = 4 [pid 5632] close(3) = 0 [pid 5632] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5632 [pid 5632] memfd_create("syzkaller", 0) = 3 [pid 5632] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5632] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5632] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5632] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5632] close(3) = 0 [pid 5632] mkdir("./file0", 0777) = 0 [pid 5632] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5632] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5632] chdir("./file0") = 0 [pid 5632] ioctl(4, LOOP_CLR_FD) = 0 [pid 5632] close(4) = 0 [pid 5632] exit_group(0) = ? [pid 5632] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5632, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./604", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./604", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./604/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./604/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./604/binderfs") = 0 umount2("./604/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./604/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./604/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./604/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./604/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./604/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./604") = 0 mkdir("./605", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5633 attached [pid 5633] chdir("./605") = 0 [pid 5633] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5633] setpgid(0, 0) = 0 [pid 5633] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5633 [pid 5633] <... openat resumed>) = 3 [pid 5633] write(3, "1000", 4) = 4 [pid 5633] close(3) = 0 [pid 5633] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5633] memfd_create("syzkaller", 0) = 3 [ 93.478793][ T5632] loop0: detected capacity change from 0 to 4096 [ 93.486967][ T5632] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5633] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5633] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5633] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5633] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5633] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5633] close(3) = 0 [pid 5633] mkdir("./file0", 0777) = 0 [pid 5633] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5633] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5633] chdir("./file0") = 0 [pid 5633] ioctl(4, LOOP_CLR_FD) = 0 [pid 5633] close(4) = 0 [pid 5633] exit_group(0) = ? [pid 5633] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5633, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./605", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./605", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./605/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./605/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./605/binderfs") = 0 umount2("./605/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./605/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./605/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./605/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./605/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./605/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./605") = 0 mkdir("./606", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5634 attached , child_tidptr=0x5555568435d0) = 5634 [ 93.558635][ T5633] loop0: detected capacity change from 0 to 4096 [ 93.566795][ T5633] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5634] chdir("./606") = 0 [pid 5634] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5634] setpgid(0, 0) = 0 [pid 5634] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5634] write(3, "1000", 4) = 4 [pid 5634] close(3) = 0 [pid 5634] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5634] memfd_create("syzkaller", 0) = 3 [pid 5634] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5634] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5634] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5634] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5634] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5634] close(3) = 0 [pid 5634] mkdir("./file0", 0777) = 0 [pid 5634] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5634] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5634] chdir("./file0") = 0 [pid 5634] ioctl(4, LOOP_CLR_FD) = 0 [pid 5634] close(4) = 0 [pid 5634] exit_group(0) = ? [pid 5634] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5634, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./606", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./606", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./606/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./606/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./606/binderfs") = 0 umount2("./606/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./606/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./606/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./606/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./606/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./606/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./606") = 0 mkdir("./607", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 93.643541][ T5634] loop0: detected capacity change from 0 to 4096 [ 93.652023][ T5634] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5635 attached , child_tidptr=0x5555568435d0) = 5635 [pid 5635] chdir("./607") = 0 [pid 5635] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5635] setpgid(0, 0) = 0 [pid 5635] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5635] write(3, "1000", 4) = 4 [pid 5635] close(3) = 0 [pid 5635] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5635] memfd_create("syzkaller", 0) = 3 [pid 5635] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5635] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5635] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5635] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5635] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5635] close(3) = 0 [pid 5635] mkdir("./file0", 0777) = 0 [pid 5635] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5635] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5635] chdir("./file0") = 0 [pid 5635] ioctl(4, LOOP_CLR_FD) = 0 [pid 5635] close(4) = 0 [pid 5635] exit_group(0) = ? [pid 5635] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5635, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./607", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./607", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./607/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./607/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./607/binderfs") = 0 umount2("./607/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./607/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./607/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./607/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./607/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./607/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./607") = 0 mkdir("./608", 0777) = 0 [ 93.730918][ T5635] loop0: detected capacity change from 0 to 4096 [ 93.739440][ T5635] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5636 ./strace-static-x86_64: Process 5636 attached [pid 5636] chdir("./608") = 0 [pid 5636] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5636] setpgid(0, 0) = 0 [pid 5636] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5636] write(3, "1000", 4) = 4 [pid 5636] close(3) = 0 [pid 5636] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5636] memfd_create("syzkaller", 0) = 3 [pid 5636] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5636] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5636] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5636] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5636] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5636] close(3) = 0 [pid 5636] mkdir("./file0", 0777) = 0 [pid 5636] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5636] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5636] chdir("./file0") = 0 [pid 5636] ioctl(4, LOOP_CLR_FD) = 0 [pid 5636] close(4) = 0 [pid 5636] exit_group(0) = ? [pid 5636] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5636, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./608", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./608", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./608/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./608/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./608/binderfs") = 0 umount2("./608/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./608/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./608/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./608/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./608/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./608/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./608") = 0 mkdir("./609", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5637 ./strace-static-x86_64: Process 5637 attached [pid 5637] chdir("./609") = 0 [ 93.823956][ T5636] loop0: detected capacity change from 0 to 4096 [ 93.832736][ T5636] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5637] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5637] setpgid(0, 0) = 0 [pid 5637] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5637] write(3, "1000", 4) = 4 [pid 5637] close(3) = 0 [pid 5637] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5637] memfd_create("syzkaller", 0) = 3 [pid 5637] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5637] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5637] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5637] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5637] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5637] close(3) = 0 [pid 5637] mkdir("./file0", 0777) = 0 [pid 5637] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5637] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5637] chdir("./file0") = 0 [pid 5637] ioctl(4, LOOP_CLR_FD) = 0 [pid 5637] close(4) = 0 [pid 5637] exit_group(0) = ? [pid 5637] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5637, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./609", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./609", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./609/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./609/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./609/binderfs") = 0 umount2("./609/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./609/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./609/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./609/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./609/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./609/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./609") = 0 mkdir("./610", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5638 ./strace-static-x86_64: Process 5638 attached [pid 5638] chdir("./610") = 0 [pid 5638] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5638] setpgid(0, 0) = 0 [pid 5638] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5638] write(3, "1000", 4) = 4 [pid 5638] close(3) = 0 [pid 5638] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5638] memfd_create("syzkaller", 0) = 3 [pid 5638] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 93.907341][ T5637] loop0: detected capacity change from 0 to 4096 [ 93.915553][ T5637] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5638] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5638] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5638] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5638] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5638] close(3) = 0 [pid 5638] mkdir("./file0", 0777) = 0 [pid 5638] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5638] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5638] chdir("./file0") = 0 [pid 5638] ioctl(4, LOOP_CLR_FD) = 0 [pid 5638] close(4) = 0 [pid 5638] exit_group(0) = ? [pid 5638] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5638, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./610", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./610", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./610/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./610/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./610/binderfs") = 0 umount2("./610/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./610/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./610/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./610/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./610/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./610/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 [ 93.988674][ T5638] loop0: detected capacity change from 0 to 4096 [ 93.997209][ T5638] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). rmdir("./610") = 0 mkdir("./611", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5639 ./strace-static-x86_64: Process 5639 attached [pid 5639] chdir("./611") = 0 [pid 5639] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5639] setpgid(0, 0) = 0 [pid 5639] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5639] write(3, "1000", 4) = 4 [pid 5639] close(3) = 0 [pid 5639] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5639] memfd_create("syzkaller", 0) = 3 [pid 5639] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5639] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5639] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5639] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5639] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5639] close(3) = 0 [pid 5639] mkdir("./file0", 0777) = 0 [pid 5639] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5639] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5639] chdir("./file0") = 0 [pid 5639] ioctl(4, LOOP_CLR_FD) = 0 [pid 5639] close(4) = 0 [pid 5639] exit_group(0) = ? [pid 5639] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5639, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./611", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./611", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./611/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./611/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./611/binderfs") = 0 umount2("./611/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./611/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./611/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./611/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./611/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./611/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./611") = 0 [ 94.082179][ T5639] loop0: detected capacity change from 0 to 4096 [ 94.090766][ T5639] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./612", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5640 ./strace-static-x86_64: Process 5640 attached [pid 5640] chdir("./612") = 0 [pid 5640] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5640] setpgid(0, 0) = 0 [pid 5640] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5640] write(3, "1000", 4) = 4 [pid 5640] close(3) = 0 [pid 5640] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5640] memfd_create("syzkaller", 0) = 3 [pid 5640] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5640] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5640] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5640] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5640] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5640] close(3) = 0 [pid 5640] mkdir("./file0", 0777) = 0 [pid 5640] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5640] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5640] chdir("./file0") = 0 [pid 5640] ioctl(4, LOOP_CLR_FD) = 0 [pid 5640] close(4) = 0 [pid 5640] exit_group(0) = ? [pid 5640] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5640, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./612", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./612", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./612/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./612/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./612/binderfs") = 0 umount2("./612/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./612/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./612/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./612/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./612/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./612/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./612") = 0 mkdir("./613", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 94.185444][ T5640] loop0: detected capacity change from 0 to 4096 [ 94.194069][ T5640] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5641 ./strace-static-x86_64: Process 5641 attached [pid 5641] chdir("./613") = 0 [pid 5641] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5641] setpgid(0, 0) = 0 [pid 5641] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5641] write(3, "1000", 4) = 4 [pid 5641] close(3) = 0 [pid 5641] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5641] memfd_create("syzkaller", 0) = 3 [pid 5641] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5641] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5641] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5641] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5641] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5641] close(3) = 0 [pid 5641] mkdir("./file0", 0777) = 0 [pid 5641] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5641] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5641] chdir("./file0") = 0 [pid 5641] ioctl(4, LOOP_CLR_FD) = 0 [pid 5641] close(4) = 0 [pid 5641] exit_group(0) = ? [pid 5641] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5641, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./613", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./613", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./613/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./613/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./613/binderfs") = 0 umount2("./613/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./613/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./613/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./613/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./613/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./613/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./613") = 0 mkdir("./614", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5642 ./strace-static-x86_64: Process 5642 attached [pid 5642] chdir("./614") = 0 [pid 5642] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5642] setpgid(0, 0) = 0 [pid 5642] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5642] write(3, "1000", 4) = 4 [pid 5642] close(3) = 0 [pid 5642] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5642] memfd_create("syzkaller", 0) = 3 [pid 5642] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 94.274908][ T5641] loop0: detected capacity change from 0 to 4096 [ 94.284488][ T5641] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5642] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5642] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5642] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5642] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5642] close(3) = 0 [pid 5642] mkdir("./file0", 0777) = 0 [pid 5642] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5642] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5642] chdir("./file0") = 0 [pid 5642] ioctl(4, LOOP_CLR_FD) = 0 [pid 5642] close(4) = 0 [pid 5642] exit_group(0) = ? [pid 5642] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5642, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- umount2("./614", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./614", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./614/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./614/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./614/binderfs") = 0 umount2("./614/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./614/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./614/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./614/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./614/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./614/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./614") = 0 [ 94.351877][ T5642] loop0: detected capacity change from 0 to 4096 [ 94.360669][ T5642] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./615", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5643 ./strace-static-x86_64: Process 5643 attached [pid 5643] chdir("./615") = 0 [pid 5643] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5643] setpgid(0, 0) = 0 [pid 5643] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5643] write(3, "1000", 4) = 4 [pid 5643] close(3) = 0 [pid 5643] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5643] memfd_create("syzkaller", 0) = 3 [pid 5643] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5643] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5643] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5643] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5643] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5643] close(3) = 0 [pid 5643] mkdir("./file0", 0777) = 0 [pid 5643] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5643] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5643] chdir("./file0") = 0 [pid 5643] ioctl(4, LOOP_CLR_FD) = 0 [pid 5643] close(4) = 0 [pid 5643] exit_group(0) = ? [pid 5643] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5643, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./615", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./615", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./615/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./615/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./615/binderfs") = 0 umount2("./615/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./615/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./615/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./615/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./615/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./615/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./615") = 0 mkdir("./616", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5644 ./strace-static-x86_64: Process 5644 attached [pid 5644] chdir("./616") = 0 [pid 5644] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5644] setpgid(0, 0) = 0 [pid 5644] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5644] write(3, "1000", 4) = 4 [pid 5644] close(3) = 0 [ 94.444806][ T5643] loop0: detected capacity change from 0 to 4096 [ 94.453963][ T5643] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5644] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5644] memfd_create("syzkaller", 0) = 3 [pid 5644] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5644] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5644] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5644] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5644] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5644] close(3) = 0 [pid 5644] mkdir("./file0", 0777) = 0 [pid 5644] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5644] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5644] chdir("./file0") = 0 [pid 5644] ioctl(4, LOOP_CLR_FD) = 0 [pid 5644] close(4) = 0 [pid 5644] exit_group(0) = ? [pid 5644] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5644, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./616", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./616", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./616/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./616/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./616/binderfs") = 0 umount2("./616/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./616/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./616/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./616/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./616/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./616/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./616") = 0 mkdir("./617", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5645 ./strace-static-x86_64: Process 5645 attached [pid 5645] chdir("./617") = 0 [pid 5645] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5645] setpgid(0, 0) = 0 [pid 5645] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5645] write(3, "1000", 4) = 4 [pid 5645] close(3) = 0 [pid 5645] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5645] memfd_create("syzkaller", 0) = 3 [pid 5645] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 94.529589][ T5644] loop0: detected capacity change from 0 to 4096 [ 94.538084][ T5644] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5645] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5645] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5645] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5645] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5645] close(3) = 0 [pid 5645] mkdir("./file0", 0777) = 0 [pid 5645] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5645] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5645] chdir("./file0") = 0 [pid 5645] ioctl(4, LOOP_CLR_FD) = 0 [pid 5645] close(4) = 0 [pid 5645] exit_group(0) = ? [pid 5645] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5645, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./617", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./617", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./617/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./617/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./617/binderfs") = 0 umount2("./617/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./617/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./617/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./617/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./617/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./617/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./617") = 0 mkdir("./618", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5646 ./strace-static-x86_64: Process 5646 attached [pid 5646] chdir("./618") = 0 [pid 5646] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5646] setpgid(0, 0) = 0 [pid 5646] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5646] write(3, "1000", 4) = 4 [pid 5646] close(3) = 0 [pid 5646] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5646] memfd_create("syzkaller", 0) = 3 [pid 5646] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 94.607443][ T5645] loop0: detected capacity change from 0 to 4096 [ 94.615349][ T5645] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5646] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5646] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5646] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5646] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5646] close(3) = 0 [pid 5646] mkdir("./file0", 0777) = 0 [pid 5646] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5646] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5646] chdir("./file0") = 0 [pid 5646] ioctl(4, LOOP_CLR_FD) = 0 [pid 5646] close(4) = 0 [pid 5646] exit_group(0) = ? [pid 5646] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5646, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./618", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./618", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./618/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./618/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./618/binderfs") = 0 umount2("./618/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./618/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./618/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./618/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./618/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./618/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./618") = 0 mkdir("./619", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5647 ./strace-static-x86_64: Process 5647 attached [pid 5647] chdir("./619") = 0 [pid 5647] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5647] setpgid(0, 0) = 0 [pid 5647] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5647] write(3, "1000", 4) = 4 [pid 5647] close(3) = 0 [pid 5647] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5647] memfd_create("syzkaller", 0) = 3 [pid 5647] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 94.684341][ T5646] loop0: detected capacity change from 0 to 4096 [ 94.692589][ T5646] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5647] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5647] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5647] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5647] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5647] close(3) = 0 [pid 5647] mkdir("./file0", 0777) = 0 [pid 5647] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5647] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5647] chdir("./file0") = 0 [pid 5647] ioctl(4, LOOP_CLR_FD) = 0 [pid 5647] close(4) = 0 [pid 5647] exit_group(0) = ? [pid 5647] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5647, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./619", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./619", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./619/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./619/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./619/binderfs") = 0 umount2("./619/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./619/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./619/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./619/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./619/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./619/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./619") = 0 mkdir("./620", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5648 ./strace-static-x86_64: Process 5648 attached [pid 5648] chdir("./620") = 0 [pid 5648] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5648] setpgid(0, 0) = 0 [pid 5648] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5648] write(3, "1000", 4) = 4 [pid 5648] close(3) = 0 [pid 5648] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5648] memfd_create("syzkaller", 0) = 3 [pid 5648] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 94.766445][ T5647] loop0: detected capacity change from 0 to 4096 [ 94.774354][ T5647] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5648] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5648] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5648] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5648] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5648] close(3) = 0 [pid 5648] mkdir("./file0", 0777) = 0 [pid 5648] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5648] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5648] chdir("./file0") = 0 [pid 5648] ioctl(4, LOOP_CLR_FD) = 0 [pid 5648] close(4) = 0 [pid 5648] exit_group(0) = ? [pid 5648] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5648, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./620", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./620", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./620/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./620/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./620/binderfs") = 0 umount2("./620/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./620/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./620/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./620/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./620/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./620/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./620") = 0 mkdir("./621", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5649 ./strace-static-x86_64: Process 5649 attached [pid 5649] chdir("./621") = 0 [pid 5649] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5649] setpgid(0, 0) = 0 [pid 5649] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5649] write(3, "1000", 4) = 4 [pid 5649] close(3) = 0 [pid 5649] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5649] memfd_create("syzkaller", 0) = 3 [pid 5649] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 94.840155][ T5648] loop0: detected capacity change from 0 to 4096 [ 94.848797][ T5648] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5649] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5649] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5649] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5649] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5649] close(3) = 0 [pid 5649] mkdir("./file0", 0777) = 0 [pid 5649] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5649] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5649] chdir("./file0") = 0 [pid 5649] ioctl(4, LOOP_CLR_FD) = 0 [pid 5649] close(4) = 0 [pid 5649] exit_group(0) = ? [pid 5649] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5649, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./621", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./621", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./621/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./621/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./621/binderfs") = 0 umount2("./621/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./621/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./621/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./621/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./621/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./621/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./621") = 0 mkdir("./622", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5650 ./strace-static-x86_64: Process 5650 attached [pid 5650] chdir("./622") = 0 [pid 5650] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5650] setpgid(0, 0) = 0 [pid 5650] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5650] write(3, "1000", 4) = 4 [pid 5650] close(3) = 0 [pid 5650] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5650] memfd_create("syzkaller", 0) = 3 [pid 5650] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 94.918349][ T5649] loop0: detected capacity change from 0 to 4096 [ 94.927766][ T5649] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5650] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5650] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5650] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5650] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5650] close(3) = 0 [pid 5650] mkdir("./file0", 0777) = 0 [pid 5650] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5650] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5650] chdir("./file0") = 0 [pid 5650] ioctl(4, LOOP_CLR_FD) = 0 [pid 5650] close(4) = 0 [pid 5650] exit_group(0) = ? [pid 5650] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5650, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./622", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./622", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./622/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./622/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./622/binderfs") = 0 umount2("./622/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./622/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./622/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./622/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./622/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./622/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./622") = 0 mkdir("./623", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 94.994677][ T5650] loop0: detected capacity change from 0 to 4096 [ 95.003585][ T5650] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5651 attached , child_tidptr=0x5555568435d0) = 5651 [pid 5651] chdir("./623") = 0 [pid 5651] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5651] setpgid(0, 0) = 0 [pid 5651] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5651] write(3, "1000", 4) = 4 [pid 5651] close(3) = 0 [pid 5651] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5651] memfd_create("syzkaller", 0) = 3 [pid 5651] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5651] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5651] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5651] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5651] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5651] close(3) = 0 [pid 5651] mkdir("./file0", 0777) = 0 [pid 5651] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5651] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5651] chdir("./file0") = 0 [pid 5651] ioctl(4, LOOP_CLR_FD) = 0 [pid 5651] close(4) = 0 [pid 5651] exit_group(0) = ? [pid 5651] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5651, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./623", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./623", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./623/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./623/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./623/binderfs") = 0 umount2("./623/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./623/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./623/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./623/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./623/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./623/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./623") = 0 mkdir("./624", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5652 ./strace-static-x86_64: Process 5652 attached [pid 5652] chdir("./624") = 0 [pid 5652] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5652] setpgid(0, 0) = 0 [ 95.080805][ T5651] loop0: detected capacity change from 0 to 4096 [ 95.089050][ T5651] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5652] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5652] write(3, "1000", 4) = 4 [pid 5652] close(3) = 0 [pid 5652] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5652] memfd_create("syzkaller", 0) = 3 [pid 5652] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5652] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5652] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5652] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5652] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5652] close(3) = 0 [pid 5652] mkdir("./file0", 0777) = 0 [pid 5652] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5652] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5652] chdir("./file0") = 0 [pid 5652] ioctl(4, LOOP_CLR_FD) = 0 [pid 5652] close(4) = 0 [pid 5652] exit_group(0) = ? [pid 5652] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5652, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./624", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./624", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./624/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./624/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./624/binderfs") = 0 umount2("./624/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./624/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./624/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./624/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./624/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./624/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./624") = 0 mkdir("./625", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5653 ./strace-static-x86_64: Process 5653 attached [pid 5653] chdir("./625") = 0 [pid 5653] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5653] setpgid(0, 0) = 0 [pid 5653] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5653] write(3, "1000", 4) = 4 [pid 5653] close(3) = 0 [pid 5653] symlink("/dev/binderfs", "./binderfs") = 0 [ 95.165319][ T5652] loop0: detected capacity change from 0 to 4096 [ 95.173748][ T5652] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5653] memfd_create("syzkaller", 0) = 3 [pid 5653] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5653] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5653] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5653] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5653] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5653] close(3) = 0 [pid 5653] mkdir("./file0", 0777) = 0 [pid 5653] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5653] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5653] chdir("./file0") = 0 [pid 5653] ioctl(4, LOOP_CLR_FD) = 0 [pid 5653] close(4) = 0 [pid 5653] exit_group(0) = ? [pid 5653] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5653, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./625", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./625", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./625/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./625/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./625/binderfs") = 0 umount2("./625/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./625/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./625/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./625/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./625/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./625/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./625") = 0 mkdir("./626", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5654 ./strace-static-x86_64: Process 5654 attached [pid 5654] chdir("./626") = 0 [pid 5654] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5654] setpgid(0, 0) = 0 [pid 5654] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5654] write(3, "1000", 4) = 4 [pid 5654] close(3) = 0 [pid 5654] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5654] memfd_create("syzkaller", 0) = 3 [pid 5654] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 95.246421][ T5653] loop0: detected capacity change from 0 to 4096 [ 95.254579][ T5653] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5654] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5654] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5654] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5654] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5654] close(3) = 0 [pid 5654] mkdir("./file0", 0777) = 0 [pid 5654] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5654] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5654] chdir("./file0") = 0 [pid 5654] ioctl(4, LOOP_CLR_FD) = 0 [pid 5654] close(4) = 0 [pid 5654] exit_group(0) = ? [pid 5654] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5654, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./626", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./626", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./626/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./626/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./626/binderfs") = 0 umount2("./626/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./626/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./626/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./626/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./626/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./626/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./626") = 0 mkdir("./627", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 95.322814][ T5654] loop0: detected capacity change from 0 to 4096 [ 95.332131][ T5654] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5655 ./strace-static-x86_64: Process 5655 attached [pid 5655] chdir("./627") = 0 [pid 5655] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5655] setpgid(0, 0) = 0 [pid 5655] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5655] write(3, "1000", 4) = 4 [pid 5655] close(3) = 0 [pid 5655] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5655] memfd_create("syzkaller", 0) = 3 [pid 5655] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5655] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5655] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5655] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5655] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5655] close(3) = 0 [pid 5655] mkdir("./file0", 0777) = 0 [pid 5655] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5655] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5655] chdir("./file0") = 0 [pid 5655] ioctl(4, LOOP_CLR_FD) = 0 [pid 5655] close(4) = 0 [pid 5655] exit_group(0) = ? [pid 5655] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5655, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./627", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./627", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./627/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./627/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./627/binderfs") = 0 umount2("./627/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./627/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./627/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./627/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./627/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./627/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./627") = 0 mkdir("./628", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5656 ./strace-static-x86_64: Process 5656 attached [pid 5656] chdir("./628") = 0 [pid 5656] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5656] setpgid(0, 0) = 0 [ 95.414235][ T5655] loop0: detected capacity change from 0 to 4096 [ 95.422793][ T5655] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5656] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5656] write(3, "1000", 4) = 4 [pid 5656] close(3) = 0 [pid 5656] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5656] memfd_create("syzkaller", 0) = 3 [pid 5656] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5656] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5656] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5656] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5656] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5656] close(3) = 0 [pid 5656] mkdir("./file0", 0777) = 0 [pid 5656] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5656] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5656] chdir("./file0") = 0 [pid 5656] ioctl(4, LOOP_CLR_FD) = 0 [pid 5656] close(4) = 0 [pid 5656] exit_group(0) = ? [pid 5656] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5656, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./628", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./628", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./628/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./628/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./628/binderfs") = 0 umount2("./628/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./628/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./628/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./628/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./628/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./628/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./628") = 0 mkdir("./629", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5657 attached , child_tidptr=0x5555568435d0) = 5657 [pid 5657] chdir("./629") = 0 [pid 5657] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5657] setpgid(0, 0) = 0 [pid 5657] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5657] write(3, "1000", 4) = 4 [pid 5657] close(3) = 0 [pid 5657] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5657] memfd_create("syzkaller", 0) = 3 [pid 5657] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 95.499612][ T5656] loop0: detected capacity change from 0 to 4096 [ 95.508130][ T5656] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5657] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5657] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5657] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5657] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5657] close(3) = 0 [pid 5657] mkdir("./file0", 0777) = 0 [pid 5657] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5657] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5657] chdir("./file0") = 0 [pid 5657] ioctl(4, LOOP_CLR_FD) = 0 [pid 5657] close(4) = 0 [pid 5657] exit_group(0) = ? [pid 5657] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5657, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./629", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./629", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./629/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./629/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./629/binderfs") = 0 umount2("./629/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./629/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./629/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./629/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./629/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./629/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./629") = 0 mkdir("./630", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5658 ./strace-static-x86_64: Process 5658 attached [pid 5658] chdir("./630") = 0 [pid 5658] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5658] setpgid(0, 0) = 0 [pid 5658] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5658] write(3, "1000", 4) = 4 [pid 5658] close(3) = 0 [pid 5658] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5658] memfd_create("syzkaller", 0) = 3 [pid 5658] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 95.580980][ T5657] loop0: detected capacity change from 0 to 4096 [ 95.589118][ T5657] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5658] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5658] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5658] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5658] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5658] close(3) = 0 [pid 5658] mkdir("./file0", 0777) = 0 [pid 5658] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5658] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5658] chdir("./file0") = 0 [pid 5658] ioctl(4, LOOP_CLR_FD) = 0 [pid 5658] close(4) = 0 [pid 5658] exit_group(0) = ? [pid 5658] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5658, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./630", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./630", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./630/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./630/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./630/binderfs") = 0 umount2("./630/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./630/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./630/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./630/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./630/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./630/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./630") = 0 mkdir("./631", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5659 ./strace-static-x86_64: Process 5659 attached [pid 5659] chdir("./631") = 0 [pid 5659] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5659] setpgid(0, 0) = 0 [pid 5659] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5659] write(3, "1000", 4) = 4 [pid 5659] close(3) = 0 [pid 5659] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5659] memfd_create("syzkaller", 0) = 3 [ 95.654830][ T5658] loop0: detected capacity change from 0 to 4096 [ 95.664561][ T5658] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5659] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5659] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5659] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5659] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5659] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5659] close(3) = 0 [pid 5659] mkdir("./file0", 0777) = 0 [pid 5659] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5659] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5659] chdir("./file0") = 0 [pid 5659] ioctl(4, LOOP_CLR_FD) = 0 [pid 5659] close(4) = 0 [pid 5659] exit_group(0) = ? [pid 5659] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5659, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./631", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./631", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./631/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./631/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./631/binderfs") = 0 umount2("./631/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./631/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./631/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./631/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./631/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./631/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./631") = 0 mkdir("./632", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5660 ./strace-static-x86_64: Process 5660 attached [pid 5660] chdir("./632") = 0 [pid 5660] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5660] setpgid(0, 0) = 0 [pid 5660] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5660] write(3, "1000", 4) = 4 [pid 5660] close(3) = 0 [pid 5660] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5660] memfd_create("syzkaller", 0) = 3 [pid 5660] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 95.733734][ T5659] loop0: detected capacity change from 0 to 4096 [ 95.742626][ T5659] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5660] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5660] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5660] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5660] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5660] close(3) = 0 [pid 5660] mkdir("./file0", 0777) = 0 [pid 5660] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5660] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5660] chdir("./file0") = 0 [pid 5660] ioctl(4, LOOP_CLR_FD) = 0 [pid 5660] close(4) = 0 [pid 5660] exit_group(0) = ? [pid 5660] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5660, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./632", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./632", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./632/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./632/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./632/binderfs") = 0 umount2("./632/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./632/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./632/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./632/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./632/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./632/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./632") = 0 mkdir("./633", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 95.814116][ T5660] loop0: detected capacity change from 0 to 4096 [ 95.822679][ T5660] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5661 ./strace-static-x86_64: Process 5661 attached [pid 5661] chdir("./633") = 0 [pid 5661] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5661] setpgid(0, 0) = 0 [pid 5661] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5661] write(3, "1000", 4) = 4 [pid 5661] close(3) = 0 [pid 5661] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5661] memfd_create("syzkaller", 0) = 3 [pid 5661] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5661] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5661] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5661] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5661] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5661] close(3) = 0 [pid 5661] mkdir("./file0", 0777) = 0 [pid 5661] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5661] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5661] chdir("./file0") = 0 [pid 5661] ioctl(4, LOOP_CLR_FD) = 0 [pid 5661] close(4) = 0 [pid 5661] exit_group(0) = ? [pid 5661] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5661, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- umount2("./633", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./633", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./633/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./633/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./633/binderfs") = 0 umount2("./633/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./633/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./633/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./633/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./633/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./633/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./633") = 0 mkdir("./634", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5662 ./strace-static-x86_64: Process 5662 attached [pid 5662] chdir("./634") = 0 [pid 5662] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5662] setpgid(0, 0) = 0 [pid 5662] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5662] write(3, "1000", 4) = 4 [pid 5662] close(3) = 0 [pid 5662] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5662] memfd_create("syzkaller", 0) = 3 [ 95.902881][ T5661] loop0: detected capacity change from 0 to 4096 [ 95.911161][ T5661] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5662] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5662] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5662] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5662] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5662] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5662] close(3) = 0 [pid 5662] mkdir("./file0", 0777) = 0 [pid 5662] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5662] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5662] chdir("./file0") = 0 [pid 5662] ioctl(4, LOOP_CLR_FD) = 0 [pid 5662] close(4) = 0 [pid 5662] exit_group(0) = ? [pid 5662] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5662, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./634", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./634", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./634/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./634/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./634/binderfs") = 0 umount2("./634/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./634/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./634/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./634/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./634/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./634/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./634") = 0 mkdir("./635", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5663 ./strace-static-x86_64: Process 5663 attached [pid 5663] chdir("./635") = 0 [pid 5663] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 95.981929][ T5662] loop0: detected capacity change from 0 to 4096 [ 95.990574][ T5662] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5663] setpgid(0, 0) = 0 [pid 5663] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5663] write(3, "1000", 4) = 4 [pid 5663] close(3) = 0 [pid 5663] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5663] memfd_create("syzkaller", 0) = 3 [pid 5663] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5663] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5663] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5663] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5663] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5663] close(3) = 0 [pid 5663] mkdir("./file0", 0777) = 0 [pid 5663] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5663] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5663] chdir("./file0") = 0 [pid 5663] ioctl(4, LOOP_CLR_FD) = 0 [pid 5663] close(4) = 0 [pid 5663] exit_group(0) = ? [pid 5663] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5663, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./635", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./635", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./635/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./635/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./635/binderfs") = 0 umount2("./635/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./635/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./635/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./635/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./635/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./635/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./635") = 0 mkdir("./636", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 96.070019][ T5663] loop0: detected capacity change from 0 to 4096 [ 96.078509][ T5663] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5664 attached [pid 5664] chdir("./636") = 0 [pid 5664] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5664] setpgid(0, 0) = 0 [pid 5664] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5664] write(3, "1000", 4) = 4 [pid 5664] close(3) = 0 [pid 5664] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5664 [pid 5664] memfd_create("syzkaller", 0) = 3 [pid 5664] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5664] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5664] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5664] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5664] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5664] close(3) = 0 [pid 5664] mkdir("./file0", 0777) = 0 [pid 5664] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5664] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5664] chdir("./file0") = 0 [pid 5664] ioctl(4, LOOP_CLR_FD) = 0 [pid 5664] close(4) = 0 [pid 5664] exit_group(0) = ? [pid 5664] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5664, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./636", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./636", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./636/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./636/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./636/binderfs") = 0 umount2("./636/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./636/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./636/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./636/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./636/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./636/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./636") = 0 mkdir("./637", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 96.159224][ T5664] loop0: detected capacity change from 0 to 4096 [ 96.167601][ T5664] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5665 attached [pid 5665] chdir("./637") = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5665 [pid 5665] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5665] setpgid(0, 0) = 0 [pid 5665] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5665] write(3, "1000", 4) = 4 [pid 5665] close(3) = 0 [pid 5665] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5665] memfd_create("syzkaller", 0) = 3 [pid 5665] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5665] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5665] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5665] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5665] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5665] close(3) = 0 [pid 5665] mkdir("./file0", 0777) = 0 [pid 5665] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5665] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5665] chdir("./file0") = 0 [pid 5665] ioctl(4, LOOP_CLR_FD) = 0 [pid 5665] close(4) = 0 [pid 5665] exit_group(0) = ? [pid 5665] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5665, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./637", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./637", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./637/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./637/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./637/binderfs") = 0 umount2("./637/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./637/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./637/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./637/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./637/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./637/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./637") = 0 mkdir("./638", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5666 ./strace-static-x86_64: Process 5666 attached [pid 5666] chdir("./638") = 0 [pid 5666] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5666] setpgid(0, 0) = 0 [pid 5666] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5666] write(3, "1000", 4) = 4 [pid 5666] close(3) = 0 [pid 5666] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5666] memfd_create("syzkaller", 0) = 3 [pid 5666] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 96.248222][ T5665] loop0: detected capacity change from 0 to 4096 [ 96.256338][ T5665] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5666] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5666] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5666] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5666] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5666] close(3) = 0 [pid 5666] mkdir("./file0", 0777) = 0 [pid 5666] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5666] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5666] chdir("./file0") = 0 [pid 5666] ioctl(4, LOOP_CLR_FD) = 0 [pid 5666] close(4) = 0 [pid 5666] exit_group(0) = ? [pid 5666] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5666, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./638", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./638", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./638/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./638/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./638/binderfs") = 0 umount2("./638/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./638/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./638/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./638/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./638/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./638/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./638") = 0 mkdir("./639", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5667 ./strace-static-x86_64: Process 5667 attached [pid 5667] chdir("./639") = 0 [pid 5667] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5667] setpgid(0, 0) = 0 [pid 5667] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5667] write(3, "1000", 4) = 4 [pid 5667] close(3) = 0 [ 96.330341][ T5666] loop0: detected capacity change from 0 to 4096 [ 96.339469][ T5666] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5667] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5667] memfd_create("syzkaller", 0) = 3 [pid 5667] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5667] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5667] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5667] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5667] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5667] close(3) = 0 [pid 5667] mkdir("./file0", 0777) = 0 [pid 5667] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5667] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5667] chdir("./file0") = 0 [pid 5667] ioctl(4, LOOP_CLR_FD) = 0 [pid 5667] close(4) = 0 [pid 5667] exit_group(0) = ? [pid 5667] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5667, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./639", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./639", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./639/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./639/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./639/binderfs") = 0 umount2("./639/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./639/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./639/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./639/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./639/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./639/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./639") = 0 mkdir("./640", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5668 ./strace-static-x86_64: Process 5668 attached [pid 5668] chdir("./640") = 0 [pid 5668] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5668] setpgid(0, 0) = 0 [pid 5668] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5668] write(3, "1000", 4) = 4 [pid 5668] close(3) = 0 [pid 5668] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5668] memfd_create("syzkaller", 0) = 3 [pid 5668] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 96.410832][ T5667] loop0: detected capacity change from 0 to 4096 [ 96.419697][ T5667] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5668] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5668] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5668] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5668] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5668] close(3) = 0 [pid 5668] mkdir("./file0", 0777) = 0 [pid 5668] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5668] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5668] chdir("./file0") = 0 [pid 5668] ioctl(4, LOOP_CLR_FD) = 0 [pid 5668] close(4) = 0 [pid 5668] exit_group(0) = ? [pid 5668] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5668, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./640", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./640", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./640/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./640/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./640/binderfs") = 0 umount2("./640/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./640/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./640/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./640/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./640/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./640/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./640") = 0 mkdir("./641", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 96.485247][ T5668] loop0: detected capacity change from 0 to 4096 [ 96.493577][ T5668] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5669 attached , child_tidptr=0x5555568435d0) = 5669 [pid 5669] chdir("./641") = 0 [pid 5669] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5669] setpgid(0, 0) = 0 [pid 5669] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5669] write(3, "1000", 4) = 4 [pid 5669] close(3) = 0 [pid 5669] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5669] memfd_create("syzkaller", 0) = 3 [pid 5669] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5669] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5669] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5669] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5669] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5669] close(3) = 0 [pid 5669] mkdir("./file0", 0777) = 0 [pid 5669] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5669] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5669] chdir("./file0") = 0 [pid 5669] ioctl(4, LOOP_CLR_FD) = 0 [pid 5669] close(4) = 0 [pid 5669] exit_group(0) = ? [pid 5669] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5669, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./641", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./641", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./641/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./641/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./641/binderfs") = 0 umount2("./641/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./641/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./641/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./641/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./641/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./641/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./641") = 0 mkdir("./642", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5670 ./strace-static-x86_64: Process 5670 attached [pid 5670] chdir("./642") = 0 [pid 5670] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5670] setpgid(0, 0) = 0 [pid 5670] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 96.569725][ T5669] loop0: detected capacity change from 0 to 4096 [ 96.577803][ T5669] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5670] write(3, "1000", 4) = 4 [pid 5670] close(3) = 0 [pid 5670] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5670] memfd_create("syzkaller", 0) = 3 [pid 5670] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5670] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5670] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5670] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5670] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5670] close(3) = 0 [pid 5670] mkdir("./file0", 0777) = 0 [pid 5670] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5670] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5670] chdir("./file0") = 0 [pid 5670] ioctl(4, LOOP_CLR_FD) = 0 [pid 5670] close(4) = 0 [pid 5670] exit_group(0) = ? [pid 5670] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5670, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./642", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./642", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./642/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./642/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./642/binderfs") = 0 umount2("./642/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./642/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./642/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./642/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./642/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./642/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./642") = 0 mkdir("./643", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5671 ./strace-static-x86_64: Process 5671 attached [pid 5671] chdir("./643") = 0 [pid 5671] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5671] setpgid(0, 0) = 0 [pid 5671] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5671] write(3, "1000", 4) = 4 [pid 5671] close(3) = 0 [pid 5671] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5671] memfd_create("syzkaller", 0) = 3 [pid 5671] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 96.653846][ T5670] loop0: detected capacity change from 0 to 4096 [ 96.662140][ T5670] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5671] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5671] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5671] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5671] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5671] close(3) = 0 [pid 5671] mkdir("./file0", 0777) = 0 [pid 5671] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5671] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5671] chdir("./file0") = 0 [pid 5671] ioctl(4, LOOP_CLR_FD) = 0 [pid 5671] close(4) = 0 [pid 5671] exit_group(0) = ? [pid 5671] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5671, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./643", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./643", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./643/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./643/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./643/binderfs") = 0 umount2("./643/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./643/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./643/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./643/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./643/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./643/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./643") = 0 mkdir("./644", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5672 attached , child_tidptr=0x5555568435d0) = 5672 [pid 5672] chdir("./644") = 0 [ 96.734943][ T5671] loop0: detected capacity change from 0 to 4096 [ 96.743207][ T5671] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5672] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5672] setpgid(0, 0) = 0 [pid 5672] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5672] write(3, "1000", 4) = 4 [pid 5672] close(3) = 0 [pid 5672] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5672] memfd_create("syzkaller", 0) = 3 [pid 5672] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5672] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5672] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5672] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5672] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5672] close(3) = 0 [pid 5672] mkdir("./file0", 0777) = 0 [pid 5672] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5672] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5672] chdir("./file0") = 0 [pid 5672] ioctl(4, LOOP_CLR_FD) = 0 [pid 5672] close(4) = 0 [pid 5672] exit_group(0) = ? [pid 5672] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5672, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./644", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./644", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./644/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./644/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./644/binderfs") = 0 umount2("./644/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./644/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./644/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./644/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./644/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./644/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./644") = 0 mkdir("./645", 0777) = 0 [ 96.819568][ T5672] loop0: detected capacity change from 0 to 4096 [ 96.828182][ T5672] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5673 attached [pid 5673] chdir("./645" [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5673 [pid 5673] <... chdir resumed>) = 0 [pid 5673] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5673] setpgid(0, 0) = 0 [pid 5673] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5673] write(3, "1000", 4) = 4 [pid 5673] close(3) = 0 [pid 5673] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5673] memfd_create("syzkaller", 0) = 3 [pid 5673] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5673] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5673] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5673] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5673] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5673] close(3) = 0 [pid 5673] mkdir("./file0", 0777) = 0 [pid 5673] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5673] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5673] chdir("./file0") = 0 [pid 5673] ioctl(4, LOOP_CLR_FD) = 0 [pid 5673] close(4) = 0 [pid 5673] exit_group(0) = ? [pid 5673] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5673, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./645", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./645", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./645/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./645/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./645/binderfs") = 0 umount2("./645/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./645/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./645/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./645/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./645/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./645/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./645") = 0 mkdir("./646", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5674 ./strace-static-x86_64: Process 5674 attached [pid 5674] chdir("./646") = 0 [pid 5674] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5674] setpgid(0, 0) = 0 [pid 5674] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5674] write(3, "1000", 4) = 4 [pid 5674] close(3) = 0 [pid 5674] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5674] memfd_create("syzkaller", 0) = 3 [pid 5674] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 96.910050][ T5673] loop0: detected capacity change from 0 to 4096 [ 96.918371][ T5673] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5674] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5674] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5674] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5674] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5674] close(3) = 0 [pid 5674] mkdir("./file0", 0777) = 0 [pid 5674] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5674] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5674] chdir("./file0") = 0 [pid 5674] ioctl(4, LOOP_CLR_FD) = 0 [pid 5674] close(4) = 0 [pid 5674] exit_group(0) = ? [pid 5674] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5674, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./646", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./646", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./646/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./646/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./646/binderfs") = 0 umount2("./646/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./646/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./646/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./646/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./646/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./646/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./646") = 0 mkdir("./647", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5675 ./strace-static-x86_64: Process 5675 attached [pid 5675] chdir("./647") = 0 [pid 5675] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5675] setpgid(0, 0) = 0 [pid 5675] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5675] write(3, "1000", 4) = 4 [pid 5675] close(3) = 0 [pid 5675] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5675] memfd_create("syzkaller", 0) = 3 [pid 5675] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 96.994421][ T5674] loop0: detected capacity change from 0 to 4096 [ 97.002941][ T5674] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5675] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5675] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5675] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5675] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5675] close(3) = 0 [pid 5675] mkdir("./file0", 0777) = 0 [pid 5675] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5675] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5675] chdir("./file0") = 0 [pid 5675] ioctl(4, LOOP_CLR_FD) = 0 [pid 5675] close(4) = 0 [pid 5675] exit_group(0) = ? [pid 5675] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5675, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./647", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./647", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./647/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./647/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./647/binderfs") = 0 umount2("./647/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./647/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./647/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./647/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./647/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./647/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./647") = 0 mkdir("./648", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5676 ./strace-static-x86_64: Process 5676 attached [pid 5676] chdir("./648") = 0 [pid 5676] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5676] setpgid(0, 0) = 0 [pid 5676] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5676] write(3, "1000", 4) = 4 [pid 5676] close(3) = 0 [pid 5676] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5676] memfd_create("syzkaller", 0) = 3 [pid 5676] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 97.068296][ T5675] loop0: detected capacity change from 0 to 4096 [ 97.077040][ T5675] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5676] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5676] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5676] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5676] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5676] close(3) = 0 [pid 5676] mkdir("./file0", 0777) = 0 [pid 5676] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5676] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5676] chdir("./file0") = 0 [pid 5676] ioctl(4, LOOP_CLR_FD) = 0 [pid 5676] close(4) = 0 [pid 5676] exit_group(0) = ? [pid 5676] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5676, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./648", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./648", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./648/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./648/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./648/binderfs") = 0 umount2("./648/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./648/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./648/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./648/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./648/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./648/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./648") = 0 mkdir("./649", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 97.145043][ T5676] loop0: detected capacity change from 0 to 4096 [ 97.153688][ T5676] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5677 attached , child_tidptr=0x5555568435d0) = 5677 [pid 5677] chdir("./649") = 0 [pid 5677] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5677] setpgid(0, 0) = 0 [pid 5677] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5677] write(3, "1000", 4) = 4 [pid 5677] close(3) = 0 [pid 5677] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5677] memfd_create("syzkaller", 0) = 3 [pid 5677] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5677] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5677] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5677] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5677] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5677] close(3) = 0 [pid 5677] mkdir("./file0", 0777) = 0 [pid 5677] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5677] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5677] chdir("./file0") = 0 [pid 5677] ioctl(4, LOOP_CLR_FD) = 0 [pid 5677] close(4) = 0 [pid 5677] exit_group(0) = ? [pid 5677] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5677, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./649", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./649", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./649/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./649/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./649/binderfs") = 0 umount2("./649/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./649/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./649/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./649/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./649/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./649/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./649") = 0 mkdir("./650", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 97.233704][ T5677] loop0: detected capacity change from 0 to 4096 [ 97.241867][ T5677] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5678 attached , child_tidptr=0x5555568435d0) = 5678 [pid 5678] chdir("./650") = 0 [pid 5678] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5678] setpgid(0, 0) = 0 [pid 5678] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5678] write(3, "1000", 4) = 4 [pid 5678] close(3) = 0 [pid 5678] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5678] memfd_create("syzkaller", 0) = 3 [pid 5678] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5678] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5678] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5678] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5678] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5678] close(3) = 0 [pid 5678] mkdir("./file0", 0777) = 0 [pid 5678] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5678] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5678] chdir("./file0") = 0 [pid 5678] ioctl(4, LOOP_CLR_FD) = 0 [pid 5678] close(4) = 0 [pid 5678] exit_group(0) = ? [pid 5678] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5678, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./650", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./650", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./650/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./650/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./650/binderfs") = 0 umount2("./650/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./650/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./650/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./650/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./650/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./650/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./650") = 0 mkdir("./651", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5679 ./strace-static-x86_64: Process 5679 attached [pid 5679] chdir("./651") = 0 [pid 5679] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5679] setpgid(0, 0) = 0 [pid 5679] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5679] write(3, "1000", 4) = 4 [pid 5679] close(3) = 0 [pid 5679] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5679] memfd_create("syzkaller", 0) = 3 [pid 5679] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 97.323327][ T5678] loop0: detected capacity change from 0 to 4096 [ 97.331736][ T5678] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5679] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5679] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5679] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5679] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5679] close(3) = 0 [pid 5679] mkdir("./file0", 0777) = 0 [pid 5679] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5679] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5679] chdir("./file0") = 0 [pid 5679] ioctl(4, LOOP_CLR_FD) = 0 [pid 5679] close(4) = 0 [pid 5679] exit_group(0) = ? [pid 5679] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5679, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./651", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./651", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./651/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./651/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./651/binderfs") = 0 umount2("./651/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./651/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./651/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./651/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./651/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./651/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./651") = 0 mkdir("./652", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 97.395479][ T5679] loop0: detected capacity change from 0 to 4096 [ 97.403988][ T5679] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5680 attached [pid 5680] chdir("./652") = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5680 [pid 5680] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5680] setpgid(0, 0) = 0 [pid 5680] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5680] write(3, "1000", 4) = 4 [pid 5680] close(3) = 0 [pid 5680] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5680] memfd_create("syzkaller", 0) = 3 [pid 5680] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5680] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5680] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5680] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5680] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5680] close(3) = 0 [pid 5680] mkdir("./file0", 0777) = 0 [pid 5680] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5680] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5680] chdir("./file0") = 0 [pid 5680] ioctl(4, LOOP_CLR_FD) = 0 [pid 5680] close(4) = 0 [pid 5680] exit_group(0) = ? [pid 5680] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5680, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./652", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./652", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./652/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./652/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./652/binderfs") = 0 umount2("./652/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./652/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./652/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./652/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./652/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./652/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./652") = 0 mkdir("./653", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 97.483459][ T5680] loop0: detected capacity change from 0 to 4096 [ 97.492091][ T5680] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5681 ./strace-static-x86_64: Process 5681 attached [pid 5681] chdir("./653") = 0 [pid 5681] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5681] setpgid(0, 0) = 0 [pid 5681] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5681] write(3, "1000", 4) = 4 [pid 5681] close(3) = 0 [pid 5681] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5681] memfd_create("syzkaller", 0) = 3 [pid 5681] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5681] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5681] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5681] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5681] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5681] close(3) = 0 [pid 5681] mkdir("./file0", 0777) = 0 [pid 5681] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5681] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5681] chdir("./file0") = 0 [pid 5681] ioctl(4, LOOP_CLR_FD) = 0 [pid 5681] close(4) = 0 [pid 5681] exit_group(0) = ? [pid 5681] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5681, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./653", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./653", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./653/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./653/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./653/binderfs") = 0 umount2("./653/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./653/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./653/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./653/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./653/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./653/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./653") = 0 mkdir("./654", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5682 attached , child_tidptr=0x5555568435d0) = 5682 [pid 5682] chdir("./654") = 0 [pid 5682] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5682] setpgid(0, 0) = 0 [pid 5682] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5682] write(3, "1000", 4) = 4 [pid 5682] close(3) = 0 [pid 5682] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5682] memfd_create("syzkaller", 0) = 3 [pid 5682] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 97.568049][ T5681] loop0: detected capacity change from 0 to 4096 [ 97.576500][ T5681] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5682] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5682] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5682] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5682] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5682] close(3) = 0 [pid 5682] mkdir("./file0", 0777) = 0 [pid 5682] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5682] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5682] chdir("./file0") = 0 [pid 5682] ioctl(4, LOOP_CLR_FD) = 0 [pid 5682] close(4) = 0 [pid 5682] exit_group(0) = ? [pid 5682] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5682, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./654", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./654", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./654/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./654/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./654/binderfs") = 0 umount2("./654/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./654/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./654/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./654/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./654/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./654/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./654") = 0 mkdir("./655", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5683 ./strace-static-x86_64: Process 5683 attached [pid 5683] chdir("./655") = 0 [pid 5683] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5683] setpgid(0, 0) = 0 [pid 5683] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5683] write(3, "1000", 4) = 4 [pid 5683] close(3) = 0 [pid 5683] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5683] memfd_create("syzkaller", 0) = 3 [pid 5683] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 97.648279][ T5682] loop0: detected capacity change from 0 to 4096 [ 97.657690][ T5682] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5683] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5683] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5683] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5683] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5683] close(3) = 0 [pid 5683] mkdir("./file0", 0777) = 0 [pid 5683] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5683] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5683] chdir("./file0") = 0 [pid 5683] ioctl(4, LOOP_CLR_FD) = 0 [pid 5683] close(4) = 0 [pid 5683] exit_group(0) = ? [pid 5683] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5683, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./655", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./655", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./655/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./655/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./655/binderfs") = 0 umount2("./655/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./655/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./655/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./655/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./655/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./655/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./655") = 0 [ 97.724806][ T5683] loop0: detected capacity change from 0 to 4096 [ 97.733399][ T5683] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./656", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5684 attached , child_tidptr=0x5555568435d0) = 5684 [pid 5684] chdir("./656") = 0 [pid 5684] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5684] setpgid(0, 0) = 0 [pid 5684] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5684] write(3, "1000", 4) = 4 [pid 5684] close(3) = 0 [pid 5684] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5684] memfd_create("syzkaller", 0) = 3 [pid 5684] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5684] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5684] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5684] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5684] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5684] close(3) = 0 [pid 5684] mkdir("./file0", 0777) = 0 [pid 5684] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5684] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5684] chdir("./file0") = 0 [pid 5684] ioctl(4, LOOP_CLR_FD) = 0 [pid 5684] close(4) = 0 [pid 5684] exit_group(0) = ? [pid 5684] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5684, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./656", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./656", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./656/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./656/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./656/binderfs") = 0 umount2("./656/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./656/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./656/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./656/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./656/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./656/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./656") = 0 mkdir("./657", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5685 attached , child_tidptr=0x5555568435d0) = 5685 [pid 5685] chdir("./657") = 0 [pid 5685] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5685] setpgid(0, 0) = 0 [pid 5685] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5685] write(3, "1000", 4) = 4 [pid 5685] close(3) = 0 [pid 5685] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5685] memfd_create("syzkaller", 0) = 3 [pid 5685] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 97.817820][ T5684] loop0: detected capacity change from 0 to 4096 [ 97.826074][ T5684] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5685] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5685] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5685] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5685] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5685] close(3) = 0 [pid 5685] mkdir("./file0", 0777) = 0 [pid 5685] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5685] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5685] chdir("./file0") = 0 [pid 5685] ioctl(4, LOOP_CLR_FD) = 0 [pid 5685] close(4) = 0 [pid 5685] exit_group(0) = ? [pid 5685] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5685, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./657", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./657", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./657/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./657/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./657/binderfs") = 0 umount2("./657/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./657/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./657/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./657/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./657/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./657/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./657") = 0 mkdir("./658", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5686 attached , child_tidptr=0x5555568435d0) = 5686 [pid 5686] chdir("./658") = 0 [pid 5686] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5686] setpgid(0, 0) = 0 [pid 5686] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5686] write(3, "1000", 4) = 4 [pid 5686] close(3) = 0 [pid 5686] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5686] memfd_create("syzkaller", 0) = 3 [pid 5686] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 97.897641][ T5685] loop0: detected capacity change from 0 to 4096 [ 97.905957][ T5685] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5686] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5686] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5686] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5686] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5686] close(3) = 0 [pid 5686] mkdir("./file0", 0777) = 0 [pid 5686] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5686] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5686] chdir("./file0") = 0 [pid 5686] ioctl(4, LOOP_CLR_FD) = 0 [pid 5686] close(4) = 0 [pid 5686] exit_group(0) = ? [pid 5686] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5686, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./658", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./658", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./658/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./658/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./658/binderfs") = 0 umount2("./658/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./658/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./658/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./658/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./658/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./658/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./658") = 0 mkdir("./659", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5687 ./strace-static-x86_64: Process 5687 attached [pid 5687] chdir("./659") = 0 [pid 5687] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5687] setpgid(0, 0) = 0 [pid 5687] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5687] write(3, "1000", 4) = 4 [ 97.975232][ T5686] loop0: detected capacity change from 0 to 4096 [ 97.983181][ T5686] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5687] close(3) = 0 [pid 5687] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5687] memfd_create("syzkaller", 0) = 3 [pid 5687] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5687] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5687] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5687] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5687] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5687] close(3) = 0 [pid 5687] mkdir("./file0", 0777) = 0 [pid 5687] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5687] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5687] chdir("./file0") = 0 [pid 5687] ioctl(4, LOOP_CLR_FD) = 0 [pid 5687] close(4) = 0 [pid 5687] exit_group(0) = ? [pid 5687] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5687, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./659", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./659", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./659/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./659/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./659/binderfs") = 0 umount2("./659/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./659/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./659/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./659/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./659/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./659/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./659") = 0 mkdir("./660", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 98.060312][ T5687] loop0: detected capacity change from 0 to 4096 [ 98.068898][ T5687] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5688 attached , child_tidptr=0x5555568435d0) = 5688 [pid 5688] chdir("./660") = 0 [pid 5688] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5688] setpgid(0, 0) = 0 [pid 5688] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5688] write(3, "1000", 4) = 4 [pid 5688] close(3) = 0 [pid 5688] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5688] memfd_create("syzkaller", 0) = 3 [pid 5688] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5688] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5688] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5688] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5688] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5688] close(3) = 0 [pid 5688] mkdir("./file0", 0777) = 0 [pid 5688] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5688] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5688] chdir("./file0") = 0 [pid 5688] ioctl(4, LOOP_CLR_FD) = 0 [pid 5688] close(4) = 0 [pid 5688] exit_group(0) = ? [pid 5688] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5688, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./660", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./660", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./660/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./660/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./660/binderfs") = 0 umount2("./660/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./660/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./660/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./660/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./660/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./660/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./660") = 0 mkdir("./661", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5689 attached , child_tidptr=0x5555568435d0) = 5689 [pid 5689] chdir("./661") = 0 [pid 5689] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5689] setpgid(0, 0) = 0 [pid 5689] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5689] write(3, "1000", 4) = 4 [pid 5689] close(3) = 0 [pid 5689] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5689] memfd_create("syzkaller", 0) = 3 [pid 5689] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 98.149476][ T5688] loop0: detected capacity change from 0 to 4096 [ 98.158138][ T5688] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5689] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5689] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5689] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5689] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5689] close(3) = 0 [pid 5689] mkdir("./file0", 0777) = 0 [pid 5689] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5689] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5689] chdir("./file0") = 0 [pid 5689] ioctl(4, LOOP_CLR_FD) = 0 [pid 5689] close(4) = 0 [pid 5689] exit_group(0) = ? [pid 5689] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5689, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./661", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./661", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./661/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./661/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./661/binderfs") = 0 umount2("./661/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./661/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./661/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./661/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./661/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./661/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./661") = 0 mkdir("./662", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5690 ./strace-static-x86_64: Process 5690 attached [pid 5690] chdir("./662") = 0 [pid 5690] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5690] setpgid(0, 0) = 0 [pid 5690] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 98.228738][ T5689] loop0: detected capacity change from 0 to 4096 [ 98.237168][ T5689] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5690] write(3, "1000", 4) = 4 [pid 5690] close(3) = 0 [pid 5690] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5690] memfd_create("syzkaller", 0) = 3 [pid 5690] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5690] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5690] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5690] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5690] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5690] close(3) = 0 [pid 5690] mkdir("./file0", 0777) = 0 [pid 5690] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5690] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5690] chdir("./file0") = 0 [pid 5690] ioctl(4, LOOP_CLR_FD) = 0 [pid 5690] close(4) = 0 [pid 5690] exit_group(0) = ? [pid 5690] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5690, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./662", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./662", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./662/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./662/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./662/binderfs") = 0 umount2("./662/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./662/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./662/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./662/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./662/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./662/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./662") = 0 mkdir("./663", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5691 ./strace-static-x86_64: Process 5691 attached [pid 5691] chdir("./663") = 0 [pid 5691] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5691] setpgid(0, 0) = 0 [pid 5691] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5691] write(3, "1000", 4) = 4 [pid 5691] close(3) = 0 [ 98.311334][ T5690] loop0: detected capacity change from 0 to 4096 [ 98.319890][ T5690] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5691] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5691] memfd_create("syzkaller", 0) = 3 [pid 5691] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5691] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5691] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5691] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5691] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5691] close(3) = 0 [pid 5691] mkdir("./file0", 0777) = 0 [pid 5691] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5691] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5691] chdir("./file0") = 0 [pid 5691] ioctl(4, LOOP_CLR_FD) = 0 [pid 5691] close(4) = 0 [pid 5691] exit_group(0) = ? [pid 5691] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5691, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./663", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./663", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./663/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./663/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./663/binderfs") = 0 umount2("./663/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./663/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./663/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./663/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./663/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./663/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./663") = 0 mkdir("./664", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 98.392937][ T5691] loop0: detected capacity change from 0 to 4096 [ 98.401482][ T5691] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5692 ./strace-static-x86_64: Process 5692 attached [pid 5692] chdir("./664") = 0 [pid 5692] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5692] setpgid(0, 0) = 0 [pid 5692] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5692] write(3, "1000", 4) = 4 [pid 5692] close(3) = 0 [pid 5692] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5692] memfd_create("syzkaller", 0) = 3 [pid 5692] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5692] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5692] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5692] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5692] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5692] close(3) = 0 [pid 5692] mkdir("./file0", 0777) = 0 [pid 5692] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5692] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5692] chdir("./file0") = 0 [pid 5692] ioctl(4, LOOP_CLR_FD) = 0 [pid 5692] close(4) = 0 [pid 5692] exit_group(0) = ? [pid 5692] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5692, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./664", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./664", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./664/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./664/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./664/binderfs") = 0 umount2("./664/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./664/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./664/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./664/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./664/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./664/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./664") = 0 mkdir("./665", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5693 ./strace-static-x86_64: Process 5693 attached [pid 5693] chdir("./665") = 0 [pid 5693] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5693] setpgid(0, 0) = 0 [pid 5693] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5693] write(3, "1000", 4) = 4 [pid 5693] close(3) = 0 [ 98.481712][ T5692] loop0: detected capacity change from 0 to 4096 [ 98.490365][ T5692] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5693] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5693] memfd_create("syzkaller", 0) = 3 [pid 5693] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5693] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5693] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5693] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5693] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5693] close(3) = 0 [pid 5693] mkdir("./file0", 0777) = 0 [pid 5693] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5693] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5693] chdir("./file0") = 0 [pid 5693] ioctl(4, LOOP_CLR_FD) = 0 [pid 5693] close(4) = 0 [pid 5693] exit_group(0) = ? [pid 5693] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5693, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./665", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./665", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./665/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./665/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./665/binderfs") = 0 umount2("./665/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./665/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./665/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./665/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./665/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./665/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./665") = 0 mkdir("./666", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5694 attached , child_tidptr=0x5555568435d0) = 5694 [pid 5694] chdir("./666") = 0 [pid 5694] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5694] setpgid(0, 0) = 0 [pid 5694] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5694] write(3, "1000", 4) = 4 [pid 5694] close(3) = 0 [pid 5694] symlink("/dev/binderfs", "./binderfs") = 0 [ 98.562069][ T5693] loop0: detected capacity change from 0 to 4096 [ 98.570699][ T5693] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5694] memfd_create("syzkaller", 0) = 3 [pid 5694] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5694] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5694] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5694] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5694] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5694] close(3) = 0 [pid 5694] mkdir("./file0", 0777) = 0 [pid 5694] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5694] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5694] chdir("./file0") = 0 [pid 5694] ioctl(4, LOOP_CLR_FD) = 0 [pid 5694] close(4) = 0 [pid 5694] exit_group(0) = ? [pid 5694] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5694, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./666", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./666", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./666/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./666/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./666/binderfs") = 0 umount2("./666/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./666/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./666/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./666/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./666/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./666/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./666") = 0 mkdir("./667", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 98.650682][ T5694] loop0: detected capacity change from 0 to 4096 [ 98.659052][ T5694] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5695 ./strace-static-x86_64: Process 5695 attached [pid 5695] chdir("./667") = 0 [pid 5695] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5695] setpgid(0, 0) = 0 [pid 5695] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5695] write(3, "1000", 4) = 4 [pid 5695] close(3) = 0 [pid 5695] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5695] memfd_create("syzkaller", 0) = 3 [pid 5695] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5695] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5695] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5695] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5695] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5695] close(3) = 0 [pid 5695] mkdir("./file0", 0777) = 0 [pid 5695] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5695] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5695] chdir("./file0") = 0 [pid 5695] ioctl(4, LOOP_CLR_FD) = 0 [pid 5695] close(4) = 0 [pid 5695] exit_group(0) = ? [pid 5695] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5695, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./667", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./667", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./667/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./667/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./667/binderfs") = 0 umount2("./667/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./667/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./667/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./667/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./667/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./667/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./667") = 0 mkdir("./668", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 98.744192][ T5695] loop0: detected capacity change from 0 to 4096 [ 98.753042][ T5695] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5696 ./strace-static-x86_64: Process 5696 attached [pid 5696] chdir("./668") = 0 [pid 5696] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5696] setpgid(0, 0) = 0 [pid 5696] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5696] write(3, "1000", 4) = 4 [pid 5696] close(3) = 0 [pid 5696] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5696] memfd_create("syzkaller", 0) = 3 [pid 5696] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5696] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5696] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5696] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5696] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5696] close(3) = 0 [pid 5696] mkdir("./file0", 0777) = 0 [pid 5696] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5696] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5696] chdir("./file0") = 0 [pid 5696] ioctl(4, LOOP_CLR_FD) = 0 [pid 5696] close(4) = 0 [pid 5696] exit_group(0) = ? [pid 5696] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5696, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./668", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./668", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./668/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./668/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./668/binderfs") = 0 umount2("./668/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./668/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./668/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./668/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./668/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./668/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./668") = 0 mkdir("./669", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 98.839967][ T5696] loop0: detected capacity change from 0 to 4096 [ 98.848614][ T5696] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5697 ./strace-static-x86_64: Process 5697 attached [pid 5697] chdir("./669") = 0 [pid 5697] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5697] setpgid(0, 0) = 0 [pid 5697] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5697] write(3, "1000", 4) = 4 [pid 5697] close(3) = 0 [pid 5697] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5697] memfd_create("syzkaller", 0) = 3 [pid 5697] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5697] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5697] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5697] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5697] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5697] close(3) = 0 [pid 5697] mkdir("./file0", 0777) = 0 [pid 5697] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5697] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5697] chdir("./file0") = 0 [pid 5697] ioctl(4, LOOP_CLR_FD) = 0 [pid 5697] close(4) = 0 [pid 5697] exit_group(0) = ? [pid 5697] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5697, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./669", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./669", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./669/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./669/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./669/binderfs") = 0 umount2("./669/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./669/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./669/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./669/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./669/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./669/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./669") = 0 mkdir("./670", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5698 ./strace-static-x86_64: Process 5698 attached [pid 5698] chdir("./670") = 0 [pid 5698] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5698] setpgid(0, 0) = 0 [pid 5698] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5698] write(3, "1000", 4) = 4 [pid 5698] close(3) = 0 [pid 5698] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5698] memfd_create("syzkaller", 0) = 3 [pid 5698] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 98.930303][ T5697] loop0: detected capacity change from 0 to 4096 [ 98.939107][ T5697] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5698] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5698] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5698] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5698] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5698] close(3) = 0 [pid 5698] mkdir("./file0", 0777) = 0 [pid 5698] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5698] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5698] chdir("./file0") = 0 [pid 5698] ioctl(4, LOOP_CLR_FD) = 0 [pid 5698] close(4) = 0 [pid 5698] exit_group(0) = ? [pid 5698] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5698, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./670", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./670", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./670/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./670/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./670/binderfs") = 0 umount2("./670/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./670/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./670/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./670/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./670/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./670/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 [ 99.006809][ T5698] loop0: detected capacity change from 0 to 4096 [ 99.015381][ T5698] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). rmdir("./670") = 0 mkdir("./671", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5699 attached [pid 5699] chdir("./671" [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5699 [pid 5699] <... chdir resumed>) = 0 [pid 5699] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5699] setpgid(0, 0) = 0 [pid 5699] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5699] write(3, "1000", 4) = 4 [pid 5699] close(3) = 0 [pid 5699] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5699] memfd_create("syzkaller", 0) = 3 [pid 5699] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5699] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5699] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5699] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5699] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5699] close(3) = 0 [pid 5699] mkdir("./file0", 0777) = 0 [pid 5699] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5699] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5699] chdir("./file0") = 0 [pid 5699] ioctl(4, LOOP_CLR_FD) = 0 [pid 5699] close(4) = 0 [pid 5699] exit_group(0) = ? [pid 5699] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5699, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./671", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./671", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./671/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./671/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./671/binderfs") = 0 umount2("./671/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./671/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./671/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./671/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./671/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./671/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./671") = 0 mkdir("./672", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5700 ./strace-static-x86_64: Process 5700 attached [pid 5700] chdir("./672") = 0 [pid 5700] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5700] setpgid(0, 0) = 0 [pid 5700] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5700] write(3, "1000", 4) = 4 [pid 5700] close(3) = 0 [pid 5700] symlink("/dev/binderfs", "./binderfs") = 0 [ 99.098421][ T5699] loop0: detected capacity change from 0 to 4096 [ 99.106833][ T5699] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5700] memfd_create("syzkaller", 0) = 3 [pid 5700] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5700] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5700] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5700] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5700] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5700] close(3) = 0 [pid 5700] mkdir("./file0", 0777) = 0 [pid 5700] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5700] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5700] chdir("./file0") = 0 [pid 5700] ioctl(4, LOOP_CLR_FD) = 0 [pid 5700] close(4) = 0 [pid 5700] exit_group(0) = ? [pid 5700] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5700, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./672", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./672", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./672/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./672/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./672/binderfs") = 0 umount2("./672/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./672/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./672/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./672/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./672/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./672/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./672") = 0 mkdir("./673", 0777) = 0 [ 99.178909][ T5700] loop0: detected capacity change from 0 to 4096 [ 99.187237][ T5700] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5701 ./strace-static-x86_64: Process 5701 attached [pid 5701] chdir("./673") = 0 [pid 5701] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5701] setpgid(0, 0) = 0 [pid 5701] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5701] write(3, "1000", 4) = 4 [pid 5701] close(3) = 0 [pid 5701] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5701] memfd_create("syzkaller", 0) = 3 [pid 5701] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5701] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5701] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5701] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5701] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5701] close(3) = 0 [pid 5701] mkdir("./file0", 0777) = 0 [pid 5701] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5701] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5701] chdir("./file0") = 0 [pid 5701] ioctl(4, LOOP_CLR_FD) = 0 [pid 5701] close(4) = 0 [pid 5701] exit_group(0) = ? [pid 5701] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5701, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./673", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./673", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./673/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./673/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./673/binderfs") = 0 umount2("./673/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./673/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./673/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./673/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./673/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./673/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 [ 99.269430][ T5701] loop0: detected capacity change from 0 to 4096 [ 99.278210][ T5701] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 rmdir("./673") = 0 mkdir("./674", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5702 ./strace-static-x86_64: Process 5702 attached [pid 5702] chdir("./674") = 0 [pid 5702] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5702] setpgid(0, 0) = 0 [pid 5702] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5702] write(3, "1000", 4) = 4 [pid 5702] close(3) = 0 [pid 5702] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5702] memfd_create("syzkaller", 0) = 3 [pid 5702] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5702] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5702] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5702] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5702] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5702] close(3) = 0 [pid 5702] mkdir("./file0", 0777) = 0 [pid 5702] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5702] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5702] chdir("./file0") = 0 [pid 5702] ioctl(4, LOOP_CLR_FD) = 0 [pid 5702] close(4) = 0 [pid 5702] exit_group(0) = ? [pid 5702] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5702, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./674", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./674", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./674/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./674/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./674/binderfs") = 0 umount2("./674/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./674/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./674/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./674/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./674/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./674/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./674") = 0 mkdir("./675", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5703 ./strace-static-x86_64: Process 5703 attached [pid 5703] chdir("./675") = 0 [pid 5703] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5703] setpgid(0, 0) = 0 [pid 5703] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 99.364609][ T5702] loop0: detected capacity change from 0 to 4096 [ 99.373067][ T5702] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5703] write(3, "1000", 4) = 4 [pid 5703] close(3) = 0 [pid 5703] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5703] memfd_create("syzkaller", 0) = 3 [pid 5703] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5703] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5703] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5703] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5703] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5703] close(3) = 0 [pid 5703] mkdir("./file0", 0777) = 0 [pid 5703] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5703] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5703] chdir("./file0") = 0 [pid 5703] ioctl(4, LOOP_CLR_FD) = 0 [pid 5703] close(4) = 0 [pid 5703] exit_group(0) = ? [pid 5703] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5703, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./675", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./675", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./675/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./675/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./675/binderfs") = 0 umount2("./675/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./675/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./675/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./675/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./675/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./675/file0") = 0 [ 99.451196][ T5703] loop0: detected capacity change from 0 to 4096 [ 99.460574][ T5703] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./675") = 0 mkdir("./676", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5704 attached [pid 5704] chdir("./676") = 0 [pid 5704] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5704] setpgid(0, 0) = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5704 [pid 5704] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5704] write(3, "1000", 4) = 4 [pid 5704] close(3) = 0 [pid 5704] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5704] memfd_create("syzkaller", 0) = 3 [pid 5704] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5704] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5704] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5704] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5704] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5704] close(3) = 0 [pid 5704] mkdir("./file0", 0777) = 0 [pid 5704] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5704] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5704] chdir("./file0") = 0 [pid 5704] ioctl(4, LOOP_CLR_FD) = 0 [pid 5704] close(4) = 0 [pid 5704] exit_group(0) = ? [pid 5704] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5704, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./676", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./676", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./676/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./676/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./676/binderfs") = 0 umount2("./676/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./676/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./676/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./676/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./676/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./676/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./676") = 0 mkdir("./677", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5705 ./strace-static-x86_64: Process 5705 attached [pid 5705] chdir("./677") = 0 [pid 5705] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5705] setpgid(0, 0) = 0 [pid 5705] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5705] write(3, "1000", 4) = 4 [pid 5705] close(3) = 0 [pid 5705] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5705] memfd_create("syzkaller", 0) = 3 [pid 5705] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 99.543893][ T5704] loop0: detected capacity change from 0 to 4096 [ 99.553519][ T5704] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5705] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5705] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5705] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5705] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5705] close(3) = 0 [pid 5705] mkdir("./file0", 0777) = 0 [pid 5705] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5705] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5705] chdir("./file0") = 0 [pid 5705] ioctl(4, LOOP_CLR_FD) = 0 [pid 5705] close(4) = 0 [pid 5705] exit_group(0) = ? [pid 5705] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5705, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./677", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./677", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./677/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./677/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./677/binderfs") = 0 umount2("./677/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./677/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./677/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./677/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./677/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./677/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./677") = 0 mkdir("./678", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5706 ./strace-static-x86_64: Process 5706 attached [ 99.631056][ T5705] loop0: detected capacity change from 0 to 4096 [ 99.639559][ T5705] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5706] chdir("./678") = 0 [pid 5706] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5706] setpgid(0, 0) = 0 [pid 5706] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5706] write(3, "1000", 4) = 4 [pid 5706] close(3) = 0 [pid 5706] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5706] memfd_create("syzkaller", 0) = 3 [pid 5706] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5706] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5706] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5706] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5706] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5706] close(3) = 0 [pid 5706] mkdir("./file0", 0777) = 0 [pid 5706] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5706] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5706] chdir("./file0") = 0 [pid 5706] ioctl(4, LOOP_CLR_FD) = 0 [pid 5706] close(4) = 0 [pid 5706] exit_group(0) = ? [pid 5706] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5706, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./678", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./678", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./678/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./678/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./678/binderfs") = 0 umount2("./678/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./678/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./678/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./678/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./678/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./678/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./678") = 0 [ 99.720417][ T5706] loop0: detected capacity change from 0 to 4096 [ 99.729035][ T5706] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./679", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5707 ./strace-static-x86_64: Process 5707 attached [pid 5707] chdir("./679") = 0 [pid 5707] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5707] setpgid(0, 0) = 0 [pid 5707] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5707] write(3, "1000", 4) = 4 [pid 5707] close(3) = 0 [pid 5707] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5707] memfd_create("syzkaller", 0) = 3 [pid 5707] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5707] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5707] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5707] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5707] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5707] close(3) = 0 [pid 5707] mkdir("./file0", 0777) = 0 [pid 5707] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5707] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5707] chdir("./file0") = 0 [pid 5707] ioctl(4, LOOP_CLR_FD) = 0 [pid 5707] close(4) = 0 [pid 5707] exit_group(0) = ? [pid 5707] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5707, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./679", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./679", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./679/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./679/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./679/binderfs") = 0 umount2("./679/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./679/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./679/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./679/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./679/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./679/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./679") = 0 mkdir("./680", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 99.813409][ T5707] loop0: detected capacity change from 0 to 4096 [ 99.822018][ T5707] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5708 ./strace-static-x86_64: Process 5708 attached [pid 5708] chdir("./680") = 0 [pid 5708] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5708] setpgid(0, 0) = 0 [pid 5708] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5708] write(3, "1000", 4) = 4 [pid 5708] close(3) = 0 [pid 5708] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5708] memfd_create("syzkaller", 0) = 3 [pid 5708] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5708] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5708] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5708] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5708] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5708] close(3) = 0 [pid 5708] mkdir("./file0", 0777) = 0 [pid 5708] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5708] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5708] chdir("./file0") = 0 [pid 5708] ioctl(4, LOOP_CLR_FD) = 0 [pid 5708] close(4) = 0 [pid 5708] exit_group(0) = ? [pid 5708] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5708, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./680", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./680", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./680/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./680/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./680/binderfs") = 0 umount2("./680/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./680/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./680/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./680/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./680/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./680/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./680") = 0 mkdir("./681", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5709 ./strace-static-x86_64: Process 5709 attached [pid 5709] chdir("./681") = 0 [pid 5709] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5709] setpgid(0, 0) = 0 [pid 5709] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5709] write(3, "1000", 4) = 4 [pid 5709] close(3) = 0 [pid 5709] symlink("/dev/binderfs", "./binderfs") = 0 [ 99.898974][ T5708] loop0: detected capacity change from 0 to 4096 [ 99.907509][ T5708] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5709] memfd_create("syzkaller", 0) = 3 [pid 5709] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5709] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5709] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5709] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5709] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5709] close(3) = 0 [pid 5709] mkdir("./file0", 0777) = 0 [pid 5709] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5709] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5709] chdir("./file0") = 0 [pid 5709] ioctl(4, LOOP_CLR_FD) = 0 [pid 5709] close(4) = 0 [pid 5709] exit_group(0) = ? [pid 5709] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5709, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./681", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./681", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./681/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./681/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./681/binderfs") = 0 umount2("./681/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./681/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./681/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./681/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./681/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./681/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./681") = 0 mkdir("./682", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5710 ./strace-static-x86_64: Process 5710 attached [pid 5710] chdir("./682") = 0 [pid 5710] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5710] setpgid(0, 0) = 0 [pid 5710] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5710] write(3, "1000", 4) = 4 [pid 5710] close(3) = 0 [pid 5710] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5710] memfd_create("syzkaller", 0) = 3 [pid 5710] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 99.980595][ T5709] loop0: detected capacity change from 0 to 4096 [ 99.988902][ T5709] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5710] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5710] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5710] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5710] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5710] close(3) = 0 [pid 5710] mkdir("./file0", 0777) = 0 [pid 5710] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5710] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5710] chdir("./file0") = 0 [pid 5710] ioctl(4, LOOP_CLR_FD) = 0 [pid 5710] close(4) = 0 [pid 5710] exit_group(0) = ? [pid 5710] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5710, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./682", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./682", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./682/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./682/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./682/binderfs") = 0 umount2("./682/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./682/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./682/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./682/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./682/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./682/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./682") = 0 mkdir("./683", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5711 ./strace-static-x86_64: Process 5711 attached [pid 5711] chdir("./683") = 0 [pid 5711] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5711] setpgid(0, 0) = 0 [pid 5711] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5711] write(3, "1000", 4) = 4 [pid 5711] close(3) = 0 [pid 5711] symlink("/dev/binderfs", "./binderfs") = 0 [ 100.058147][ T5710] loop0: detected capacity change from 0 to 4096 [ 100.066803][ T5710] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5711] memfd_create("syzkaller", 0) = 3 [pid 5711] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5711] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5711] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5711] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5711] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5711] close(3) = 0 [pid 5711] mkdir("./file0", 0777) = 0 [pid 5711] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5711] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5711] chdir("./file0") = 0 [pid 5711] ioctl(4, LOOP_CLR_FD) = 0 [pid 5711] close(4) = 0 [pid 5711] exit_group(0) = ? [pid 5711] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5711, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./683", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./683", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./683/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./683/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./683/binderfs") = 0 umount2("./683/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./683/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./683/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./683/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./683/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./683/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./683") = 0 mkdir("./684", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5712 ./strace-static-x86_64: Process 5712 attached [pid 5712] chdir("./684") = 0 [pid 5712] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5712] setpgid(0, 0) = 0 [pid 5712] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5712] write(3, "1000", 4) = 4 [pid 5712] close(3) = 0 [pid 5712] symlink("/dev/binderfs", "./binderfs") = 0 [ 100.147486][ T5711] loop0: detected capacity change from 0 to 4096 [ 100.155936][ T5711] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5712] memfd_create("syzkaller", 0) = 3 [pid 5712] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5712] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5712] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5712] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5712] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5712] close(3) = 0 [pid 5712] mkdir("./file0", 0777) = 0 [pid 5712] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5712] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5712] chdir("./file0") = 0 [pid 5712] ioctl(4, LOOP_CLR_FD) = 0 [pid 5712] close(4) = 0 [pid 5712] exit_group(0) = ? [pid 5712] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5712, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./684", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./684", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./684/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./684/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./684/binderfs") = 0 umount2("./684/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./684/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./684/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./684/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./684/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./684/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./684") = 0 [ 100.230175][ T5712] loop0: detected capacity change from 0 to 4096 [ 100.238467][ T5712] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./685", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5713 attached , child_tidptr=0x5555568435d0) = 5713 [pid 5713] chdir("./685") = 0 [pid 5713] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5713] setpgid(0, 0) = 0 [pid 5713] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5713] write(3, "1000", 4) = 4 [pid 5713] close(3) = 0 [pid 5713] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5713] memfd_create("syzkaller", 0) = 3 [pid 5713] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5713] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5713] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5713] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5713] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5713] close(3) = 0 [pid 5713] mkdir("./file0", 0777) = 0 [pid 5713] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5713] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5713] chdir("./file0") = 0 [pid 5713] ioctl(4, LOOP_CLR_FD) = 0 [pid 5713] close(4) = 0 [pid 5713] exit_group(0) = ? [pid 5713] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5713, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./685", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./685", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./685/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./685/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./685/binderfs") = 0 umount2("./685/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./685/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./685/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./685/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./685/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./685/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./685") = 0 mkdir("./686", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5714 ./strace-static-x86_64: Process 5714 attached [ 100.324461][ T5713] loop0: detected capacity change from 0 to 4096 [ 100.332748][ T5713] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5714] chdir("./686") = 0 [pid 5714] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5714] setpgid(0, 0) = 0 [pid 5714] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5714] write(3, "1000", 4) = 4 [pid 5714] close(3) = 0 [pid 5714] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5714] memfd_create("syzkaller", 0) = 3 [pid 5714] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5714] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5714] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5714] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5714] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5714] close(3) = 0 [pid 5714] mkdir("./file0", 0777) = 0 [pid 5714] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5714] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5714] chdir("./file0") = 0 [pid 5714] ioctl(4, LOOP_CLR_FD) = 0 [pid 5714] close(4) = 0 [pid 5714] exit_group(0) = ? [pid 5714] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5714, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./686", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./686", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./686/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./686/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./686/binderfs") = 0 umount2("./686/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./686/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./686/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./686/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./686/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./686/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./686") = 0 mkdir("./687", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 100.408976][ T5714] loop0: detected capacity change from 0 to 4096 [ 100.417779][ T5714] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5715 ./strace-static-x86_64: Process 5715 attached [pid 5715] chdir("./687") = 0 [pid 5715] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5715] setpgid(0, 0) = 0 [pid 5715] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5715] write(3, "1000", 4) = 4 [pid 5715] close(3) = 0 [pid 5715] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5715] memfd_create("syzkaller", 0) = 3 [pid 5715] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5715] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5715] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5715] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5715] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5715] close(3) = 0 [pid 5715] mkdir("./file0", 0777) = 0 [pid 5715] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5715] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5715] chdir("./file0") = 0 [pid 5715] ioctl(4, LOOP_CLR_FD) = 0 [pid 5715] close(4) = 0 [pid 5715] exit_group(0) = ? [pid 5715] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5715, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./687", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./687", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./687/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./687/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./687/binderfs") = 0 umount2("./687/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./687/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./687/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./687/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./687/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./687/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./687") = 0 mkdir("./688", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5716 ./strace-static-x86_64: Process 5716 attached [pid 5716] chdir("./688") = 0 [pid 5716] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5716] setpgid(0, 0) = 0 [pid 5716] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5716] write(3, "1000", 4) = 4 [pid 5716] close(3) = 0 [pid 5716] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5716] memfd_create("syzkaller", 0) = 3 [pid 5716] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 100.491805][ T5715] loop0: detected capacity change from 0 to 4096 [ 100.500003][ T5715] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5716] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5716] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5716] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5716] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5716] close(3) = 0 [pid 5716] mkdir("./file0", 0777) = 0 [pid 5716] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5716] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5716] chdir("./file0") = 0 [pid 5716] ioctl(4, LOOP_CLR_FD) = 0 [pid 5716] close(4) = 0 [pid 5716] exit_group(0) = ? [pid 5716] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5716, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./688", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./688", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./688/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./688/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./688/binderfs") = 0 umount2("./688/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./688/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./688/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./688/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./688/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./688/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./688") = 0 mkdir("./689", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5717 ./strace-static-x86_64: Process 5717 attached [pid 5717] chdir("./689") = 0 [ 100.570693][ T5716] loop0: detected capacity change from 0 to 4096 [ 100.579008][ T5716] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5717] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5717] setpgid(0, 0) = 0 [pid 5717] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5717] write(3, "1000", 4) = 4 [pid 5717] close(3) = 0 [pid 5717] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5717] memfd_create("syzkaller", 0) = 3 [pid 5717] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5717] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5717] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5717] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5717] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5717] close(3) = 0 [pid 5717] mkdir("./file0", 0777) = 0 [pid 5717] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5717] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5717] chdir("./file0") = 0 [pid 5717] ioctl(4, LOOP_CLR_FD) = 0 [pid 5717] close(4) = 0 [pid 5717] exit_group(0) = ? [pid 5717] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5717, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./689", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./689", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./689/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./689/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./689/binderfs") = 0 umount2("./689/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./689/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./689/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./689/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./689/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./689/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./689") = 0 mkdir("./690", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 100.655548][ T5717] loop0: detected capacity change from 0 to 4096 [ 100.663811][ T5717] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5718 attached , child_tidptr=0x5555568435d0) = 5718 [pid 5718] chdir("./690") = 0 [pid 5718] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5718] setpgid(0, 0) = 0 [pid 5718] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5718] write(3, "1000", 4) = 4 [pid 5718] close(3) = 0 [pid 5718] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5718] memfd_create("syzkaller", 0) = 3 [pid 5718] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5718] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5718] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5718] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5718] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5718] close(3) = 0 [pid 5718] mkdir("./file0", 0777) = 0 [pid 5718] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5718] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5718] chdir("./file0") = 0 [pid 5718] ioctl(4, LOOP_CLR_FD) = 0 [pid 5718] close(4) = 0 [pid 5718] exit_group(0) = ? [pid 5718] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5718, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./690", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./690", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./690/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./690/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./690/binderfs") = 0 umount2("./690/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./690/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./690/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./690/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./690/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./690/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./690") = 0 mkdir("./691", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 100.747370][ T5718] loop0: detected capacity change from 0 to 4096 [ 100.755765][ T5718] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5719 attached , child_tidptr=0x5555568435d0) = 5719 [pid 5719] chdir("./691") = 0 [pid 5719] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5719] setpgid(0, 0) = 0 [pid 5719] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5719] write(3, "1000", 4) = 4 [pid 5719] close(3) = 0 [pid 5719] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5719] memfd_create("syzkaller", 0) = 3 [pid 5719] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5719] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5719] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5719] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5719] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5719] close(3) = 0 [pid 5719] mkdir("./file0", 0777) = 0 [pid 5719] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5719] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5719] chdir("./file0") = 0 [pid 5719] ioctl(4, LOOP_CLR_FD) = 0 [pid 5719] close(4) = 0 [pid 5719] exit_group(0) = ? [pid 5719] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5719, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./691", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./691", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./691/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./691/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./691/binderfs") = 0 umount2("./691/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./691/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./691/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./691/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./691/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./691/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./691") = 0 mkdir("./692", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5720 ./strace-static-x86_64: Process 5720 attached [pid 5720] chdir("./692") = 0 [pid 5720] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5720] setpgid(0, 0) = 0 [pid 5720] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5720] write(3, "1000", 4) = 4 [pid 5720] close(3) = 0 [pid 5720] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5720] memfd_create("syzkaller", 0) = 3 [pid 5720] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 100.839068][ T5719] loop0: detected capacity change from 0 to 4096 [ 100.847267][ T5719] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5720] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5720] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5720] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5720] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5720] close(3) = 0 [pid 5720] mkdir("./file0", 0777) = 0 [pid 5720] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5720] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5720] chdir("./file0") = 0 [pid 5720] ioctl(4, LOOP_CLR_FD) = 0 [pid 5720] close(4) = 0 [pid 5720] exit_group(0) = ? [pid 5720] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5720, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./692", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./692", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./692/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./692/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./692/binderfs") = 0 umount2("./692/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./692/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./692/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./692/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./692/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./692/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./692") = 0 mkdir("./693", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 100.920276][ T5720] loop0: detected capacity change from 0 to 4096 [ 100.929815][ T5720] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5721 attached [pid 5721] chdir("./693") = 0 [pid 5721] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5721] setpgid(0, 0) = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5721 [pid 5721] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5721] write(3, "1000", 4) = 4 [pid 5721] close(3) = 0 [pid 5721] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5721] memfd_create("syzkaller", 0) = 3 [pid 5721] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5721] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5721] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5721] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5721] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5721] close(3) = 0 [pid 5721] mkdir("./file0", 0777) = 0 [pid 5721] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5721] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5721] chdir("./file0") = 0 [pid 5721] ioctl(4, LOOP_CLR_FD) = 0 [pid 5721] close(4) = 0 [pid 5721] exit_group(0) = ? [pid 5721] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5721, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./693", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./693", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./693/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./693/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./693/binderfs") = 0 umount2("./693/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./693/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./693/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./693/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./693/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./693/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./693") = 0 mkdir("./694", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5722 attached [pid 5722] chdir("./694") = 0 [pid 5722] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5722] setpgid(0, 0) = 0 [pid 5722] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5722] write(3, "1000", 4) = 4 [pid 5722] close(3) = 0 [pid 5722] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5722 [pid 5722] memfd_create("syzkaller", 0) = 3 [pid 5722] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 101.008430][ T5721] loop0: detected capacity change from 0 to 4096 [ 101.016698][ T5721] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5722] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5722] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5722] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5722] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5722] close(3) = 0 [pid 5722] mkdir("./file0", 0777) = 0 [pid 5722] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5722] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5722] chdir("./file0") = 0 [pid 5722] ioctl(4, LOOP_CLR_FD) = 0 [pid 5722] close(4) = 0 [pid 5722] exit_group(0) = ? [pid 5722] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5722, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./694", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./694", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./694/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./694/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./694/binderfs") = 0 umount2("./694/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./694/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./694/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./694/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./694/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./694/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./694") = 0 mkdir("./695", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 101.091808][ T5722] loop0: detected capacity change from 0 to 4096 [ 101.100125][ T5722] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5723 attached [pid 5723] chdir("./695") = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5723 [pid 5723] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5723] setpgid(0, 0) = 0 [pid 5723] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5723] write(3, "1000", 4) = 4 [pid 5723] close(3) = 0 [pid 5723] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5723] memfd_create("syzkaller", 0) = 3 [pid 5723] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5723] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5723] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5723] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5723] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5723] close(3) = 0 [pid 5723] mkdir("./file0", 0777) = 0 [pid 5723] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5723] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5723] chdir("./file0") = 0 [pid 5723] ioctl(4, LOOP_CLR_FD) = 0 [pid 5723] close(4) = 0 [pid 5723] exit_group(0) = ? [pid 5723] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5723, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./695", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./695", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./695/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./695/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./695/binderfs") = 0 umount2("./695/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./695/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./695/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./695/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./695/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./695/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./695") = 0 mkdir("./696", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 101.180236][ T5723] loop0: detected capacity change from 0 to 4096 [ 101.188618][ T5723] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5724 ./strace-static-x86_64: Process 5724 attached [pid 5724] chdir("./696") = 0 [pid 5724] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5724] setpgid(0, 0) = 0 [pid 5724] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5724] write(3, "1000", 4) = 4 [pid 5724] close(3) = 0 [pid 5724] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5724] memfd_create("syzkaller", 0) = 3 [pid 5724] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5724] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5724] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5724] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5724] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5724] close(3) = 0 [pid 5724] mkdir("./file0", 0777) = 0 [pid 5724] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5724] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5724] chdir("./file0") = 0 [pid 5724] ioctl(4, LOOP_CLR_FD) = 0 [pid 5724] close(4) = 0 [pid 5724] exit_group(0) = ? [pid 5724] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5724, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./696", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./696", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./696/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./696/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./696/binderfs") = 0 umount2("./696/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./696/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./696/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./696/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./696/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./696/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./696") = 0 mkdir("./697", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 101.267832][ T5724] loop0: detected capacity change from 0 to 4096 [ 101.276662][ T5724] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5725 attached , child_tidptr=0x5555568435d0) = 5725 [pid 5725] chdir("./697") = 0 [pid 5725] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5725] setpgid(0, 0) = 0 [pid 5725] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5725] write(3, "1000", 4) = 4 [pid 5725] close(3) = 0 [pid 5725] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5725] memfd_create("syzkaller", 0) = 3 [pid 5725] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5725] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5725] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5725] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5725] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5725] close(3) = 0 [pid 5725] mkdir("./file0", 0777) = 0 [pid 5725] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5725] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5725] chdir("./file0") = 0 [pid 5725] ioctl(4, LOOP_CLR_FD) = 0 [pid 5725] close(4) = 0 [pid 5725] exit_group(0) = ? [pid 5725] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5725, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./697", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./697", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./697/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./697/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./697/binderfs") = 0 umount2("./697/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./697/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./697/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./697/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./697/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./697/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./697") = 0 mkdir("./698", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5726 ./strace-static-x86_64: Process 5726 attached [pid 5726] chdir("./698") = 0 [pid 5726] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5726] setpgid(0, 0) = 0 [pid 5726] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5726] write(3, "1000", 4) = 4 [pid 5726] close(3) = 0 [pid 5726] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5726] memfd_create("syzkaller", 0) = 3 [pid 5726] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 101.353717][ T5725] loop0: detected capacity change from 0 to 4096 [ 101.362258][ T5725] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5726] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5726] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5726] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5726] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5726] close(3) = 0 [pid 5726] mkdir("./file0", 0777) = 0 [pid 5726] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5726] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5726] chdir("./file0") = 0 [pid 5726] ioctl(4, LOOP_CLR_FD) = 0 [pid 5726] close(4) = 0 [pid 5726] exit_group(0) = ? [pid 5726] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5726, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./698", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./698", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./698/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./698/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./698/binderfs") = 0 umount2("./698/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./698/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./698/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./698/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./698/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./698/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./698") = 0 mkdir("./699", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5727 attached , child_tidptr=0x5555568435d0) = 5727 [pid 5727] chdir("./699") = 0 [pid 5727] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5727] setpgid(0, 0) = 0 [pid 5727] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5727] write(3, "1000", 4) = 4 [pid 5727] close(3) = 0 [pid 5727] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5727] memfd_create("syzkaller", 0) = 3 [pid 5727] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 101.432783][ T5726] loop0: detected capacity change from 0 to 4096 [ 101.440617][ T5726] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5727] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5727] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5727] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5727] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5727] close(3) = 0 [pid 5727] mkdir("./file0", 0777) = 0 [pid 5727] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5727] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5727] chdir("./file0") = 0 [pid 5727] ioctl(4, LOOP_CLR_FD) = 0 [pid 5727] close(4) = 0 [pid 5727] exit_group(0) = ? [pid 5727] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5727, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./699", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./699", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./699/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./699/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./699/binderfs") = 0 umount2("./699/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./699/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./699/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./699/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./699/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./699/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./699") = 0 mkdir("./700", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5728 attached , child_tidptr=0x5555568435d0) = 5728 [pid 5728] chdir("./700") = 0 [pid 5728] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5728] setpgid(0, 0) = 0 [pid 5728] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5728] write(3, "1000", 4) = 4 [pid 5728] close(3) = 0 [ 101.512809][ T5727] loop0: detected capacity change from 0 to 4096 [ 101.521056][ T5727] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5728] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5728] memfd_create("syzkaller", 0) = 3 [pid 5728] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5728] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5728] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5728] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5728] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5728] close(3) = 0 [pid 5728] mkdir("./file0", 0777) = 0 [pid 5728] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5728] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5728] chdir("./file0") = 0 [pid 5728] ioctl(4, LOOP_CLR_FD) = 0 [pid 5728] close(4) = 0 [pid 5728] exit_group(0) = ? [pid 5728] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5728, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./700", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./700", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./700/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./700/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./700/binderfs") = 0 umount2("./700/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./700/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./700/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./700/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./700/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./700/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./700") = 0 mkdir("./701", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 101.592884][ T5728] loop0: detected capacity change from 0 to 4096 [ 101.601372][ T5728] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5729 attached [pid 5729] chdir("./701") = 0 [pid 5729] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5729] setpgid(0, 0) = 0 [pid 5729] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5729] write(3, "1000", 4) = 4 [pid 5729] close(3) = 0 [pid 5729] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5729 [pid 5729] memfd_create("syzkaller", 0) = 3 [pid 5729] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5729] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5729] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5729] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5729] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5729] close(3) = 0 [pid 5729] mkdir("./file0", 0777) = 0 [pid 5729] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5729] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5729] chdir("./file0") = 0 [pid 5729] ioctl(4, LOOP_CLR_FD) = 0 [pid 5729] close(4) = 0 [pid 5729] exit_group(0) = ? [pid 5729] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5729, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./701", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./701", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./701/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./701/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./701/binderfs") = 0 umount2("./701/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./701/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./701/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./701/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./701/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./701/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./701") = 0 mkdir("./702", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5730 ./strace-static-x86_64: Process 5730 attached [pid 5730] chdir("./702") = 0 [pid 5730] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5730] setpgid(0, 0) = 0 [pid 5730] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5730] write(3, "1000", 4) = 4 [pid 5730] close(3) = 0 [pid 5730] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5730] memfd_create("syzkaller", 0) = 3 [pid 5730] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 101.678912][ T5729] loop0: detected capacity change from 0 to 4096 [ 101.686804][ T5729] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5730] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5730] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5730] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5730] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5730] close(3) = 0 [pid 5730] mkdir("./file0", 0777) = 0 [pid 5730] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5730] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5730] chdir("./file0") = 0 [pid 5730] ioctl(4, LOOP_CLR_FD) = 0 [pid 5730] close(4) = 0 [pid 5730] exit_group(0) = ? [pid 5730] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5730, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./702", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./702", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./702/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./702/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./702/binderfs") = 0 umount2("./702/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./702/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./702/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./702/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./702/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./702/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./702") = 0 mkdir("./703", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 101.760087][ T5730] loop0: detected capacity change from 0 to 4096 [ 101.768840][ T5730] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5731 attached [pid 5731] chdir("./703") = 0 [pid 5731] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5731] setpgid(0, 0) = 0 [pid 5731] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5731 [pid 5731] <... openat resumed>) = 3 [pid 5731] write(3, "1000", 4) = 4 [pid 5731] close(3) = 0 [pid 5731] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5731] memfd_create("syzkaller", 0) = 3 [pid 5731] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5731] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5731] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5731] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5731] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5731] close(3) = 0 [pid 5731] mkdir("./file0", 0777) = 0 [pid 5731] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5731] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5731] chdir("./file0") = 0 [pid 5731] ioctl(4, LOOP_CLR_FD) = 0 [pid 5731] close(4) = 0 [pid 5731] exit_group(0) = ? [pid 5731] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5731, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./703", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./703", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./703/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./703/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./703/binderfs") = 0 umount2("./703/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./703/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./703/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./703/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./703/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./703/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./703") = 0 mkdir("./704", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5732 ./strace-static-x86_64: Process 5732 attached [pid 5732] chdir("./704") = 0 [pid 5732] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5732] setpgid(0, 0) = 0 [pid 5732] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 101.845042][ T5731] loop0: detected capacity change from 0 to 4096 [ 101.853012][ T5731] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5732] write(3, "1000", 4) = 4 [pid 5732] close(3) = 0 [pid 5732] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5732] memfd_create("syzkaller", 0) = 3 [pid 5732] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5732] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5732] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5732] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5732] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5732] close(3) = 0 [pid 5732] mkdir("./file0", 0777) = 0 [pid 5732] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5732] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5732] chdir("./file0") = 0 [pid 5732] ioctl(4, LOOP_CLR_FD) = 0 [pid 5732] close(4) = 0 [pid 5732] exit_group(0) = ? [pid 5732] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5732, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./704", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./704", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./704/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./704/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./704/binderfs") = 0 umount2("./704/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./704/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./704/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./704/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./704/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./704/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./704") = 0 mkdir("./705", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 101.929216][ T5732] loop0: detected capacity change from 0 to 4096 [ 101.937491][ T5732] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5733 attached [pid 5733] chdir("./705") = 0 [pid 5733] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5733] setpgid(0, 0) = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5733 [pid 5733] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5733] write(3, "1000", 4) = 4 [pid 5733] close(3) = 0 [pid 5733] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5733] memfd_create("syzkaller", 0) = 3 [pid 5733] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5733] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5733] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5733] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5733] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5733] close(3) = 0 [pid 5733] mkdir("./file0", 0777) = 0 [pid 5733] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5733] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5733] chdir("./file0") = 0 [pid 5733] ioctl(4, LOOP_CLR_FD) = 0 [pid 5733] close(4) = 0 [pid 5733] exit_group(0) = ? [pid 5733] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5733, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./705", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./705", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./705/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./705/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./705/binderfs") = 0 umount2("./705/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./705/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./705/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./705/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./705/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./705/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./705") = 0 mkdir("./706", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 102.017993][ T5733] loop0: detected capacity change from 0 to 4096 [ 102.025960][ T5733] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5734 attached [pid 5734] chdir("./706" [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5734 [pid 5734] <... chdir resumed>) = 0 [pid 5734] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5734] setpgid(0, 0) = 0 [pid 5734] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5734] write(3, "1000", 4) = 4 [pid 5734] close(3) = 0 [pid 5734] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5734] memfd_create("syzkaller", 0) = 3 [pid 5734] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5734] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5734] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5734] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5734] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5734] close(3) = 0 [pid 5734] mkdir("./file0", 0777) = 0 [pid 5734] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5734] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5734] chdir("./file0") = 0 [pid 5734] ioctl(4, LOOP_CLR_FD) = 0 [pid 5734] close(4) = 0 [pid 5734] exit_group(0) = ? [pid 5734] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5734, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./706", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./706", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./706/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./706/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./706/binderfs") = 0 umount2("./706/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./706/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./706/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./706/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./706/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./706/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./706") = 0 mkdir("./707", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 102.104136][ T5734] loop0: detected capacity change from 0 to 4096 [ 102.112514][ T5734] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5735 attached , child_tidptr=0x5555568435d0) = 5735 [pid 5735] chdir("./707") = 0 [pid 5735] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5735] setpgid(0, 0) = 0 [pid 5735] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5735] write(3, "1000", 4) = 4 [pid 5735] close(3) = 0 [pid 5735] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5735] memfd_create("syzkaller", 0) = 3 [pid 5735] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5735] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5735] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5735] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5735] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5735] close(3) = 0 [pid 5735] mkdir("./file0", 0777) = 0 [pid 5735] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5735] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5735] chdir("./file0") = 0 [pid 5735] ioctl(4, LOOP_CLR_FD) = 0 [pid 5735] close(4) = 0 [pid 5735] exit_group(0) = ? [pid 5735] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5735, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./707", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./707", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./707/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./707/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./707/binderfs") = 0 umount2("./707/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./707/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./707/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./707/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./707/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./707/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./707") = 0 [ 102.188539][ T5735] loop0: detected capacity change from 0 to 4096 [ 102.197589][ T5735] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./708", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5736 ./strace-static-x86_64: Process 5736 attached [pid 5736] chdir("./708") = 0 [pid 5736] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5736] setpgid(0, 0) = 0 [pid 5736] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5736] write(3, "1000", 4) = 4 [pid 5736] close(3) = 0 [pid 5736] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5736] memfd_create("syzkaller", 0) = 3 [pid 5736] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5736] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5736] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5736] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5736] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5736] close(3) = 0 [pid 5736] mkdir("./file0", 0777) = 0 [pid 5736] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5736] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5736] chdir("./file0") = 0 [pid 5736] ioctl(4, LOOP_CLR_FD) = 0 [pid 5736] close(4) = 0 [pid 5736] exit_group(0) = ? [pid 5736] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5736, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./708", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./708", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./708/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./708/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./708/binderfs") = 0 umount2("./708/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./708/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./708/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./708/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./708/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./708/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./708") = 0 mkdir("./709", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 102.282970][ T5736] loop0: detected capacity change from 0 to 4096 [ 102.291558][ T5736] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5737 ./strace-static-x86_64: Process 5737 attached [pid 5737] chdir("./709") = 0 [pid 5737] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5737] setpgid(0, 0) = 0 [pid 5737] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5737] write(3, "1000", 4) = 4 [pid 5737] close(3) = 0 [pid 5737] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5737] memfd_create("syzkaller", 0) = 3 [pid 5737] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5737] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5737] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5737] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5737] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5737] close(3) = 0 [pid 5737] mkdir("./file0", 0777) = 0 [pid 5737] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5737] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5737] chdir("./file0") = 0 [pid 5737] ioctl(4, LOOP_CLR_FD) = 0 [pid 5737] close(4) = 0 [pid 5737] exit_group(0) = ? [pid 5737] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5737, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./709", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./709", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./709/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./709/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./709/binderfs") = 0 umount2("./709/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./709/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./709/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./709/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./709/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./709/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./709") = 0 mkdir("./710", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 102.373626][ T5737] loop0: detected capacity change from 0 to 4096 [ 102.382013][ T5737] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5738 ./strace-static-x86_64: Process 5738 attached [pid 5738] chdir("./710") = 0 [pid 5738] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5738] setpgid(0, 0) = 0 [pid 5738] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5738] write(3, "1000", 4) = 4 [pid 5738] close(3) = 0 [pid 5738] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5738] memfd_create("syzkaller", 0) = 3 [pid 5738] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5738] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5738] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5738] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5738] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5738] close(3) = 0 [pid 5738] mkdir("./file0", 0777) = 0 [pid 5738] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5738] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5738] chdir("./file0") = 0 [pid 5738] ioctl(4, LOOP_CLR_FD) = 0 [pid 5738] close(4) = 0 [pid 5738] exit_group(0) = ? [pid 5738] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5738, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./710", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./710", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./710/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./710/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./710/binderfs") = 0 umount2("./710/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./710/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./710/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./710/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./710/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./710/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./710") = 0 mkdir("./711", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5739 ./strace-static-x86_64: Process 5739 attached [pid 5739] chdir("./711") = 0 [pid 5739] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5739] setpgid(0, 0) = 0 [pid 5739] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5739] write(3, "1000", 4) = 4 [ 102.463976][ T5738] loop0: detected capacity change from 0 to 4096 [ 102.472038][ T5738] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5739] close(3) = 0 [pid 5739] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5739] memfd_create("syzkaller", 0) = 3 [pid 5739] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5739] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5739] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5739] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5739] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5739] close(3) = 0 [pid 5739] mkdir("./file0", 0777) = 0 [pid 5739] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5739] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5739] chdir("./file0") = 0 [pid 5739] ioctl(4, LOOP_CLR_FD) = 0 [pid 5739] close(4) = 0 [pid 5739] exit_group(0) = ? [pid 5739] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5739, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./711", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./711", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./711/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./711/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./711/binderfs") = 0 umount2("./711/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./711/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./711/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./711/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./711/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./711/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./711") = 0 mkdir("./712", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5740 ./strace-static-x86_64: Process 5740 attached [pid 5740] chdir("./712") = 0 [pid 5740] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5740] setpgid(0, 0) = 0 [ 102.545967][ T5739] loop0: detected capacity change from 0 to 4096 [ 102.554293][ T5739] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5740] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5740] write(3, "1000", 4) = 4 [pid 5740] close(3) = 0 [pid 5740] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5740] memfd_create("syzkaller", 0) = 3 [pid 5740] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5740] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5740] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5740] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5740] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5740] close(3) = 0 [pid 5740] mkdir("./file0", 0777) = 0 [pid 5740] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5740] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5740] chdir("./file0") = 0 [pid 5740] ioctl(4, LOOP_CLR_FD) = 0 [pid 5740] close(4) = 0 [pid 5740] exit_group(0) = ? [pid 5740] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5740, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./712", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./712", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./712/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./712/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./712/binderfs") = 0 umount2("./712/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./712/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./712/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./712/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./712/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./712/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./712") = 0 mkdir("./713", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 102.635348][ T5740] loop0: detected capacity change from 0 to 4096 [ 102.644231][ T5740] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5741 attached , child_tidptr=0x5555568435d0) = 5741 [pid 5741] chdir("./713") = 0 [pid 5741] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5741] setpgid(0, 0) = 0 [pid 5741] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5741] write(3, "1000", 4) = 4 [pid 5741] close(3) = 0 [pid 5741] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5741] memfd_create("syzkaller", 0) = 3 [pid 5741] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5741] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5741] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5741] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5741] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5741] close(3) = 0 [pid 5741] mkdir("./file0", 0777) = 0 [pid 5741] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5741] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5741] chdir("./file0") = 0 [pid 5741] ioctl(4, LOOP_CLR_FD) = 0 [pid 5741] close(4) = 0 [pid 5741] exit_group(0) = ? [pid 5741] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5741, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./713", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./713", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./713/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./713/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./713/binderfs") = 0 umount2("./713/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./713/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./713/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./713/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./713/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./713/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./713") = 0 mkdir("./714", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5742 ./strace-static-x86_64: Process 5742 attached [pid 5742] chdir("./714") = 0 [ 102.723972][ T5741] loop0: detected capacity change from 0 to 4096 [ 102.732249][ T5741] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5742] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5742] setpgid(0, 0) = 0 [pid 5742] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5742] write(3, "1000", 4) = 4 [pid 5742] close(3) = 0 [pid 5742] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5742] memfd_create("syzkaller", 0) = 3 [pid 5742] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5742] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5742] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5742] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5742] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5742] close(3) = 0 [pid 5742] mkdir("./file0", 0777) = 0 [pid 5742] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5742] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5742] chdir("./file0") = 0 [pid 5742] ioctl(4, LOOP_CLR_FD) = 0 [pid 5742] close(4) = 0 [pid 5742] exit_group(0) = ? [pid 5742] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5742, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./714", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./714", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./714/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./714/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./714/binderfs") = 0 umount2("./714/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./714/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./714/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./714/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./714/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./714/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./714") = 0 mkdir("./715", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5743 ./strace-static-x86_64: Process 5743 attached [pid 5743] chdir("./715") = 0 [pid 5743] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 102.811364][ T5742] loop0: detected capacity change from 0 to 4096 [ 102.819638][ T5742] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5743] setpgid(0, 0) = 0 [pid 5743] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5743] write(3, "1000", 4) = 4 [pid 5743] close(3) = 0 [pid 5743] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5743] memfd_create("syzkaller", 0) = 3 [pid 5743] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5743] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5743] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5743] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5743] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5743] close(3) = 0 [pid 5743] mkdir("./file0", 0777) = 0 [pid 5743] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5743] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5743] chdir("./file0") = 0 [pid 5743] ioctl(4, LOOP_CLR_FD) = 0 [pid 5743] close(4) = 0 [pid 5743] exit_group(0) = ? [pid 5743] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5743, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./715", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./715", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./715/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./715/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./715/binderfs") = 0 umount2("./715/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./715/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./715/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./715/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./715/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./715/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./715") = 0 mkdir("./716", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 102.903821][ T5743] loop0: detected capacity change from 0 to 4096 [ 102.912615][ T5743] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5744 ./strace-static-x86_64: Process 5744 attached [pid 5744] chdir("./716") = 0 [pid 5744] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5744] setpgid(0, 0) = 0 [pid 5744] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5744] write(3, "1000", 4) = 4 [pid 5744] close(3) = 0 [pid 5744] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5744] memfd_create("syzkaller", 0) = 3 [pid 5744] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5744] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5744] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5744] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5744] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5744] close(3) = 0 [pid 5744] mkdir("./file0", 0777) = 0 [pid 5744] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5744] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5744] chdir("./file0") = 0 [pid 5744] ioctl(4, LOOP_CLR_FD) = 0 [pid 5744] close(4) = 0 [pid 5744] exit_group(0) = ? [pid 5744] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5744, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./716", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./716", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./716/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./716/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./716/binderfs") = 0 umount2("./716/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./716/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./716/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./716/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./716/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./716/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./716") = 0 mkdir("./717", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 102.994293][ T5744] loop0: detected capacity change from 0 to 4096 [ 103.002696][ T5744] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5745 ./strace-static-x86_64: Process 5745 attached [pid 5745] chdir("./717") = 0 [pid 5745] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5745] setpgid(0, 0) = 0 [pid 5745] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5745] write(3, "1000", 4) = 4 [pid 5745] close(3) = 0 [pid 5745] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5745] memfd_create("syzkaller", 0) = 3 [pid 5745] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5745] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5745] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5745] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5745] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5745] close(3) = 0 [pid 5745] mkdir("./file0", 0777) = 0 [pid 5745] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5745] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5745] chdir("./file0") = 0 [pid 5745] ioctl(4, LOOP_CLR_FD) = 0 [pid 5745] close(4) = 0 [pid 5745] exit_group(0) = ? [pid 5745] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5745, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./717", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./717", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./717/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./717/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./717/binderfs") = 0 umount2("./717/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./717/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./717/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./717/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./717/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./717/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./717") = 0 mkdir("./718", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5746 ./strace-static-x86_64: Process 5746 attached [pid 5746] chdir("./718") = 0 [pid 5746] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5746] setpgid(0, 0) = 0 [pid 5746] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5746] write(3, "1000", 4) = 4 [pid 5746] close(3) = 0 [pid 5746] symlink("/dev/binderfs", "./binderfs") = 0 [ 103.085113][ T5745] loop0: detected capacity change from 0 to 4096 [ 103.093462][ T5745] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5746] memfd_create("syzkaller", 0) = 3 [pid 5746] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5746] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5746] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5746] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5746] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5746] close(3) = 0 [pid 5746] mkdir("./file0", 0777) = 0 [pid 5746] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5746] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5746] chdir("./file0") = 0 [pid 5746] ioctl(4, LOOP_CLR_FD) = 0 [pid 5746] close(4) = 0 [pid 5746] exit_group(0) = ? [pid 5746] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5746, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./718", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./718", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./718/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./718/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./718/binderfs") = 0 umount2("./718/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./718/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./718/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./718/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./718/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./718/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./718") = 0 mkdir("./719", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5747 ./strace-static-x86_64: Process 5747 attached [pid 5747] chdir("./719") = 0 [pid 5747] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 103.164081][ T5746] loop0: detected capacity change from 0 to 4096 [ 103.172738][ T5746] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5747] setpgid(0, 0) = 0 [pid 5747] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5747] write(3, "1000", 4) = 4 [pid 5747] close(3) = 0 [pid 5747] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5747] memfd_create("syzkaller", 0) = 3 [pid 5747] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5747] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5747] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5747] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5747] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5747] close(3) = 0 [pid 5747] mkdir("./file0", 0777) = 0 [pid 5747] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5747] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5747] chdir("./file0") = 0 [pid 5747] ioctl(4, LOOP_CLR_FD) = 0 [pid 5747] close(4) = 0 [pid 5747] exit_group(0) = ? [pid 5747] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5747, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./719", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./719", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./719/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./719/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./719/binderfs") = 0 umount2("./719/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./719/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./719/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./719/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./719/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./719/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./719") = 0 mkdir("./720", 0777) = 0 [ 103.251973][ T5747] loop0: detected capacity change from 0 to 4096 [ 103.260866][ T5747] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5748 ./strace-static-x86_64: Process 5748 attached [pid 5748] chdir("./720") = 0 [pid 5748] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5748] setpgid(0, 0) = 0 [pid 5748] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5748] write(3, "1000", 4) = 4 [pid 5748] close(3) = 0 [pid 5748] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5748] memfd_create("syzkaller", 0) = 3 [pid 5748] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5748] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5748] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5748] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5748] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5748] close(3) = 0 [pid 5748] mkdir("./file0", 0777) = 0 [pid 5748] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5748] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5748] chdir("./file0") = 0 [pid 5748] ioctl(4, LOOP_CLR_FD) = 0 [pid 5748] close(4) = 0 [pid 5748] exit_group(0) = ? [pid 5748] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5748, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./720", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./720", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./720/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./720/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./720/binderfs") = 0 umount2("./720/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./720/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./720/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./720/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./720/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./720/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./720") = 0 mkdir("./721", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 103.343617][ T5748] loop0: detected capacity change from 0 to 4096 [ 103.352281][ T5748] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5749 ./strace-static-x86_64: Process 5749 attached [pid 5749] chdir("./721") = 0 [pid 5749] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5749] setpgid(0, 0) = 0 [pid 5749] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5749] write(3, "1000", 4) = 4 [pid 5749] close(3) = 0 [pid 5749] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5749] memfd_create("syzkaller", 0) = 3 [pid 5749] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5749] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5749] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5749] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5749] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5749] close(3) = 0 [pid 5749] mkdir("./file0", 0777) = 0 [pid 5749] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5749] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5749] chdir("./file0") = 0 [pid 5749] ioctl(4, LOOP_CLR_FD) = 0 [pid 5749] close(4) = 0 [pid 5749] exit_group(0) = ? [pid 5749] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5749, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./721", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./721", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./721/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./721/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./721/binderfs") = 0 umount2("./721/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./721/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./721/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./721/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./721/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./721/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./721") = 0 mkdir("./722", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5750 attached , child_tidptr=0x5555568435d0) = 5750 [pid 5750] chdir("./722") = 0 [pid 5750] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5750] setpgid(0, 0) = 0 [pid 5750] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5750] write(3, "1000", 4) = 4 [pid 5750] close(3) = 0 [pid 5750] symlink("/dev/binderfs", "./binderfs") = 0 [ 103.440361][ T5749] loop0: detected capacity change from 0 to 4096 [ 103.448523][ T5749] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5750] memfd_create("syzkaller", 0) = 3 [pid 5750] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5750] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5750] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5750] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5750] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5750] close(3) = 0 [pid 5750] mkdir("./file0", 0777) = 0 [pid 5750] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5750] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5750] chdir("./file0") = 0 [pid 5750] ioctl(4, LOOP_CLR_FD) = 0 [pid 5750] close(4) = 0 [pid 5750] exit_group(0) = ? [pid 5750] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5750, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./722", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./722", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./722/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./722/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./722/binderfs") = 0 umount2("./722/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./722/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./722/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./722/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./722/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./722/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./722") = 0 mkdir("./723", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 103.524620][ T5750] loop0: detected capacity change from 0 to 4096 [ 103.533020][ T5750] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5751 ./strace-static-x86_64: Process 5751 attached [pid 5751] chdir("./723") = 0 [pid 5751] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5751] setpgid(0, 0) = 0 [pid 5751] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5751] write(3, "1000", 4) = 4 [pid 5751] close(3) = 0 [pid 5751] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5751] memfd_create("syzkaller", 0) = 3 [pid 5751] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5751] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5751] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5751] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5751] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5751] close(3) = 0 [pid 5751] mkdir("./file0", 0777) = 0 [pid 5751] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5751] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5751] chdir("./file0") = 0 [pid 5751] ioctl(4, LOOP_CLR_FD) = 0 [pid 5751] close(4) = 0 [pid 5751] exit_group(0) = ? [pid 5751] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5751, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./723", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./723", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./723/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./723/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./723/binderfs") = 0 umount2("./723/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./723/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./723/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./723/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./723/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./723/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./723") = 0 mkdir("./724", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 103.614332][ T5751] loop0: detected capacity change from 0 to 4096 [ 103.622555][ T5751] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5752 ./strace-static-x86_64: Process 5752 attached [pid 5752] chdir("./724") = 0 [pid 5752] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5752] setpgid(0, 0) = 0 [pid 5752] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5752] write(3, "1000", 4) = 4 [pid 5752] close(3) = 0 [pid 5752] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5752] memfd_create("syzkaller", 0) = 3 [pid 5752] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5752] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5752] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5752] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5752] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5752] close(3) = 0 [pid 5752] mkdir("./file0", 0777) = 0 [pid 5752] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5752] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5752] chdir("./file0") = 0 [pid 5752] ioctl(4, LOOP_CLR_FD) = 0 [pid 5752] close(4) = 0 [pid 5752] exit_group(0) = ? [pid 5752] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5752, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./724", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./724", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./724/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./724/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./724/binderfs") = 0 umount2("./724/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./724/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./724/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./724/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./724/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./724/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./724") = 0 mkdir("./725", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5753 ./strace-static-x86_64: Process 5753 attached [pid 5753] chdir("./725") = 0 [pid 5753] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5753] setpgid(0, 0) = 0 [pid 5753] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5753] write(3, "1000", 4) = 4 [pid 5753] close(3) = 0 [pid 5753] symlink("/dev/binderfs", "./binderfs") = 0 [ 103.705140][ T5752] loop0: detected capacity change from 0 to 4096 [ 103.713791][ T5752] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5753] memfd_create("syzkaller", 0) = 3 [pid 5753] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5753] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5753] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5753] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5753] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5753] close(3) = 0 [pid 5753] mkdir("./file0", 0777) = 0 [pid 5753] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5753] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5753] chdir("./file0") = 0 [pid 5753] ioctl(4, LOOP_CLR_FD) = 0 [pid 5753] close(4) = 0 [pid 5753] exit_group(0) = ? [pid 5753] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5753, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./725", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./725", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./725/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./725/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./725/binderfs") = 0 umount2("./725/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./725/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./725/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./725/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./725/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./725/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./725") = 0 mkdir("./726", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5754 ./strace-static-x86_64: Process 5754 attached [pid 5754] chdir("./726") = 0 [pid 5754] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5754] setpgid(0, 0) = 0 [pid 5754] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5754] write(3, "1000", 4) = 4 [pid 5754] close(3) = 0 [pid 5754] symlink("/dev/binderfs", "./binderfs") = 0 [ 103.789340][ T5753] loop0: detected capacity change from 0 to 4096 [ 103.797409][ T5753] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5754] memfd_create("syzkaller", 0) = 3 [pid 5754] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5754] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5754] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5754] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5754] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5754] close(3) = 0 [pid 5754] mkdir("./file0", 0777) = 0 [pid 5754] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5754] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5754] chdir("./file0") = 0 [pid 5754] ioctl(4, LOOP_CLR_FD) = 0 [pid 5754] close(4) = 0 [pid 5754] exit_group(0) = ? [pid 5754] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5754, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./726", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./726", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./726/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./726/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./726/binderfs") = 0 umount2("./726/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./726/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./726/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./726/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./726/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./726/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./726") = 0 mkdir("./727", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 103.873032][ T5754] loop0: detected capacity change from 0 to 4096 [ 103.881685][ T5754] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5755 ./strace-static-x86_64: Process 5755 attached [pid 5755] chdir("./727") = 0 [pid 5755] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5755] setpgid(0, 0) = 0 [pid 5755] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5755] write(3, "1000", 4) = 4 [pid 5755] close(3) = 0 [pid 5755] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5755] memfd_create("syzkaller", 0) = 3 [pid 5755] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5755] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5755] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5755] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5755] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5755] close(3) = 0 [pid 5755] mkdir("./file0", 0777) = 0 [pid 5755] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5755] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5755] chdir("./file0") = 0 [pid 5755] ioctl(4, LOOP_CLR_FD) = 0 [pid 5755] close(4) = 0 [pid 5755] exit_group(0) = ? [pid 5755] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5755, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./727", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./727", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./727/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./727/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./727/binderfs") = 0 umount2("./727/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./727/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./727/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./727/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./727/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./727/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./727") = 0 mkdir("./728", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5756 attached [pid 5756] chdir("./728") = 0 [pid 5756] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5756] setpgid(0, 0) = 0 [pid 5756] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5756] write(3, "1000", 4) = 4 [pid 5756] close(3) = 0 [pid 5756] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5756 [pid 5756] memfd_create("syzkaller", 0) = 3 [pid 5756] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 103.962057][ T5755] loop0: detected capacity change from 0 to 4096 [ 103.970734][ T5755] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5756] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5756] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5756] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5756] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5756] close(3) = 0 [pid 5756] mkdir("./file0", 0777) = 0 [pid 5756] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5756] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5756] chdir("./file0") = 0 [pid 5756] ioctl(4, LOOP_CLR_FD) = 0 [pid 5756] close(4) = 0 [pid 5756] exit_group(0) = ? [pid 5756] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5756, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./728", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./728", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./728/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./728/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./728/binderfs") = 0 umount2("./728/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./728/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./728/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./728/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./728/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./728/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./728") = 0 mkdir("./729", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5757 attached , child_tidptr=0x5555568435d0) = 5757 [pid 5757] chdir("./729") = 0 [pid 5757] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5757] setpgid(0, 0) = 0 [pid 5757] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5757] write(3, "1000", 4) = 4 [pid 5757] close(3) = 0 [pid 5757] symlink("/dev/binderfs", "./binderfs") = 0 [ 104.039803][ T5756] loop0: detected capacity change from 0 to 4096 [ 104.048193][ T5756] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5757] memfd_create("syzkaller", 0) = 3 [pid 5757] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5757] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5757] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5757] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5757] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5757] close(3) = 0 [pid 5757] mkdir("./file0", 0777) = 0 [pid 5757] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5757] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5757] chdir("./file0") = 0 [pid 5757] ioctl(4, LOOP_CLR_FD) = 0 [pid 5757] close(4) = 0 [pid 5757] exit_group(0) = ? [pid 5757] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5757, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./729", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./729", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./729/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./729/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./729/binderfs") = 0 umount2("./729/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./729/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./729/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./729/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./729/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./729/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./729") = 0 mkdir("./730", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5758 ./strace-static-x86_64: Process 5758 attached [pid 5758] chdir("./730") = 0 [pid 5758] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5758] setpgid(0, 0) = 0 [pid 5758] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5758] write(3, "1000", 4) = 4 [pid 5758] close(3) = 0 [pid 5758] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5758] memfd_create("syzkaller", 0) = 3 [pid 5758] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 104.120216][ T5757] loop0: detected capacity change from 0 to 4096 [ 104.128793][ T5757] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5758] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5758] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5758] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5758] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5758] close(3) = 0 [pid 5758] mkdir("./file0", 0777) = 0 [pid 5758] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5758] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5758] chdir("./file0") = 0 [pid 5758] ioctl(4, LOOP_CLR_FD) = 0 [pid 5758] close(4) = 0 [pid 5758] exit_group(0) = ? [pid 5758] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5758, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./730", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./730", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./730/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./730/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./730/binderfs") = 0 umount2("./730/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./730/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./730/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./730/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./730/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./730/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./730") = 0 mkdir("./731", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5759 attached , child_tidptr=0x5555568435d0) = 5759 [pid 5759] chdir("./731") = 0 [pid 5759] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5759] setpgid(0, 0) = 0 [pid 5759] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5759] write(3, "1000", 4) = 4 [pid 5759] close(3) = 0 [pid 5759] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5759] memfd_create("syzkaller", 0) = 3 [pid 5759] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 104.198518][ T5758] loop0: detected capacity change from 0 to 4096 [ 104.207050][ T5758] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5759] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5759] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5759] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5759] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5759] close(3) = 0 [pid 5759] mkdir("./file0", 0777) = 0 [pid 5759] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5759] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5759] chdir("./file0") = 0 [pid 5759] ioctl(4, LOOP_CLR_FD) = 0 [pid 5759] close(4) = 0 [pid 5759] exit_group(0) = ? [pid 5759] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5759, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./731", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./731", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./731/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./731/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./731/binderfs") = 0 umount2("./731/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./731/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./731/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./731/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./731/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./731/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./731") = 0 mkdir("./732", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5760 ./strace-static-x86_64: Process 5760 attached [pid 5760] chdir("./732") = 0 [pid 5760] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5760] setpgid(0, 0) = 0 [pid 5760] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5760] write(3, "1000", 4) = 4 [pid 5760] close(3) = 0 [pid 5760] symlink("/dev/binderfs", "./binderfs") = 0 [ 104.277792][ T5759] loop0: detected capacity change from 0 to 4096 [ 104.286233][ T5759] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5760] memfd_create("syzkaller", 0) = 3 [pid 5760] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5760] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5760] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5760] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5760] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5760] close(3) = 0 [pid 5760] mkdir("./file0", 0777) = 0 [pid 5760] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5760] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5760] chdir("./file0") = 0 [pid 5760] ioctl(4, LOOP_CLR_FD) = 0 [pid 5760] close(4) = 0 [pid 5760] exit_group(0) = ? [pid 5760] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5760, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./732", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./732", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./732/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./732/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./732/binderfs") = 0 umount2("./732/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./732/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./732/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./732/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./732/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./732/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./732") = 0 mkdir("./733", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5761 ./strace-static-x86_64: Process 5761 attached [pid 5761] chdir("./733") = 0 [pid 5761] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5761] setpgid(0, 0) = 0 [pid 5761] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5761] write(3, "1000", 4) = 4 [pid 5761] close(3) = 0 [ 104.357835][ T5760] loop0: detected capacity change from 0 to 4096 [ 104.365925][ T5760] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5761] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5761] memfd_create("syzkaller", 0) = 3 [pid 5761] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5761] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5761] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5761] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5761] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5761] close(3) = 0 [pid 5761] mkdir("./file0", 0777) = 0 [pid 5761] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5761] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5761] chdir("./file0") = 0 [pid 5761] ioctl(4, LOOP_CLR_FD) = 0 [pid 5761] close(4) = 0 [pid 5761] exit_group(0) = ? [pid 5761] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5761, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./733", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./733", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./733/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./733/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./733/binderfs") = 0 umount2("./733/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./733/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./733/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./733/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./733/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./733/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./733") = 0 mkdir("./734", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 104.440213][ T5761] loop0: detected capacity change from 0 to 4096 [ 104.448512][ T5761] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5762 attached , child_tidptr=0x5555568435d0) = 5762 [pid 5762] chdir("./734") = 0 [pid 5762] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5762] setpgid(0, 0) = 0 [pid 5762] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5762] write(3, "1000", 4) = 4 [pid 5762] close(3) = 0 [pid 5762] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5762] memfd_create("syzkaller", 0) = 3 [pid 5762] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5762] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5762] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5762] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5762] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5762] close(3) = 0 [pid 5762] mkdir("./file0", 0777) = 0 [pid 5762] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5762] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5762] chdir("./file0") = 0 [pid 5762] ioctl(4, LOOP_CLR_FD) = 0 [pid 5762] close(4) = 0 [pid 5762] exit_group(0) = ? [pid 5762] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5762, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./734", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./734", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./734/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./734/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./734/binderfs") = 0 umount2("./734/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./734/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./734/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./734/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./734/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./734/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./734") = 0 mkdir("./735", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5763 ./strace-static-x86_64: Process 5763 attached [pid 5763] chdir("./735") = 0 [pid 5763] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5763] setpgid(0, 0) = 0 [pid 5763] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5763] write(3, "1000", 4) = 4 [pid 5763] close(3) = 0 [pid 5763] symlink("/dev/binderfs", "./binderfs") = 0 [ 104.527297][ T5762] loop0: detected capacity change from 0 to 4096 [ 104.535605][ T5762] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5763] memfd_create("syzkaller", 0) = 3 [pid 5763] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5763] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5763] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5763] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5763] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5763] close(3) = 0 [pid 5763] mkdir("./file0", 0777) = 0 [pid 5763] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5763] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5763] chdir("./file0") = 0 [pid 5763] ioctl(4, LOOP_CLR_FD) = 0 [pid 5763] close(4) = 0 [pid 5763] exit_group(0) = ? [pid 5763] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5763, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./735", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./735", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./735/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./735/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./735/binderfs") = 0 umount2("./735/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./735/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./735/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./735/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./735/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./735/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./735") = 0 mkdir("./736", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5764 ./strace-static-x86_64: Process 5764 attached [pid 5764] chdir("./736") = 0 [pid 5764] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5764] setpgid(0, 0) = 0 [pid 5764] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5764] write(3, "1000", 4) = 4 [pid 5764] close(3) = 0 [pid 5764] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5764] memfd_create("syzkaller", 0) = 3 [pid 5764] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 104.611115][ T5763] loop0: detected capacity change from 0 to 4096 [ 104.619671][ T5763] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5764] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5764] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5764] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5764] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5764] close(3) = 0 [pid 5764] mkdir("./file0", 0777) = 0 [pid 5764] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5764] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5764] chdir("./file0") = 0 [pid 5764] ioctl(4, LOOP_CLR_FD) = 0 [pid 5764] close(4) = 0 [pid 5764] exit_group(0) = ? [pid 5764] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5764, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./736", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./736", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./736/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./736/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./736/binderfs") = 0 umount2("./736/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./736/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./736/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./736/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./736/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./736/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./736") = 0 mkdir("./737", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 104.692909][ T5764] loop0: detected capacity change from 0 to 4096 [ 104.701401][ T5764] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5765 attached , child_tidptr=0x5555568435d0) = 5765 [pid 5765] chdir("./737") = 0 [pid 5765] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5765] setpgid(0, 0) = 0 [pid 5765] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5765] write(3, "1000", 4) = 4 [pid 5765] close(3) = 0 [pid 5765] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5765] memfd_create("syzkaller", 0) = 3 [pid 5765] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5765] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5765] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5765] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5765] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5765] close(3) = 0 [pid 5765] mkdir("./file0", 0777) = 0 [pid 5765] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5765] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5765] chdir("./file0") = 0 [pid 5765] ioctl(4, LOOP_CLR_FD) = 0 [pid 5765] close(4) = 0 [pid 5765] exit_group(0) = ? [pid 5765] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5765, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./737", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./737", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./737/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./737/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./737/binderfs") = 0 umount2("./737/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./737/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./737/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./737/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./737/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./737/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./737") = 0 mkdir("./738", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5766 ./strace-static-x86_64: Process 5766 attached [pid 5766] chdir("./738") = 0 [pid 5766] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5766] setpgid(0, 0) = 0 [pid 5766] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5766] write(3, "1000", 4) = 4 [pid 5766] close(3) = 0 [pid 5766] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5766] memfd_create("syzkaller", 0) = 3 [pid 5766] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 104.781516][ T5765] loop0: detected capacity change from 0 to 4096 [ 104.789441][ T5765] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5766] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5766] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5766] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5766] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5766] close(3) = 0 [pid 5766] mkdir("./file0", 0777) = 0 [pid 5766] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5766] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5766] chdir("./file0") = 0 [pid 5766] ioctl(4, LOOP_CLR_FD) = 0 [pid 5766] close(4) = 0 [pid 5766] exit_group(0) = ? [pid 5766] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5766, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./738", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./738", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./738/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./738/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./738/binderfs") = 0 umount2("./738/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./738/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./738/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./738/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./738/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./738/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./738") = 0 mkdir("./739", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5767 attached , child_tidptr=0x5555568435d0) = 5767 [pid 5767] chdir("./739") = 0 [pid 5767] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5767] setpgid(0, 0) = 0 [pid 5767] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5767] write(3, "1000", 4) = 4 [pid 5767] close(3) = 0 [pid 5767] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5767] memfd_create("syzkaller", 0) = 3 [ 104.854250][ T5766] loop0: detected capacity change from 0 to 4096 [ 104.862270][ T5766] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5767] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5767] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5767] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5767] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5767] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5767] close(3) = 0 [pid 5767] mkdir("./file0", 0777) = 0 [pid 5767] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5767] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5767] chdir("./file0") = 0 [pid 5767] ioctl(4, LOOP_CLR_FD) = 0 [pid 5767] close(4) = 0 [pid 5767] exit_group(0) = ? [pid 5767] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5767, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./739", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./739", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./739/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./739/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./739/binderfs") = 0 umount2("./739/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./739/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./739/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./739/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./739/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./739/file0") = 0 [ 104.933474][ T5767] loop0: detected capacity change from 0 to 4096 [ 104.941613][ T5767] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./739") = 0 mkdir("./740", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5768 ./strace-static-x86_64: Process 5768 attached [pid 5768] chdir("./740") = 0 [pid 5768] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5768] setpgid(0, 0) = 0 [pid 5768] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5768] write(3, "1000", 4) = 4 [pid 5768] close(3) = 0 [pid 5768] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5768] memfd_create("syzkaller", 0) = 3 [pid 5768] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5768] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5768] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5768] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5768] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5768] close(3) = 0 [pid 5768] mkdir("./file0", 0777) = 0 [pid 5768] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5768] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5768] chdir("./file0") = 0 [pid 5768] ioctl(4, LOOP_CLR_FD) = 0 [pid 5768] close(4) = 0 [pid 5768] exit_group(0) = ? [pid 5768] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5768, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./740", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./740", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./740/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./740/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./740/binderfs") = 0 umount2("./740/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./740/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./740/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./740/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./740/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./740/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./740") = 0 mkdir("./741", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 105.023504][ T5768] loop0: detected capacity change from 0 to 4096 [ 105.031513][ T5768] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5769 ./strace-static-x86_64: Process 5769 attached [pid 5769] chdir("./741") = 0 [pid 5769] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5769] setpgid(0, 0) = 0 [pid 5769] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5769] write(3, "1000", 4) = 4 [pid 5769] close(3) = 0 [pid 5769] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5769] memfd_create("syzkaller", 0) = 3 [pid 5769] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5769] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5769] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5769] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5769] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5769] close(3) = 0 [pid 5769] mkdir("./file0", 0777) = 0 [pid 5769] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5769] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5769] chdir("./file0") = 0 [pid 5769] ioctl(4, LOOP_CLR_FD) = 0 [pid 5769] close(4) = 0 [pid 5769] exit_group(0) = ? [pid 5769] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5769, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./741", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./741", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./741/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./741/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./741/binderfs") = 0 umount2("./741/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./741/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./741/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./741/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./741/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./741/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./741") = 0 mkdir("./742", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5770 ./strace-static-x86_64: Process 5770 attached [pid 5770] chdir("./742") = 0 [pid 5770] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5770] setpgid(0, 0) = 0 [pid 5770] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5770] write(3, "1000", 4) = 4 [ 105.106488][ T5769] loop0: detected capacity change from 0 to 4096 [ 105.114516][ T5769] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5770] close(3) = 0 [pid 5770] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5770] memfd_create("syzkaller", 0) = 3 [pid 5770] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5770] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5770] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5770] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5770] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5770] close(3) = 0 [pid 5770] mkdir("./file0", 0777) = 0 [pid 5770] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5770] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5770] chdir("./file0") = 0 [pid 5770] ioctl(4, LOOP_CLR_FD) = 0 [pid 5770] close(4) = 0 [pid 5770] exit_group(0) = ? [pid 5770] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5770, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./742", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./742", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./742/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./742/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./742/binderfs") = 0 umount2("./742/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./742/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./742/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./742/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./742/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./742/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./742") = 0 mkdir("./743", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 105.194902][ T5770] loop0: detected capacity change from 0 to 4096 [ 105.203236][ T5770] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5771 ./strace-static-x86_64: Process 5771 attached [pid 5771] chdir("./743") = 0 [pid 5771] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5771] setpgid(0, 0) = 0 [pid 5771] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5771] write(3, "1000", 4) = 4 [pid 5771] close(3) = 0 [pid 5771] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5771] memfd_create("syzkaller", 0) = 3 [pid 5771] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5771] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5771] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5771] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5771] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5771] close(3) = 0 [pid 5771] mkdir("./file0", 0777) = 0 [pid 5771] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5771] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5771] chdir("./file0") = 0 [pid 5771] ioctl(4, LOOP_CLR_FD) = 0 [pid 5771] close(4) = 0 [pid 5771] exit_group(0) = ? [pid 5771] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5771, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./743", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./743", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./743/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./743/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./743/binderfs") = 0 umount2("./743/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./743/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./743/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./743/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./743/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./743/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./743") = 0 mkdir("./744", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 105.282331][ T5771] loop0: detected capacity change from 0 to 4096 [ 105.290798][ T5771] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5772 attached [pid 5772] chdir("./744") = 0 [pid 5772] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5772] setpgid(0, 0) = 0 [pid 5772] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5772] write(3, "1000", 4) = 4 [pid 5772] close(3) = 0 [pid 5772] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5772 [pid 5772] memfd_create("syzkaller", 0) = 3 [pid 5772] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5772] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5772] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5772] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5772] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5772] close(3) = 0 [pid 5772] mkdir("./file0", 0777) = 0 [pid 5772] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5772] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5772] chdir("./file0") = 0 [pid 5772] ioctl(4, LOOP_CLR_FD) = 0 [pid 5772] close(4) = 0 [pid 5772] exit_group(0) = ? [pid 5772] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5772, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./744", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./744", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./744/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./744/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./744/binderfs") = 0 umount2("./744/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./744/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./744/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./744/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./744/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./744/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./744") = 0 mkdir("./745", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5773 ./strace-static-x86_64: Process 5773 attached [pid 5773] chdir("./745") = 0 [pid 5773] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5773] setpgid(0, 0) = 0 [ 105.369053][ T5772] loop0: detected capacity change from 0 to 4096 [ 105.377319][ T5772] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5773] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5773] write(3, "1000", 4) = 4 [pid 5773] close(3) = 0 [pid 5773] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5773] memfd_create("syzkaller", 0) = 3 [pid 5773] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5773] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5773] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5773] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5773] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5773] close(3) = 0 [pid 5773] mkdir("./file0", 0777) = 0 [pid 5773] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5773] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5773] chdir("./file0") = 0 [pid 5773] ioctl(4, LOOP_CLR_FD) = 0 [pid 5773] close(4) = 0 [pid 5773] exit_group(0) = ? [pid 5773] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5773, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./745", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./745", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./745/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./745/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./745/binderfs") = 0 umount2("./745/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./745/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./745/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./745/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./745/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./745/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./745") = 0 mkdir("./746", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5774 attached , child_tidptr=0x5555568435d0) = 5774 [pid 5774] chdir("./746") = 0 [pid 5774] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5774] setpgid(0, 0) = 0 [pid 5774] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5774] write(3, "1000", 4) = 4 [pid 5774] close(3) = 0 [pid 5774] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5774] memfd_create("syzkaller", 0) = 3 [pid 5774] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 105.454986][ T5773] loop0: detected capacity change from 0 to 4096 [ 105.463970][ T5773] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5774] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5774] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5774] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5774] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5774] close(3) = 0 [pid 5774] mkdir("./file0", 0777) = 0 [pid 5774] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5774] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5774] chdir("./file0") = 0 [pid 5774] ioctl(4, LOOP_CLR_FD) = 0 [pid 5774] close(4) = 0 [pid 5774] exit_group(0) = ? [pid 5774] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5774, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./746", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./746", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./746/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./746/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./746/binderfs") = 0 umount2("./746/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./746/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./746/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./746/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./746/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./746/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./746") = 0 mkdir("./747", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5775 ./strace-static-x86_64: Process 5775 attached [pid 5775] chdir("./747") = 0 [pid 5775] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5775] setpgid(0, 0) = 0 [pid 5775] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5775] write(3, "1000", 4) = 4 [pid 5775] close(3) = 0 [pid 5775] symlink("/dev/binderfs", "./binderfs") = 0 [ 105.538101][ T5774] loop0: detected capacity change from 0 to 4096 [ 105.546402][ T5774] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5775] memfd_create("syzkaller", 0) = 3 [pid 5775] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5775] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5775] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5775] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5775] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5775] close(3) = 0 [pid 5775] mkdir("./file0", 0777) = 0 [pid 5775] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5775] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5775] chdir("./file0") = 0 [pid 5775] ioctl(4, LOOP_CLR_FD) = 0 [pid 5775] close(4) = 0 [pid 5775] exit_group(0) = ? [pid 5775] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5775, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./747", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./747", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./747/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./747/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./747/binderfs") = 0 umount2("./747/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./747/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./747/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./747/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./747/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./747/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./747") = 0 mkdir("./748", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5776 ./strace-static-x86_64: Process 5776 attached [pid 5776] chdir("./748") = 0 [pid 5776] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5776] setpgid(0, 0) = 0 [ 105.623653][ T5775] loop0: detected capacity change from 0 to 4096 [ 105.632147][ T5775] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5776] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5776] write(3, "1000", 4) = 4 [pid 5776] close(3) = 0 [pid 5776] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5776] memfd_create("syzkaller", 0) = 3 [pid 5776] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5776] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5776] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5776] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5776] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5776] close(3) = 0 [pid 5776] mkdir("./file0", 0777) = 0 [pid 5776] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5776] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5776] chdir("./file0") = 0 [pid 5776] ioctl(4, LOOP_CLR_FD) = 0 [pid 5776] close(4) = 0 [pid 5776] exit_group(0) = ? [pid 5776] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5776, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./748", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./748", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./748/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./748/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./748/binderfs") = 0 umount2("./748/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./748/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./748/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./748/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./748/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./748/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./748") = 0 mkdir("./749", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5777 ./strace-static-x86_64: Process 5777 attached [ 105.711861][ T5776] loop0: detected capacity change from 0 to 4096 [ 105.720821][ T5776] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5777] chdir("./749") = 0 [pid 5777] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5777] setpgid(0, 0) = 0 [pid 5777] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5777] write(3, "1000", 4) = 4 [pid 5777] close(3) = 0 [pid 5777] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5777] memfd_create("syzkaller", 0) = 3 [pid 5777] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5777] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5777] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5777] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5777] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5777] close(3) = 0 [pid 5777] mkdir("./file0", 0777) = 0 [pid 5777] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5777] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5777] chdir("./file0") = 0 [pid 5777] ioctl(4, LOOP_CLR_FD) = 0 [pid 5777] close(4) = 0 [pid 5777] exit_group(0) = ? [pid 5777] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5777, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./749", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./749", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./749/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./749/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./749/binderfs") = 0 umount2("./749/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./749/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./749/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./749/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./749/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./749/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./749") = 0 mkdir("./750", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5778 attached , child_tidptr=0x5555568435d0) = 5778 [pid 5778] chdir("./750") = 0 [pid 5778] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5778] setpgid(0, 0) = 0 [pid 5778] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5778] write(3, "1000", 4) = 4 [pid 5778] close(3) = 0 [pid 5778] symlink("/dev/binderfs", "./binderfs") = 0 [ 105.807222][ T5777] loop0: detected capacity change from 0 to 4096 [ 105.815636][ T5777] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5778] memfd_create("syzkaller", 0) = 3 [pid 5778] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5778] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5778] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5778] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5778] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5778] close(3) = 0 [pid 5778] mkdir("./file0", 0777) = 0 [pid 5778] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5778] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5778] chdir("./file0") = 0 [pid 5778] ioctl(4, LOOP_CLR_FD) = 0 [pid 5778] close(4) = 0 [pid 5778] exit_group(0) = ? [pid 5778] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5778, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./750", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./750", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./750/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./750/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./750/binderfs") = 0 umount2("./750/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./750/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./750/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./750/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./750/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./750/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./750") = 0 mkdir("./751", 0777) = 0 [ 105.889702][ T5778] loop0: detected capacity change from 0 to 4096 [ 105.898637][ T5778] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5779 attached [pid 5779] chdir("./751") = 0 [pid 5779] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5779] setpgid(0, 0) = 0 [pid 5779] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5779 [pid 5779] <... openat resumed>) = 3 [pid 5779] write(3, "1000", 4) = 4 [pid 5779] close(3) = 0 [pid 5779] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5779] memfd_create("syzkaller", 0) = 3 [pid 5779] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5779] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5779] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5779] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5779] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5779] close(3) = 0 [pid 5779] mkdir("./file0", 0777) = 0 [pid 5779] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5779] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5779] chdir("./file0") = 0 [pid 5779] ioctl(4, LOOP_CLR_FD) = 0 [pid 5779] close(4) = 0 [pid 5779] exit_group(0) = ? [pid 5779] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5779, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./751", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./751", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./751/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./751/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./751/binderfs") = 0 umount2("./751/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./751/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./751/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./751/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./751/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./751/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./751") = 0 mkdir("./752", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 105.974097][ T5779] loop0: detected capacity change from 0 to 4096 [ 105.982814][ T5779] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5780 ./strace-static-x86_64: Process 5780 attached [pid 5780] chdir("./752") = 0 [pid 5780] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5780] setpgid(0, 0) = 0 [pid 5780] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5780] write(3, "1000", 4) = 4 [pid 5780] close(3) = 0 [pid 5780] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5780] memfd_create("syzkaller", 0) = 3 [pid 5780] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5780] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5780] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5780] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5780] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5780] close(3) = 0 [pid 5780] mkdir("./file0", 0777) = 0 [pid 5780] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5780] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5780] chdir("./file0") = 0 [pid 5780] ioctl(4, LOOP_CLR_FD) = 0 [pid 5780] close(4) = 0 [pid 5780] exit_group(0) = ? [pid 5780] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5780, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./752", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./752", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./752/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./752/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./752/binderfs") = 0 umount2("./752/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./752/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./752/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./752/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./752/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./752/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./752") = 0 mkdir("./753", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5781 ./strace-static-x86_64: Process 5781 attached [pid 5781] chdir("./753") = 0 [pid 5781] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 106.064263][ T5780] loop0: detected capacity change from 0 to 4096 [ 106.072449][ T5780] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5781] setpgid(0, 0) = 0 [pid 5781] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5781] write(3, "1000", 4) = 4 [pid 5781] close(3) = 0 [pid 5781] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5781] memfd_create("syzkaller", 0) = 3 [pid 5781] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5781] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5781] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5781] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5781] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5781] close(3) = 0 [pid 5781] mkdir("./file0", 0777) = 0 [pid 5781] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5781] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5781] chdir("./file0") = 0 [pid 5781] ioctl(4, LOOP_CLR_FD) = 0 [pid 5781] close(4) = 0 [pid 5781] exit_group(0) = ? [pid 5781] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5781, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./753", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./753", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./753/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./753/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./753/binderfs") = 0 umount2("./753/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./753/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./753/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./753/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./753/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./753/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./753") = 0 mkdir("./754", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5782 ./strace-static-x86_64: Process 5782 attached [pid 5782] chdir("./754") = 0 [pid 5782] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5782] setpgid(0, 0) = 0 [pid 5782] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5782] write(3, "1000", 4) = 4 [pid 5782] close(3) = 0 [ 106.149588][ T5781] loop0: detected capacity change from 0 to 4096 [ 106.158794][ T5781] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5782] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5782] memfd_create("syzkaller", 0) = 3 [pid 5782] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5782] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5782] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5782] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5782] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5782] close(3) = 0 [pid 5782] mkdir("./file0", 0777) = 0 [pid 5782] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5782] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5782] chdir("./file0") = 0 [pid 5782] ioctl(4, LOOP_CLR_FD) = 0 [pid 5782] close(4) = 0 [pid 5782] exit_group(0) = ? [pid 5782] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5782, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./754", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./754", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./754/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./754/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./754/binderfs") = 0 umount2("./754/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./754/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./754/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./754/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./754/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./754/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./754") = 0 mkdir("./755", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 106.233735][ T5782] loop0: detected capacity change from 0 to 4096 [ 106.242299][ T5782] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5783 attached , child_tidptr=0x5555568435d0) = 5783 [pid 5783] chdir("./755") = 0 [pid 5783] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5783] setpgid(0, 0) = 0 [pid 5783] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5783] write(3, "1000", 4) = 4 [pid 5783] close(3) = 0 [pid 5783] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5783] memfd_create("syzkaller", 0) = 3 [pid 5783] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5783] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5783] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5783] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5783] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5783] close(3) = 0 [pid 5783] mkdir("./file0", 0777) = 0 [pid 5783] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5783] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5783] chdir("./file0") = 0 [pid 5783] ioctl(4, LOOP_CLR_FD) = 0 [pid 5783] close(4) = 0 [pid 5783] exit_group(0) = ? [pid 5783] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5783, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./755", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./755", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./755/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./755/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./755/binderfs") = 0 umount2("./755/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./755/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./755/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./755/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./755/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./755/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./755") = 0 mkdir("./756", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5784 attached , child_tidptr=0x5555568435d0) = 5784 [pid 5784] chdir("./756") = 0 [pid 5784] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5784] setpgid(0, 0) = 0 [pid 5784] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5784] write(3, "1000", 4) = 4 [pid 5784] close(3) = 0 [pid 5784] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5784] memfd_create("syzkaller", 0) = 3 [pid 5784] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 106.325071][ T5783] loop0: detected capacity change from 0 to 4096 [ 106.333896][ T5783] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5784] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5784] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5784] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5784] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5784] close(3) = 0 [pid 5784] mkdir("./file0", 0777) = 0 [pid 5784] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5784] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5784] chdir("./file0") = 0 [pid 5784] ioctl(4, LOOP_CLR_FD) = 0 [pid 5784] close(4) = 0 [pid 5784] exit_group(0) = ? [pid 5784] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5784, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./756", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./756", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./756/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./756/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./756/binderfs") = 0 umount2("./756/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./756/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./756/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./756/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./756/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./756/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./756") = 0 mkdir("./757", 0777) = 0 [ 106.402163][ T5784] loop0: detected capacity change from 0 to 4096 [ 106.410707][ T5784] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5785 ./strace-static-x86_64: Process 5785 attached [pid 5785] chdir("./757") = 0 [pid 5785] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5785] setpgid(0, 0) = 0 [pid 5785] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5785] write(3, "1000", 4) = 4 [pid 5785] close(3) = 0 [pid 5785] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5785] memfd_create("syzkaller", 0) = 3 [pid 5785] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5785] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5785] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5785] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5785] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5785] close(3) = 0 [pid 5785] mkdir("./file0", 0777) = 0 [pid 5785] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5785] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5785] chdir("./file0") = 0 [pid 5785] ioctl(4, LOOP_CLR_FD) = 0 [pid 5785] close(4) = 0 [pid 5785] exit_group(0) = ? [pid 5785] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5785, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./757", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./757", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./757/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./757/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./757/binderfs") = 0 umount2("./757/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./757/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./757/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./757/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./757/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./757/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./757") = 0 mkdir("./758", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5786 ./strace-static-x86_64: Process 5786 attached [pid 5786] chdir("./758") = 0 [pid 5786] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5786] setpgid(0, 0) = 0 [pid 5786] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5786] write(3, "1000", 4) = 4 [pid 5786] close(3) = 0 [pid 5786] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5786] memfd_create("syzkaller", 0) = 3 [pid 5786] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 106.493478][ T5785] loop0: detected capacity change from 0 to 4096 [ 106.501703][ T5785] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5786] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5786] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5786] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5786] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5786] close(3) = 0 [pid 5786] mkdir("./file0", 0777) = 0 [pid 5786] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5786] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5786] chdir("./file0") = 0 [pid 5786] ioctl(4, LOOP_CLR_FD) = 0 [pid 5786] close(4) = 0 [pid 5786] exit_group(0) = ? [pid 5786] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5786, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./758", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./758", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./758/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./758/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./758/binderfs") = 0 umount2("./758/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./758/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./758/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./758/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./758/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./758/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./758") = 0 mkdir("./759", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5787 ./strace-static-x86_64: Process 5787 attached [pid 5787] chdir("./759") = 0 [ 106.570944][ T5786] loop0: detected capacity change from 0 to 4096 [ 106.579552][ T5786] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5787] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5787] setpgid(0, 0) = 0 [pid 5787] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5787] write(3, "1000", 4) = 4 [pid 5787] close(3) = 0 [pid 5787] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5787] memfd_create("syzkaller", 0) = 3 [pid 5787] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5787] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5787] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5787] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5787] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5787] close(3) = 0 [pid 5787] mkdir("./file0", 0777) = 0 [pid 5787] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5787] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5787] chdir("./file0") = 0 [pid 5787] ioctl(4, LOOP_CLR_FD) = 0 [pid 5787] close(4) = 0 [pid 5787] exit_group(0) = ? [pid 5787] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5787, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./759", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./759", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./759/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./759/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./759/binderfs") = 0 umount2("./759/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./759/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./759/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./759/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./759/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./759/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./759") = 0 mkdir("./760", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5788 ./strace-static-x86_64: Process 5788 attached [pid 5788] chdir("./760") = 0 [pid 5788] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5788] setpgid(0, 0) = 0 [pid 5788] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 106.656464][ T5787] loop0: detected capacity change from 0 to 4096 [ 106.664834][ T5787] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5788] write(3, "1000", 4) = 4 [pid 5788] close(3) = 0 [pid 5788] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5788] memfd_create("syzkaller", 0) = 3 [pid 5788] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5788] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5788] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5788] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5788] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5788] close(3) = 0 [pid 5788] mkdir("./file0", 0777) = 0 [pid 5788] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5788] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5788] chdir("./file0") = 0 [pid 5788] ioctl(4, LOOP_CLR_FD) = 0 [pid 5788] close(4) = 0 [pid 5788] exit_group(0) = ? [pid 5788] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5788, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./760", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./760", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./760/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./760/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./760/binderfs") = 0 umount2("./760/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./760/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./760/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./760/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./760/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./760/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./760") = 0 mkdir("./761", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5789 ./strace-static-x86_64: Process 5789 attached [pid 5789] chdir("./761") = 0 [pid 5789] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5789] setpgid(0, 0) = 0 [ 106.740432][ T5788] loop0: detected capacity change from 0 to 4096 [ 106.749009][ T5788] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5789] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5789] write(3, "1000", 4) = 4 [pid 5789] close(3) = 0 [pid 5789] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5789] memfd_create("syzkaller", 0) = 3 [pid 5789] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5789] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5789] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5789] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5789] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5789] close(3) = 0 [pid 5789] mkdir("./file0", 0777) = 0 [pid 5789] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5789] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5789] chdir("./file0") = 0 [pid 5789] ioctl(4, LOOP_CLR_FD) = 0 [pid 5789] close(4) = 0 [pid 5789] exit_group(0) = ? [pid 5789] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5789, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./761", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./761", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./761/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./761/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./761/binderfs") = 0 umount2("./761/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./761/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./761/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./761/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./761/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./761/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./761") = 0 mkdir("./762", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 106.824270][ T5789] loop0: detected capacity change from 0 to 4096 [ 106.832740][ T5789] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5790 attached , child_tidptr=0x5555568435d0) = 5790 [pid 5790] chdir("./762") = 0 [pid 5790] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5790] setpgid(0, 0) = 0 [pid 5790] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5790] write(3, "1000", 4) = 4 [pid 5790] close(3) = 0 [pid 5790] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5790] memfd_create("syzkaller", 0) = 3 [pid 5790] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5790] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5790] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5790] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5790] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5790] close(3) = 0 [pid 5790] mkdir("./file0", 0777) = 0 [pid 5790] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5790] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5790] chdir("./file0") = 0 [pid 5790] ioctl(4, LOOP_CLR_FD) = 0 [pid 5790] close(4) = 0 [pid 5790] exit_group(0) = ? [pid 5790] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5790, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./762", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./762", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./762/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./762/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./762/binderfs") = 0 umount2("./762/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./762/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./762/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./762/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./762/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./762/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./762") = 0 mkdir("./763", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5791 ./strace-static-x86_64: Process 5791 attached [pid 5791] chdir("./763") = 0 [pid 5791] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5791] setpgid(0, 0) = 0 [pid 5791] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5791] write(3, "1000", 4) = 4 [pid 5791] close(3) = 0 [pid 5791] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5791] memfd_create("syzkaller", 0) = 3 [ 106.909744][ T5790] loop0: detected capacity change from 0 to 4096 [ 106.917847][ T5790] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5791] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5791] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5791] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5791] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5791] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5791] close(3) = 0 [pid 5791] mkdir("./file0", 0777) = 0 [pid 5791] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5791] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5791] chdir("./file0") = 0 [pid 5791] ioctl(4, LOOP_CLR_FD) = 0 [pid 5791] close(4) = 0 [pid 5791] exit_group(0) = ? [pid 5791] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5791, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./763", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./763", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./763/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./763/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./763/binderfs") = 0 umount2("./763/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./763/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./763/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./763/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./763/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./763/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./763") = 0 mkdir("./764", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 106.988869][ T5791] loop0: detected capacity change from 0 to 4096 [ 106.997469][ T5791] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5792 attached , child_tidptr=0x5555568435d0) = 5792 [pid 5792] chdir("./764") = 0 [pid 5792] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5792] setpgid(0, 0) = 0 [pid 5792] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5792] write(3, "1000", 4) = 4 [pid 5792] close(3) = 0 [pid 5792] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5792] memfd_create("syzkaller", 0) = 3 [pid 5792] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5792] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5792] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5792] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5792] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5792] close(3) = 0 [pid 5792] mkdir("./file0", 0777) = 0 [pid 5792] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5792] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5792] chdir("./file0") = 0 [pid 5792] ioctl(4, LOOP_CLR_FD) = 0 [pid 5792] close(4) = 0 [pid 5792] exit_group(0) = ? [pid 5792] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5792, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./764", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./764", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./764/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./764/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./764/binderfs") = 0 umount2("./764/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./764/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./764/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./764/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./764/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./764/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./764") = 0 mkdir("./765", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5793 ./strace-static-x86_64: Process 5793 attached [pid 5793] chdir("./765") = 0 [pid 5793] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5793] setpgid(0, 0) = 0 [ 107.079597][ T5792] loop0: detected capacity change from 0 to 4096 [ 107.088593][ T5792] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5793] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5793] write(3, "1000", 4) = 4 [pid 5793] close(3) = 0 [pid 5793] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5793] memfd_create("syzkaller", 0) = 3 [pid 5793] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5793] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5793] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5793] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5793] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5793] close(3) = 0 [pid 5793] mkdir("./file0", 0777) = 0 [pid 5793] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5793] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5793] chdir("./file0") = 0 [pid 5793] ioctl(4, LOOP_CLR_FD) = 0 [pid 5793] close(4) = 0 [pid 5793] exit_group(0) = ? [pid 5793] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5793, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- umount2("./765", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./765", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./765/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./765/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./765/binderfs") = 0 umount2("./765/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./765/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./765/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./765/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./765/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./765/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./765") = 0 mkdir("./766", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5794 attached , child_tidptr=0x5555568435d0) = 5794 [pid 5794] chdir("./766") = 0 [pid 5794] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5794] setpgid(0, 0) = 0 [pid 5794] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5794] write(3, "1000", 4) = 4 [pid 5794] close(3) = 0 [pid 5794] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5794] memfd_create("syzkaller", 0) = 3 [pid 5794] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 107.166057][ T5793] loop0: detected capacity change from 0 to 4096 [ 107.174209][ T5793] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5794] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5794] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5794] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5794] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5794] close(3) = 0 [pid 5794] mkdir("./file0", 0777) = 0 [pid 5794] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5794] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5794] chdir("./file0") = 0 [pid 5794] ioctl(4, LOOP_CLR_FD) = 0 [pid 5794] close(4) = 0 [pid 5794] exit_group(0) = ? [pid 5794] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5794, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- umount2("./766", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./766", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./766/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./766/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./766/binderfs") = 0 umount2("./766/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./766/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./766/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./766/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./766/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./766/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./766") = 0 mkdir("./767", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5795 ./strace-static-x86_64: Process 5795 attached [pid 5795] chdir("./767") = 0 [pid 5795] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5795] setpgid(0, 0) = 0 [pid 5795] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5795] write(3, "1000", 4) = 4 [pid 5795] close(3) = 0 [pid 5795] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5795] memfd_create("syzkaller", 0) = 3 [ 107.248690][ T5794] loop0: detected capacity change from 0 to 4096 [ 107.257335][ T5794] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5795] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5795] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5795] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5795] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5795] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5795] close(3) = 0 [pid 5795] mkdir("./file0", 0777) = 0 [pid 5795] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5795] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5795] chdir("./file0") = 0 [pid 5795] ioctl(4, LOOP_CLR_FD) = 0 [pid 5795] close(4) = 0 [pid 5795] exit_group(0) = ? [pid 5795] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5795, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./767", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./767", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./767/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./767/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./767/binderfs") = 0 umount2("./767/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./767/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./767/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./767/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./767/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./767/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./767") = 0 mkdir("./768", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5796 ./strace-static-x86_64: Process 5796 attached [ 107.328604][ T5795] loop0: detected capacity change from 0 to 4096 [ 107.337019][ T5795] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5796] chdir("./768") = 0 [pid 5796] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5796] setpgid(0, 0) = 0 [pid 5796] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5796] write(3, "1000", 4) = 4 [pid 5796] close(3) = 0 [pid 5796] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5796] memfd_create("syzkaller", 0) = 3 [pid 5796] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5796] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5796] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5796] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5796] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5796] close(3) = 0 [pid 5796] mkdir("./file0", 0777) = 0 [pid 5796] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5796] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5796] chdir("./file0") = 0 [pid 5796] ioctl(4, LOOP_CLR_FD) = 0 [pid 5796] close(4) = 0 [pid 5796] exit_group(0) = ? [pid 5796] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5796, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./768", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./768", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./768/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./768/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./768/binderfs") = 0 umount2("./768/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./768/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./768/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./768/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./768/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./768/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./768") = 0 mkdir("./769", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5797 ./strace-static-x86_64: Process 5797 attached [pid 5797] chdir("./769") = 0 [pid 5797] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5797] setpgid(0, 0) = 0 [pid 5797] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5797] write(3, "1000", 4) = 4 [pid 5797] close(3) = 0 [pid 5797] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5797] memfd_create("syzkaller", 0) = 3 [pid 5797] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 107.415441][ T5796] loop0: detected capacity change from 0 to 4096 [ 107.424383][ T5796] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5797] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5797] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5797] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5797] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5797] close(3) = 0 [pid 5797] mkdir("./file0", 0777) = 0 [pid 5797] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5797] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5797] chdir("./file0") = 0 [pid 5797] ioctl(4, LOOP_CLR_FD) = 0 [pid 5797] close(4) = 0 [pid 5797] exit_group(0) = ? [pid 5797] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5797, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./769", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./769", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./769/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./769/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./769/binderfs") = 0 umount2("./769/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./769/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./769/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./769/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./769/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./769/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./769") = 0 mkdir("./770", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5798 ./strace-static-x86_64: Process 5798 attached [pid 5798] chdir("./770") = 0 [pid 5798] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5798] setpgid(0, 0) = 0 [pid 5798] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5798] write(3, "1000", 4) = 4 [pid 5798] close(3) = 0 [pid 5798] symlink("/dev/binderfs", "./binderfs") = 0 [ 107.495502][ T5797] loop0: detected capacity change from 0 to 4096 [ 107.503793][ T5797] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5798] memfd_create("syzkaller", 0) = 3 [pid 5798] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5798] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5798] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5798] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5798] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5798] close(3) = 0 [pid 5798] mkdir("./file0", 0777) = 0 [pid 5798] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5798] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5798] chdir("./file0") = 0 [pid 5798] ioctl(4, LOOP_CLR_FD) = 0 [pid 5798] close(4) = 0 [pid 5798] exit_group(0) = ? [pid 5798] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5798, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./770", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./770", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./770/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./770/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./770/binderfs") = 0 umount2("./770/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./770/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./770/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./770/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./770/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./770/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./770") = 0 mkdir("./771", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5799 ./strace-static-x86_64: Process 5799 attached [pid 5799] chdir("./771") = 0 [pid 5799] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5799] setpgid(0, 0) = 0 [pid 5799] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5799] write(3, "1000", 4) = 4 [pid 5799] close(3) = 0 [pid 5799] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5799] memfd_create("syzkaller", 0) = 3 [pid 5799] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 107.578819][ T5798] loop0: detected capacity change from 0 to 4096 [ 107.587203][ T5798] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5799] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5799] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5799] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5799] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5799] close(3) = 0 [pid 5799] mkdir("./file0", 0777) = 0 [pid 5799] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5799] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5799] chdir("./file0") = 0 [pid 5799] ioctl(4, LOOP_CLR_FD) = 0 [pid 5799] close(4) = 0 [pid 5799] exit_group(0) = ? [pid 5799] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5799, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./771", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./771", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./771/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./771/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./771/binderfs") = 0 umount2("./771/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./771/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./771/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./771/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./771/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./771/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./771") = 0 mkdir("./772", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5800 attached , child_tidptr=0x5555568435d0) = 5800 [pid 5800] chdir("./772") = 0 [pid 5800] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5800] setpgid(0, 0) = 0 [pid 5800] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5800] write(3, "1000", 4) = 4 [pid 5800] close(3) = 0 [pid 5800] symlink("/dev/binderfs", "./binderfs") = 0 [ 107.658731][ T5799] loop0: detected capacity change from 0 to 4096 [ 107.667394][ T5799] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5800] memfd_create("syzkaller", 0) = 3 [pid 5800] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5800] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5800] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5800] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5800] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5800] close(3) = 0 [pid 5800] mkdir("./file0", 0777) = 0 [pid 5800] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5800] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5800] chdir("./file0") = 0 [pid 5800] ioctl(4, LOOP_CLR_FD) = 0 [pid 5800] close(4) = 0 [pid 5800] exit_group(0) = ? [pid 5800] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5800, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./772", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./772", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./772/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./772/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./772/binderfs") = 0 umount2("./772/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./772/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./772/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./772/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./772/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./772/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./772") = 0 mkdir("./773", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 107.741166][ T5800] loop0: detected capacity change from 0 to 4096 [ 107.749549][ T5800] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5801 attached , child_tidptr=0x5555568435d0) = 5801 [pid 5801] chdir("./773") = 0 [pid 5801] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5801] setpgid(0, 0) = 0 [pid 5801] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5801] write(3, "1000", 4) = 4 [pid 5801] close(3) = 0 [pid 5801] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5801] memfd_create("syzkaller", 0) = 3 [pid 5801] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5801] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5801] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5801] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5801] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5801] close(3) = 0 [pid 5801] mkdir("./file0", 0777) = 0 [pid 5801] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5801] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5801] chdir("./file0") = 0 [pid 5801] ioctl(4, LOOP_CLR_FD) = 0 [pid 5801] close(4) = 0 [pid 5801] exit_group(0) = ? [pid 5801] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5801, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./773", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./773", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./773/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./773/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./773/binderfs") = 0 umount2("./773/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./773/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./773/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./773/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./773/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./773/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./773") = 0 mkdir("./774", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 107.832308][ T5801] loop0: detected capacity change from 0 to 4096 [ 107.840422][ T5801] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5802 ./strace-static-x86_64: Process 5802 attached [pid 5802] chdir("./774") = 0 [pid 5802] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5802] setpgid(0, 0) = 0 [pid 5802] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5802] write(3, "1000", 4) = 4 [pid 5802] close(3) = 0 [pid 5802] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5802] memfd_create("syzkaller", 0) = 3 [pid 5802] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5802] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5802] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5802] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5802] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5802] close(3) = 0 [pid 5802] mkdir("./file0", 0777) = 0 [pid 5802] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5802] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5802] chdir("./file0") = 0 [pid 5802] ioctl(4, LOOP_CLR_FD) = 0 [pid 5802] close(4) = 0 [pid 5802] exit_group(0) = ? [pid 5802] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5802, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./774", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./774", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./774/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./774/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./774/binderfs") = 0 umount2("./774/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./774/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./774/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./774/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./774/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./774/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./774") = 0 mkdir("./775", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 107.914925][ T5802] loop0: detected capacity change from 0 to 4096 [ 107.922819][ T5802] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5803 attached [pid 5803] chdir("./775") = 0 [pid 5803] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5803 [pid 5803] setpgid(0, 0) = 0 [pid 5803] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5803] write(3, "1000", 4) = 4 [pid 5803] close(3) = 0 [pid 5803] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5803] memfd_create("syzkaller", 0) = 3 [pid 5803] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5803] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5803] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5803] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5803] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5803] close(3) = 0 [pid 5803] mkdir("./file0", 0777) = 0 [pid 5803] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5803] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5803] chdir("./file0") = 0 [pid 5803] ioctl(4, LOOP_CLR_FD) = 0 [pid 5803] close(4) = 0 [pid 5803] exit_group(0) = ? [pid 5803] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5803, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./775", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./775", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./775/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./775/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./775/binderfs") = 0 umount2("./775/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./775/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./775/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./775/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./775/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./775/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./775") = 0 mkdir("./776", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 108.002401][ T5803] loop0: detected capacity change from 0 to 4096 [ 108.010542][ T5803] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5804 ./strace-static-x86_64: Process 5804 attached [pid 5804] chdir("./776") = 0 [pid 5804] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5804] setpgid(0, 0) = 0 [pid 5804] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5804] write(3, "1000", 4) = 4 [pid 5804] close(3) = 0 [pid 5804] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5804] memfd_create("syzkaller", 0) = 3 [pid 5804] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5804] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5804] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5804] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5804] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5804] close(3) = 0 [pid 5804] mkdir("./file0", 0777) = 0 [pid 5804] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5804] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5804] chdir("./file0") = 0 [pid 5804] ioctl(4, LOOP_CLR_FD) = 0 [pid 5804] close(4) = 0 [pid 5804] exit_group(0) = ? [pid 5804] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5804, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./776", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./776", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./776/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./776/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./776/binderfs") = 0 umount2("./776/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./776/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./776/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./776/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./776/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./776/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./776") = 0 mkdir("./777", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5805 ./strace-static-x86_64: Process 5805 attached [pid 5805] chdir("./777") = 0 [pid 5805] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 108.090122][ T5804] loop0: detected capacity change from 0 to 4096 [ 108.098118][ T5804] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5805] setpgid(0, 0) = 0 [pid 5805] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5805] write(3, "1000", 4) = 4 [pid 5805] close(3) = 0 [pid 5805] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5805] memfd_create("syzkaller", 0) = 3 [pid 5805] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5805] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5805] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5805] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5805] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5805] close(3) = 0 [pid 5805] mkdir("./file0", 0777) = 0 [pid 5805] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5805] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5805] chdir("./file0") = 0 [pid 5805] ioctl(4, LOOP_CLR_FD) = 0 [pid 5805] close(4) = 0 [pid 5805] exit_group(0) = ? [pid 5805] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5805, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./777", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./777", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./777/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./777/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./777/binderfs") = 0 umount2("./777/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./777/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./777/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./777/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./777/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./777/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./777") = 0 mkdir("./778", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5806 attached , child_tidptr=0x5555568435d0) = 5806 [pid 5806] chdir("./778") = 0 [pid 5806] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5806] setpgid(0, 0) = 0 [pid 5806] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5806] write(3, "1000", 4) = 4 [pid 5806] close(3) = 0 [pid 5806] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5806] memfd_create("syzkaller", 0) = 3 [pid 5806] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 108.175437][ T5805] loop0: detected capacity change from 0 to 4096 [ 108.184363][ T5805] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5806] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5806] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5806] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5806] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5806] close(3) = 0 [pid 5806] mkdir("./file0", 0777) = 0 [pid 5806] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5806] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5806] chdir("./file0") = 0 [pid 5806] ioctl(4, LOOP_CLR_FD) = 0 [pid 5806] close(4) = 0 [pid 5806] exit_group(0) = ? [pid 5806] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5806, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./778", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./778", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./778/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./778/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./778/binderfs") = 0 umount2("./778/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./778/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./778/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./778/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./778/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./778/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./778") = 0 mkdir("./779", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5807 attached , child_tidptr=0x5555568435d0) = 5807 [pid 5807] chdir("./779") = 0 [pid 5807] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5807] setpgid(0, 0) = 0 [pid 5807] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5807] write(3, "1000", 4) = 4 [pid 5807] close(3) = 0 [pid 5807] symlink("/dev/binderfs", "./binderfs") = 0 [ 108.256784][ T5806] loop0: detected capacity change from 0 to 4096 [ 108.266622][ T5806] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5807] memfd_create("syzkaller", 0) = 3 [pid 5807] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5807] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5807] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5807] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5807] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5807] close(3) = 0 [pid 5807] mkdir("./file0", 0777) = 0 [pid 5807] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5807] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5807] chdir("./file0") = 0 [pid 5807] ioctl(4, LOOP_CLR_FD) = 0 [pid 5807] close(4) = 0 [pid 5807] exit_group(0) = ? [pid 5807] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5807, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./779", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./779", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./779/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./779/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./779/binderfs") = 0 umount2("./779/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./779/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./779/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./779/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./779/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./779/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./779") = 0 mkdir("./780", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5808 ./strace-static-x86_64: Process 5808 attached [pid 5808] chdir("./780") = 0 [pid 5808] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5808] setpgid(0, 0) = 0 [ 108.345590][ T5807] loop0: detected capacity change from 0 to 4096 [ 108.354022][ T5807] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5808] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5808] write(3, "1000", 4) = 4 [pid 5808] close(3) = 0 [pid 5808] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5808] memfd_create("syzkaller", 0) = 3 [pid 5808] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5808] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5808] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5808] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5808] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5808] close(3) = 0 [pid 5808] mkdir("./file0", 0777) = 0 [pid 5808] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5808] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5808] chdir("./file0") = 0 [pid 5808] ioctl(4, LOOP_CLR_FD) = 0 [pid 5808] close(4) = 0 [pid 5808] exit_group(0) = ? [pid 5808] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5808, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./780", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./780", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./780/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./780/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./780/binderfs") = 0 umount2("./780/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./780/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./780/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./780/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./780/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./780/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./780") = 0 mkdir("./781", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 108.434250][ T5808] loop0: detected capacity change from 0 to 4096 [ 108.442743][ T5808] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5809 ./strace-static-x86_64: Process 5809 attached [pid 5809] chdir("./781") = 0 [pid 5809] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5809] setpgid(0, 0) = 0 [pid 5809] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5809] write(3, "1000", 4) = 4 [pid 5809] close(3) = 0 [pid 5809] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5809] memfd_create("syzkaller", 0) = 3 [pid 5809] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5809] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5809] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5809] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5809] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5809] close(3) = 0 [pid 5809] mkdir("./file0", 0777) = 0 [pid 5809] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5809] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5809] chdir("./file0") = 0 [pid 5809] ioctl(4, LOOP_CLR_FD) = 0 [pid 5809] close(4) = 0 [pid 5809] exit_group(0) = ? [pid 5809] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5809, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./781", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./781", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./781/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./781/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./781/binderfs") = 0 umount2("./781/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./781/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./781/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./781/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./781/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./781/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./781") = 0 mkdir("./782", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5810 ./strace-static-x86_64: Process 5810 attached [pid 5810] chdir("./782") = 0 [pid 5810] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5810] setpgid(0, 0) = 0 [pid 5810] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5810] write(3, "1000", 4) = 4 [pid 5810] close(3) = 0 [pid 5810] symlink("/dev/binderfs", "./binderfs") = 0 [ 108.515508][ T5809] loop0: detected capacity change from 0 to 4096 [ 108.523935][ T5809] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5810] memfd_create("syzkaller", 0) = 3 [pid 5810] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5810] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5810] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5810] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5810] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5810] close(3) = 0 [pid 5810] mkdir("./file0", 0777) = 0 [pid 5810] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5810] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5810] chdir("./file0") = 0 [pid 5810] ioctl(4, LOOP_CLR_FD) = 0 [pid 5810] close(4) = 0 [pid 5810] exit_group(0) = ? [pid 5810] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5810, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./782", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./782", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./782/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./782/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./782/binderfs") = 0 umount2("./782/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./782/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./782/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./782/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./782/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./782/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./782") = 0 mkdir("./783", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 108.603550][ T5810] loop0: detected capacity change from 0 to 4096 [ 108.611717][ T5810] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5811 ./strace-static-x86_64: Process 5811 attached [pid 5811] chdir("./783") = 0 [pid 5811] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5811] setpgid(0, 0) = 0 [pid 5811] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5811] write(3, "1000", 4) = 4 [pid 5811] close(3) = 0 [pid 5811] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5811] memfd_create("syzkaller", 0) = 3 [pid 5811] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5811] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5811] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5811] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5811] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5811] close(3) = 0 [pid 5811] mkdir("./file0", 0777) = 0 [pid 5811] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5811] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5811] chdir("./file0") = 0 [pid 5811] ioctl(4, LOOP_CLR_FD) = 0 [pid 5811] close(4) = 0 [pid 5811] exit_group(0) = ? [pid 5811] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5811, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./783", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./783", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./783/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./783/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./783/binderfs") = 0 umount2("./783/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./783/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./783/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./783/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./783/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./783/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./783") = 0 mkdir("./784", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5812 ./strace-static-x86_64: Process 5812 attached [pid 5812] chdir("./784") = 0 [pid 5812] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5812] setpgid(0, 0) = 0 [pid 5812] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5812] write(3, "1000", 4) = 4 [pid 5812] close(3) = 0 [ 108.694253][ T5811] loop0: detected capacity change from 0 to 4096 [ 108.703535][ T5811] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5812] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5812] memfd_create("syzkaller", 0) = 3 [pid 5812] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5812] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5812] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5812] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5812] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5812] close(3) = 0 [pid 5812] mkdir("./file0", 0777) = 0 [pid 5812] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5812] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5812] chdir("./file0") = 0 [pid 5812] ioctl(4, LOOP_CLR_FD) = 0 [pid 5812] close(4) = 0 [pid 5812] exit_group(0) = ? [pid 5812] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5812, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./784", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./784", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./784/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./784/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./784/binderfs") = 0 umount2("./784/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./784/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./784/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./784/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./784/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./784/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./784") = 0 mkdir("./785", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 108.779638][ T5812] loop0: detected capacity change from 0 to 4096 [ 108.788423][ T5812] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5813 ./strace-static-x86_64: Process 5813 attached [pid 5813] chdir("./785") = 0 [pid 5813] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5813] setpgid(0, 0) = 0 [pid 5813] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5813] write(3, "1000", 4) = 4 [pid 5813] close(3) = 0 [pid 5813] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5813] memfd_create("syzkaller", 0) = 3 [pid 5813] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5813] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5813] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5813] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5813] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5813] close(3) = 0 [pid 5813] mkdir("./file0", 0777) = 0 [pid 5813] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5813] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5813] chdir("./file0") = 0 [pid 5813] ioctl(4, LOOP_CLR_FD) = 0 [pid 5813] close(4) = 0 [pid 5813] exit_group(0) = ? [pid 5813] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5813, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./785", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./785", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./785/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./785/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./785/binderfs") = 0 umount2("./785/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./785/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./785/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./785/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./785/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./785/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./785") = 0 mkdir("./786", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5814 ./strace-static-x86_64: Process 5814 attached [pid 5814] chdir("./786") = 0 [pid 5814] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5814] setpgid(0, 0) = 0 [pid 5814] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5814] write(3, "1000", 4) = 4 [pid 5814] close(3) = 0 [ 108.868444][ T5813] loop0: detected capacity change from 0 to 4096 [ 108.877245][ T5813] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5814] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5814] memfd_create("syzkaller", 0) = 3 [pid 5814] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5814] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5814] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5814] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5814] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5814] close(3) = 0 [pid 5814] mkdir("./file0", 0777) = 0 [pid 5814] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5814] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5814] chdir("./file0") = 0 [pid 5814] ioctl(4, LOOP_CLR_FD) = 0 [pid 5814] close(4) = 0 [pid 5814] exit_group(0) = ? [pid 5814] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5814, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./786", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./786", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./786/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./786/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./786/binderfs") = 0 umount2("./786/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./786/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./786/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./786/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./786/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./786/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./786") = 0 mkdir("./787", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5815 ./strace-static-x86_64: Process 5815 attached [pid 5815] chdir("./787") = 0 [pid 5815] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5815] setpgid(0, 0) = 0 [pid 5815] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5815] write(3, "1000", 4) = 4 [pid 5815] close(3) = 0 [ 108.950222][ T5814] loop0: detected capacity change from 0 to 4096 [ 108.958371][ T5814] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5815] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5815] memfd_create("syzkaller", 0) = 3 [pid 5815] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5815] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5815] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5815] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5815] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5815] close(3) = 0 [pid 5815] mkdir("./file0", 0777) = 0 [pid 5815] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5815] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5815] chdir("./file0") = 0 [pid 5815] ioctl(4, LOOP_CLR_FD) = 0 [pid 5815] close(4) = 0 [pid 5815] exit_group(0) = ? [pid 5815] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5815, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./787", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./787", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./787/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./787/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./787/binderfs") = 0 umount2("./787/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./787/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./787/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./787/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./787/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./787/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./787") = 0 mkdir("./788", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5816 ./strace-static-x86_64: Process 5816 attached [pid 5816] chdir("./788") = 0 [pid 5816] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5816] setpgid(0, 0) = 0 [pid 5816] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5816] write(3, "1000", 4) = 4 [pid 5816] close(3) = 0 [pid 5816] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5816] memfd_create("syzkaller", 0) = 3 [pid 5816] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 109.042111][ T5815] loop0: detected capacity change from 0 to 4096 [ 109.051049][ T5815] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5816] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5816] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5816] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5816] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5816] close(3) = 0 [pid 5816] mkdir("./file0", 0777) = 0 [pid 5816] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5816] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5816] chdir("./file0") = 0 [pid 5816] ioctl(4, LOOP_CLR_FD) = 0 [pid 5816] close(4) = 0 [pid 5816] exit_group(0) = ? [pid 5816] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5816, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./788", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./788", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./788/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./788/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./788/binderfs") = 0 umount2("./788/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./788/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./788/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./788/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./788/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./788/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./788") = 0 mkdir("./789", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 109.121670][ T5816] loop0: detected capacity change from 0 to 4096 [ 109.130810][ T5816] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5817 attached , child_tidptr=0x5555568435d0) = 5817 [pid 5817] chdir("./789") = 0 [pid 5817] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5817] setpgid(0, 0) = 0 [pid 5817] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5817] write(3, "1000", 4) = 4 [pid 5817] close(3) = 0 [pid 5817] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5817] memfd_create("syzkaller", 0) = 3 [pid 5817] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5817] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5817] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5817] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5817] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5817] close(3) = 0 [pid 5817] mkdir("./file0", 0777) = 0 [pid 5817] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5817] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5817] chdir("./file0") = 0 [pid 5817] ioctl(4, LOOP_CLR_FD) = 0 [pid 5817] close(4) = 0 [pid 5817] exit_group(0) = ? [pid 5817] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5817, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./789", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./789", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./789/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./789/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./789/binderfs") = 0 umount2("./789/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./789/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./789/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./789/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./789/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./789/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./789") = 0 mkdir("./790", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5818 ./strace-static-x86_64: Process 5818 attached [pid 5818] chdir("./790") = 0 [pid 5818] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5818] setpgid(0, 0) = 0 [ 109.213306][ T5817] loop0: detected capacity change from 0 to 4096 [ 109.221527][ T5817] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5818] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5818] write(3, "1000", 4) = 4 [pid 5818] close(3) = 0 [pid 5818] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5818] memfd_create("syzkaller", 0) = 3 [pid 5818] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5818] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5818] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5818] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5818] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5818] close(3) = 0 [pid 5818] mkdir("./file0", 0777) = 0 [pid 5818] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5818] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5818] chdir("./file0") = 0 [pid 5818] ioctl(4, LOOP_CLR_FD) = 0 [pid 5818] close(4) = 0 [pid 5818] exit_group(0) = ? [pid 5818] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5818, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./790", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./790", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./790/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./790/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./790/binderfs") = 0 umount2("./790/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./790/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./790/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./790/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./790/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./790/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./790") = 0 mkdir("./791", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5819 ./strace-static-x86_64: Process 5819 attached [pid 5819] chdir("./791") = 0 [pid 5819] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5819] setpgid(0, 0) = 0 [pid 5819] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5819] write(3, "1000", 4) = 4 [pid 5819] close(3) = 0 [ 109.296481][ T5818] loop0: detected capacity change from 0 to 4096 [ 109.304501][ T5818] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5819] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5819] memfd_create("syzkaller", 0) = 3 [pid 5819] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5819] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5819] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5819] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5819] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5819] close(3) = 0 [pid 5819] mkdir("./file0", 0777) = 0 [pid 5819] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5819] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5819] chdir("./file0") = 0 [pid 5819] ioctl(4, LOOP_CLR_FD) = 0 [pid 5819] close(4) = 0 [pid 5819] exit_group(0) = ? [pid 5819] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5819, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./791", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./791", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./791/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./791/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./791/binderfs") = 0 umount2("./791/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./791/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./791/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./791/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./791/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./791/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./791") = 0 mkdir("./792", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 109.380895][ T5819] loop0: detected capacity change from 0 to 4096 [ 109.389120][ T5819] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5820 ./strace-static-x86_64: Process 5820 attached [pid 5820] chdir("./792") = 0 [pid 5820] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5820] setpgid(0, 0) = 0 [pid 5820] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5820] write(3, "1000", 4) = 4 [pid 5820] close(3) = 0 [pid 5820] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5820] memfd_create("syzkaller", 0) = 3 [pid 5820] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5820] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5820] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5820] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5820] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5820] close(3) = 0 [pid 5820] mkdir("./file0", 0777) = 0 [pid 5820] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5820] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5820] chdir("./file0") = 0 [pid 5820] ioctl(4, LOOP_CLR_FD) = 0 [pid 5820] close(4) = 0 [pid 5820] exit_group(0) = ? [pid 5820] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5820, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./792", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./792", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./792/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./792/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./792/binderfs") = 0 umount2("./792/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./792/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./792/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./792/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./792/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./792/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./792") = 0 mkdir("./793", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 109.469455][ T5820] loop0: detected capacity change from 0 to 4096 [ 109.477900][ T5820] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5821 ./strace-static-x86_64: Process 5821 attached [pid 5821] chdir("./793") = 0 [pid 5821] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5821] setpgid(0, 0) = 0 [pid 5821] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5821] write(3, "1000", 4) = 4 [pid 5821] close(3) = 0 [pid 5821] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5821] memfd_create("syzkaller", 0) = 3 [pid 5821] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5821] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5821] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5821] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5821] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5821] close(3) = 0 [pid 5821] mkdir("./file0", 0777) = 0 [pid 5821] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5821] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5821] chdir("./file0") = 0 [pid 5821] ioctl(4, LOOP_CLR_FD) = 0 [pid 5821] close(4) = 0 [pid 5821] exit_group(0) = ? [pid 5821] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5821, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./793", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./793", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./793/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./793/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./793/binderfs") = 0 umount2("./793/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./793/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./793/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./793/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./793/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./793/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./793") = 0 mkdir("./794", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5822 ./strace-static-x86_64: Process 5822 attached [pid 5822] chdir("./794") = 0 [pid 5822] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5822] setpgid(0, 0) = 0 [pid 5822] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5822] write(3, "1000", 4) = 4 [pid 5822] close(3) = 0 [pid 5822] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5822] memfd_create("syzkaller", 0) = 3 [pid 5822] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 109.556971][ T5821] loop0: detected capacity change from 0 to 4096 [ 109.565541][ T5821] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5822] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5822] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5822] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5822] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5822] close(3) = 0 [pid 5822] mkdir("./file0", 0777) = 0 [pid 5822] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5822] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5822] chdir("./file0") = 0 [pid 5822] ioctl(4, LOOP_CLR_FD) = 0 [pid 5822] close(4) = 0 [pid 5822] exit_group(0) = ? [pid 5822] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5822, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./794", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./794", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./794/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./794/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./794/binderfs") = 0 umount2("./794/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./794/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./794/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./794/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./794/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./794/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./794") = 0 mkdir("./795", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 109.635999][ T5822] loop0: detected capacity change from 0 to 4096 [ 109.644104][ T5822] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5823 ./strace-static-x86_64: Process 5823 attached [pid 5823] chdir("./795") = 0 [pid 5823] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5823] setpgid(0, 0) = 0 [pid 5823] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5823] write(3, "1000", 4) = 4 [pid 5823] close(3) = 0 [pid 5823] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5823] memfd_create("syzkaller", 0) = 3 [pid 5823] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5823] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5823] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5823] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5823] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5823] close(3) = 0 [pid 5823] mkdir("./file0", 0777) = 0 [pid 5823] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5823] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5823] chdir("./file0") = 0 [pid 5823] ioctl(4, LOOP_CLR_FD) = 0 [pid 5823] close(4) = 0 [pid 5823] exit_group(0) = ? [pid 5823] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5823, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./795", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./795", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./795/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./795/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./795/binderfs") = 0 umount2("./795/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./795/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./795/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./795/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./795/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./795/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./795") = 0 mkdir("./796", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5824 ./strace-static-x86_64: Process 5824 attached [pid 5824] chdir("./796") = 0 [pid 5824] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5824] setpgid(0, 0) = 0 [pid 5824] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5824] write(3, "1000", 4) = 4 [ 109.745597][ T5823] loop0: detected capacity change from 0 to 4096 [ 109.753861][ T5823] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5824] close(3) = 0 [pid 5824] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5824] memfd_create("syzkaller", 0) = 3 [pid 5824] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5824] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5824] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5824] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5824] close(3) = 0 [pid 5824] mkdir("./file0", 0777) = 0 [pid 5824] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5824] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5824] chdir("./file0") = 0 [pid 5824] ioctl(4, LOOP_CLR_FD) = 0 [pid 5824] close(4) = 0 [pid 5824] exit_group(0) = ? [pid 5824] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5824, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./796", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./796", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./796/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./796/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./796/binderfs") = 0 umount2("./796/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./796/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./796/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./796/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./796/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./796/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./796") = 0 mkdir("./797", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5825 ./strace-static-x86_64: Process 5825 attached [pid 5825] chdir("./797") = 0 [ 109.829148][ T5824] loop0: detected capacity change from 0 to 4096 [ 109.837439][ T5824] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5825] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5825] setpgid(0, 0) = 0 [pid 5825] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5825] write(3, "1000", 4) = 4 [pid 5825] close(3) = 0 [pid 5825] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5825] memfd_create("syzkaller", 0) = 3 [pid 5825] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5825] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5825] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5825] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5825] close(3) = 0 [pid 5825] mkdir("./file0", 0777) = 0 [pid 5825] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5825] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5825] chdir("./file0") = 0 [pid 5825] ioctl(4, LOOP_CLR_FD) = 0 [pid 5825] close(4) = 0 [pid 5825] exit_group(0) = ? [pid 5825] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5825, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./797", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./797", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./797/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./797/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./797/binderfs") = 0 umount2("./797/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./797/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./797/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./797/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./797/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./797/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./797") = 0 mkdir("./798", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 109.917901][ T5825] loop0: detected capacity change from 0 to 4096 [ 109.926208][ T5825] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5826 attached , child_tidptr=0x5555568435d0) = 5826 [pid 5826] chdir("./798") = 0 [pid 5826] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5826] setpgid(0, 0) = 0 [pid 5826] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5826] write(3, "1000", 4) = 4 [pid 5826] close(3) = 0 [pid 5826] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5826] memfd_create("syzkaller", 0) = 3 [pid 5826] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5826] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5826] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5826] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5826] close(3) = 0 [pid 5826] mkdir("./file0", 0777) = 0 [pid 5826] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5826] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5826] chdir("./file0") = 0 [pid 5826] ioctl(4, LOOP_CLR_FD) = 0 [pid 5826] close(4) = 0 [pid 5826] exit_group(0) = ? [pid 5826] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5826, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./798", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./798", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./798/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./798/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./798/binderfs") = 0 umount2("./798/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./798/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./798/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./798/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./798/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./798/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./798") = 0 mkdir("./799", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5827 ./strace-static-x86_64: Process 5827 attached [pid 5827] chdir("./799") = 0 [pid 5827] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5827] setpgid(0, 0) = 0 [pid 5827] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5827] write(3, "1000", 4) = 4 [pid 5827] close(3) = 0 [pid 5827] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5827] memfd_create("syzkaller", 0) = 3 [pid 5827] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 110.007921][ T5826] loop0: detected capacity change from 0 to 4096 [ 110.015847][ T5826] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5827] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5827] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5827] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5827] close(3) = 0 [pid 5827] mkdir("./file0", 0777) = 0 [pid 5827] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5827] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5827] chdir("./file0") = 0 [pid 5827] ioctl(4, LOOP_CLR_FD) = 0 [pid 5827] close(4) = 0 [pid 5827] exit_group(0) = ? [pid 5827] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5827, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./799", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./799", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./799/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./799/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./799/binderfs") = 0 umount2("./799/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./799/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./799/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./799/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./799/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./799/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./799") = 0 mkdir("./800", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5828 ./strace-static-x86_64: Process 5828 attached [pid 5828] chdir("./800") = 0 [pid 5828] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5828] setpgid(0, 0) = 0 [pid 5828] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5828] write(3, "1000", 4) = 4 [pid 5828] close(3) = 0 [pid 5828] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5828] memfd_create("syzkaller", 0) = 3 [pid 5828] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 110.086584][ T5827] loop0: detected capacity change from 0 to 4096 [ 110.094697][ T5827] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5828] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5828] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5828] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5828] close(3) = 0 [pid 5828] mkdir("./file0", 0777) = 0 [pid 5828] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5828] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5828] chdir("./file0") = 0 [pid 5828] ioctl(4, LOOP_CLR_FD) = 0 [pid 5828] close(4) = 0 [pid 5828] exit_group(0) = ? [pid 5828] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5828, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./800", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./800", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./800/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./800/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./800/binderfs") = 0 umount2("./800/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./800/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./800/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./800/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./800/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./800/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./800") = 0 mkdir("./801", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5829 ./strace-static-x86_64: Process 5829 attached [pid 5829] chdir("./801") = 0 [pid 5829] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5829] setpgid(0, 0) = 0 [pid 5829] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5829] write(3, "1000", 4) = 4 [pid 5829] close(3) = 0 [pid 5829] symlink("/dev/binderfs", "./binderfs") = 0 [ 110.165376][ T5828] loop0: detected capacity change from 0 to 4096 [ 110.173887][ T5828] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5829] memfd_create("syzkaller", 0) = 3 [pid 5829] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5829] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5829] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5829] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5829] close(3) = 0 [pid 5829] mkdir("./file0", 0777) = 0 [pid 5829] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5829] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5829] chdir("./file0") = 0 [pid 5829] ioctl(4, LOOP_CLR_FD) = 0 [pid 5829] close(4) = 0 [pid 5829] exit_group(0) = ? [pid 5829] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5829, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./801", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./801", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./801/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./801/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./801/binderfs") = 0 umount2("./801/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./801/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./801/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./801/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./801/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./801/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./801") = 0 mkdir("./802", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 110.247561][ T5829] loop0: detected capacity change from 0 to 4096 [ 110.256620][ T5829] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5830 attached , child_tidptr=0x5555568435d0) = 5830 [pid 5830] chdir("./802") = 0 [pid 5830] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5830] setpgid(0, 0) = 0 [pid 5830] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5830] write(3, "1000", 4) = 4 [pid 5830] close(3) = 0 [pid 5830] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5830] memfd_create("syzkaller", 0) = 3 [pid 5830] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5830] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5830] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5830] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5830] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5830] close(3) = 0 [pid 5830] mkdir("./file0", 0777) = 0 [pid 5830] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5830] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5830] chdir("./file0") = 0 [pid 5830] ioctl(4, LOOP_CLR_FD) = 0 [pid 5830] close(4) = 0 [pid 5830] exit_group(0) = ? [pid 5830] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5830, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./802", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./802", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./802/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./802/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./802/binderfs") = 0 umount2("./802/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./802/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./802/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./802/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./802/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./802/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./802") = 0 mkdir("./803", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 110.338440][ T5830] loop0: detected capacity change from 0 to 4096 [ 110.347097][ T5830] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5831 attached , child_tidptr=0x5555568435d0) = 5831 [pid 5831] chdir("./803") = 0 [pid 5831] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5831] setpgid(0, 0) = 0 [pid 5831] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5831] write(3, "1000", 4) = 4 [pid 5831] close(3) = 0 [pid 5831] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5831] memfd_create("syzkaller", 0) = 3 [pid 5831] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5831] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5831] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5831] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5831] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5831] close(3) = 0 [pid 5831] mkdir("./file0", 0777) = 0 [pid 5831] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5831] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5831] chdir("./file0") = 0 [pid 5831] ioctl(4, LOOP_CLR_FD) = 0 [pid 5831] close(4) = 0 [pid 5831] exit_group(0) = ? [pid 5831] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5831, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./803", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./803", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./803/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./803/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./803/binderfs") = 0 umount2("./803/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./803/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./803/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./803/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./803/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./803/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./803") = 0 mkdir("./804", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5832 ./strace-static-x86_64: Process 5832 attached [pid 5832] chdir("./804") = 0 [pid 5832] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5832] setpgid(0, 0) = 0 [pid 5832] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5832] write(3, "1000", 4) = 4 [pid 5832] close(3) = 0 [pid 5832] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5832] memfd_create("syzkaller", 0) = 3 [pid 5832] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 110.426694][ T5831] loop0: detected capacity change from 0 to 4096 [ 110.435201][ T5831] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5832] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5832] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5832] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5832] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5832] close(3) = 0 [pid 5832] mkdir("./file0", 0777) = 0 [pid 5832] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5832] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5832] chdir("./file0") = 0 [pid 5832] ioctl(4, LOOP_CLR_FD) = 0 [pid 5832] close(4) = 0 [pid 5832] exit_group(0) = ? [pid 5832] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5832, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./804", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./804", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./804/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./804/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./804/binderfs") = 0 umount2("./804/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./804/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./804/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./804/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./804/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./804/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./804") = 0 mkdir("./805", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 110.502825][ T5832] loop0: detected capacity change from 0 to 4096 [ 110.511386][ T5832] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5833 ./strace-static-x86_64: Process 5833 attached [pid 5833] chdir("./805") = 0 [pid 5833] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5833] setpgid(0, 0) = 0 [pid 5833] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5833] write(3, "1000", 4) = 4 [pid 5833] close(3) = 0 [pid 5833] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5833] memfd_create("syzkaller", 0) = 3 [pid 5833] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5833] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5833] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5833] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5833] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5833] close(3) = 0 [pid 5833] mkdir("./file0", 0777) = 0 [pid 5833] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5833] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5833] chdir("./file0") = 0 [pid 5833] ioctl(4, LOOP_CLR_FD) = 0 [pid 5833] close(4) = 0 [pid 5833] exit_group(0) = ? [pid 5833] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5833, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./805", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./805", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./805/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./805/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./805/binderfs") = 0 umount2("./805/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./805/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./805/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./805/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./805/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./805/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./805") = 0 mkdir("./806", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 110.592259][ T5833] loop0: detected capacity change from 0 to 4096 [ 110.600728][ T5833] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5834 ./strace-static-x86_64: Process 5834 attached [pid 5834] chdir("./806") = 0 [pid 5834] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5834] setpgid(0, 0) = 0 [pid 5834] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5834] write(3, "1000", 4) = 4 [pid 5834] close(3) = 0 [pid 5834] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5834] memfd_create("syzkaller", 0) = 3 [pid 5834] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5834] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5834] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5834] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5834] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5834] close(3) = 0 [pid 5834] mkdir("./file0", 0777) = 0 [pid 5834] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5834] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5834] chdir("./file0") = 0 [pid 5834] ioctl(4, LOOP_CLR_FD) = 0 [pid 5834] close(4) = 0 [pid 5834] exit_group(0) = ? [pid 5834] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5834, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./806", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./806", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./806/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./806/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./806/binderfs") = 0 umount2("./806/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./806/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./806/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./806/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./806/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./806/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./806") = 0 mkdir("./807", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5835 ./strace-static-x86_64: Process 5835 attached [pid 5835] chdir("./807") = 0 [pid 5835] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5835] setpgid(0, 0) = 0 [pid 5835] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5835] write(3, "1000", 4) = 4 [pid 5835] close(3) = 0 [pid 5835] symlink("/dev/binderfs", "./binderfs") = 0 [ 110.679695][ T5834] loop0: detected capacity change from 0 to 4096 [ 110.687915][ T5834] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5835] memfd_create("syzkaller", 0) = 3 [pid 5835] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5835] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5835] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5835] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5835] close(3) = 0 [pid 5835] mkdir("./file0", 0777) = 0 [pid 5835] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5835] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5835] chdir("./file0") = 0 [pid 5835] ioctl(4, LOOP_CLR_FD) = 0 [pid 5835] close(4) = 0 [pid 5835] exit_group(0) = ? [pid 5835] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5835, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./807", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./807", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./807/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./807/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./807/binderfs") = 0 umount2("./807/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./807/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./807/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./807/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./807/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./807/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./807") = 0 mkdir("./808", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5836 ./strace-static-x86_64: Process 5836 attached [pid 5836] chdir("./808") = 0 [pid 5836] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5836] setpgid(0, 0) = 0 [pid 5836] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5836] write(3, "1000", 4) = 4 [pid 5836] close(3) = 0 [pid 5836] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5836] memfd_create("syzkaller", 0) = 3 [pid 5836] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 110.760248][ T5835] loop0: detected capacity change from 0 to 4096 [ 110.768577][ T5835] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5836] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5836] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5836] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5836] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5836] close(3) = 0 [pid 5836] mkdir("./file0", 0777) = 0 [pid 5836] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5836] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5836] chdir("./file0") = 0 [pid 5836] ioctl(4, LOOP_CLR_FD) = 0 [pid 5836] close(4) = 0 [pid 5836] exit_group(0) = ? [pid 5836] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5836, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./808", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./808", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./808/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./808/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./808/binderfs") = 0 umount2("./808/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./808/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./808/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./808/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./808/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./808/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./808") = 0 mkdir("./809", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 110.832613][ T5836] loop0: detected capacity change from 0 to 4096 [ 110.840885][ T5836] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5837 ./strace-static-x86_64: Process 5837 attached [pid 5837] chdir("./809") = 0 [pid 5837] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5837] setpgid(0, 0) = 0 [pid 5837] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5837] write(3, "1000", 4) = 4 [pid 5837] close(3) = 0 [pid 5837] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5837] memfd_create("syzkaller", 0) = 3 [pid 5837] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5837] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5837] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5837] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5837] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5837] close(3) = 0 [pid 5837] mkdir("./file0", 0777) = 0 [pid 5837] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5837] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5837] chdir("./file0") = 0 [pid 5837] ioctl(4, LOOP_CLR_FD) = 0 [pid 5837] close(4) = 0 [pid 5837] exit_group(0) = ? [pid 5837] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5837, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./809", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./809", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./809/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./809/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./809/binderfs") = 0 umount2("./809/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./809/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./809/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./809/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./809/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./809/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./809") = 0 mkdir("./810", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5838 ./strace-static-x86_64: Process 5838 attached [pid 5838] chdir("./810") = 0 [pid 5838] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5838] setpgid(0, 0) = 0 [pid 5838] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5838] write(3, "1000", 4) = 4 [pid 5838] close(3) = 0 [pid 5838] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5838] memfd_create("syzkaller", 0) = 3 [pid 5838] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 110.918009][ T5837] loop0: detected capacity change from 0 to 4096 [ 110.926264][ T5837] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5838] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5838] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5838] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5838] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5838] close(3) = 0 [pid 5838] mkdir("./file0", 0777) = 0 [pid 5838] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5838] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5838] chdir("./file0") = 0 [pid 5838] ioctl(4, LOOP_CLR_FD) = 0 [pid 5838] close(4) = 0 [pid 5838] exit_group(0) = ? [pid 5838] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5838, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./810", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./810", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./810/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./810/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./810/binderfs") = 0 umount2("./810/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./810/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./810/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./810/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./810/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./810/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./810") = 0 mkdir("./811", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5839 ./strace-static-x86_64: Process 5839 attached [pid 5839] chdir("./811") = 0 [pid 5839] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5839] setpgid(0, 0) = 0 [pid 5839] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5839] write(3, "1000", 4) = 4 [pid 5839] close(3) = 0 [pid 5839] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5839] memfd_create("syzkaller", 0) = 3 [pid 5839] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 110.998819][ T5838] loop0: detected capacity change from 0 to 4096 [ 111.008374][ T5838] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5839] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5839] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5839] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5839] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5839] close(3) = 0 [pid 5839] mkdir("./file0", 0777) = 0 [pid 5839] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5839] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5839] chdir("./file0") = 0 [pid 5839] ioctl(4, LOOP_CLR_FD) = 0 [pid 5839] close(4) = 0 [pid 5839] exit_group(0) = ? [pid 5839] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5839, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./811", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./811", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./811/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./811/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./811/binderfs") = 0 umount2("./811/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./811/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./811/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./811/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./811/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./811/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./811") = 0 mkdir("./812", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5840 ./strace-static-x86_64: Process 5840 attached [pid 5840] chdir("./812") = 0 [pid 5840] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5840] setpgid(0, 0) = 0 [pid 5840] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5840] write(3, "1000", 4) = 4 [pid 5840] close(3) = 0 [pid 5840] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5840] memfd_create("syzkaller", 0) = 3 [pid 5840] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 111.078998][ T5839] loop0: detected capacity change from 0 to 4096 [ 111.087538][ T5839] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5840] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5840] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5840] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5840] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5840] close(3) = 0 [pid 5840] mkdir("./file0", 0777) = 0 [pid 5840] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5840] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5840] chdir("./file0") = 0 [pid 5840] ioctl(4, LOOP_CLR_FD) = 0 [pid 5840] close(4) = 0 [pid 5840] exit_group(0) = ? [pid 5840] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5840, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./812", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./812", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./812/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./812/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./812/binderfs") = 0 umount2("./812/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./812/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./812/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./812/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./812/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./812/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./812") = 0 mkdir("./813", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5841 ./strace-static-x86_64: Process 5841 attached [pid 5841] chdir("./813") = 0 [pid 5841] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5841] setpgid(0, 0) = 0 [pid 5841] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5841] write(3, "1000", 4) = 4 [pid 5841] close(3) = 0 [pid 5841] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5841] memfd_create("syzkaller", 0) = 3 [pid 5841] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 111.157665][ T5840] loop0: detected capacity change from 0 to 4096 [ 111.165661][ T5840] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5841] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5841] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5841] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5841] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5841] close(3) = 0 [pid 5841] mkdir("./file0", 0777) = 0 [pid 5841] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5841] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5841] chdir("./file0") = 0 [pid 5841] ioctl(4, LOOP_CLR_FD) = 0 [pid 5841] close(4) = 0 [pid 5841] exit_group(0) = ? [pid 5841] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5841, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./813", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./813", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./813/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./813/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./813/binderfs") = 0 umount2("./813/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./813/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./813/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./813/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./813/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./813/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./813") = 0 mkdir("./814", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 111.231299][ T5841] loop0: detected capacity change from 0 to 4096 [ 111.239848][ T5841] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5842 attached [pid 5842] chdir("./814") = 0 [pid 5842] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5842] setpgid(0, 0) = 0 [pid 5842] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5842 [pid 5842] write(3, "1000", 4) = 4 [pid 5842] close(3) = 0 [pid 5842] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5842] memfd_create("syzkaller", 0) = 3 [pid 5842] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5842] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5842] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5842] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5842] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5842] close(3) = 0 [pid 5842] mkdir("./file0", 0777) = 0 [pid 5842] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5842] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5842] chdir("./file0") = 0 [pid 5842] ioctl(4, LOOP_CLR_FD) = 0 [pid 5842] close(4) = 0 [pid 5842] exit_group(0) = ? [pid 5842] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5842, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./814", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./814", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./814/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./814/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./814/binderfs") = 0 umount2("./814/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./814/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./814/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./814/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./814/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./814/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./814") = 0 mkdir("./815", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5843 ./strace-static-x86_64: Process 5843 attached [pid 5843] chdir("./815") = 0 [pid 5843] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5843] setpgid(0, 0) = 0 [pid 5843] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5843] write(3, "1000", 4) = 4 [pid 5843] close(3) = 0 [pid 5843] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5843] memfd_create("syzkaller", 0) = 3 [ 111.316917][ T5842] loop0: detected capacity change from 0 to 4096 [ 111.324969][ T5842] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5843] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5843] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5843] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5843] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5843] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5843] close(3) = 0 [pid 5843] mkdir("./file0", 0777) = 0 [pid 5843] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5843] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5843] chdir("./file0") = 0 [pid 5843] ioctl(4, LOOP_CLR_FD) = 0 [pid 5843] close(4) = 0 [pid 5843] exit_group(0) = ? [pid 5843] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5843, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./815", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./815", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./815/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./815/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./815/binderfs") = 0 umount2("./815/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./815/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./815/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./815/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./815/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./815/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./815") = 0 mkdir("./816", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5844 ./strace-static-x86_64: Process 5844 attached [pid 5844] chdir("./816") = 0 [pid 5844] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5844] setpgid(0, 0) = 0 [pid 5844] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5844] write(3, "1000", 4) = 4 [pid 5844] close(3) = 0 [pid 5844] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5844] memfd_create("syzkaller", 0) = 3 [pid 5844] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 111.399415][ T5843] loop0: detected capacity change from 0 to 4096 [ 111.408389][ T5843] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5844] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5844] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5844] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5844] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5844] close(3) = 0 [pid 5844] mkdir("./file0", 0777) = 0 [pid 5844] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5844] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5844] chdir("./file0") = 0 [pid 5844] ioctl(4, LOOP_CLR_FD) = 0 [pid 5844] close(4) = 0 [pid 5844] exit_group(0) = ? [pid 5844] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5844, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./816", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./816", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./816/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./816/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./816/binderfs") = 0 umount2("./816/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./816/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./816/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./816/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./816/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./816/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./816") = 0 mkdir("./817", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5845 ./strace-static-x86_64: Process 5845 attached [pid 5845] chdir("./817") = 0 [pid 5845] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5845] setpgid(0, 0) = 0 [pid 5845] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5845] write(3, "1000", 4) = 4 [pid 5845] close(3) = 0 [pid 5845] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5845] memfd_create("syzkaller", 0) = 3 [pid 5845] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 111.478191][ T5844] loop0: detected capacity change from 0 to 4096 [ 111.486924][ T5844] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5845] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5845] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5845] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5845] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5845] close(3) = 0 [pid 5845] mkdir("./file0", 0777) = 0 [pid 5845] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5845] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5845] chdir("./file0") = 0 [pid 5845] ioctl(4, LOOP_CLR_FD) = 0 [pid 5845] close(4) = 0 [pid 5845] exit_group(0) = ? [pid 5845] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5845, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./817", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./817", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./817/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./817/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./817/binderfs") = 0 umount2("./817/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./817/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./817/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./817/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./817/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./817/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./817") = 0 mkdir("./818", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5846 ./strace-static-x86_64: Process 5846 attached [pid 5846] chdir("./818") = 0 [pid 5846] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5846] setpgid(0, 0) = 0 [pid 5846] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5846] write(3, "1000", 4) = 4 [pid 5846] close(3) = 0 [ 111.553131][ T5845] loop0: detected capacity change from 0 to 4096 [ 111.561983][ T5845] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5846] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5846] memfd_create("syzkaller", 0) = 3 [pid 5846] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5846] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5846] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5846] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5846] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5846] close(3) = 0 [pid 5846] mkdir("./file0", 0777) = 0 [pid 5846] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5846] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5846] chdir("./file0") = 0 [pid 5846] ioctl(4, LOOP_CLR_FD) = 0 [pid 5846] close(4) = 0 [pid 5846] exit_group(0) = ? [pid 5846] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5846, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./818", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./818", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./818/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./818/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./818/binderfs") = 0 umount2("./818/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./818/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./818/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./818/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./818/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./818/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./818") = 0 mkdir("./819", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5847 ./strace-static-x86_64: Process 5847 attached [pid 5847] chdir("./819") = 0 [pid 5847] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5847] setpgid(0, 0) = 0 [pid 5847] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5847] write(3, "1000", 4) = 4 [pid 5847] close(3) = 0 [ 111.634206][ T5846] loop0: detected capacity change from 0 to 4096 [ 111.642658][ T5846] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5847] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5847] memfd_create("syzkaller", 0) = 3 [pid 5847] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5847] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5847] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5847] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5847] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5847] close(3) = 0 [pid 5847] mkdir("./file0", 0777) = 0 [pid 5847] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5847] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5847] chdir("./file0") = 0 [pid 5847] ioctl(4, LOOP_CLR_FD) = 0 [pid 5847] close(4) = 0 [pid 5847] exit_group(0) = ? [pid 5847] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5847, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./819", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./819", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./819/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./819/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./819/binderfs") = 0 umount2("./819/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./819/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./819/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./819/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./819/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./819/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./819") = 0 mkdir("./820", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5848 attached , child_tidptr=0x5555568435d0) = 5848 [pid 5848] chdir("./820") = 0 [pid 5848] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5848] setpgid(0, 0) = 0 [pid 5848] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5848] write(3, "1000", 4) = 4 [pid 5848] close(3) = 0 [pid 5848] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5848] memfd_create("syzkaller", 0) = 3 [pid 5848] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 111.716985][ T5847] loop0: detected capacity change from 0 to 4096 [ 111.725246][ T5847] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5848] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5848] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5848] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5848] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5848] close(3) = 0 [pid 5848] mkdir("./file0", 0777) = 0 [pid 5848] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5848] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5848] chdir("./file0") = 0 [pid 5848] ioctl(4, LOOP_CLR_FD) = 0 [pid 5848] close(4) = 0 [pid 5848] exit_group(0) = ? [pid 5848] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5848, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./820", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./820", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./820/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./820/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./820/binderfs") = 0 umount2("./820/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./820/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./820/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./820/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./820/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./820/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./820") = 0 mkdir("./821", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5849 ./strace-static-x86_64: Process 5849 attached [pid 5849] chdir("./821") = 0 [pid 5849] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5849] setpgid(0, 0) = 0 [pid 5849] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5849] write(3, "1000", 4) = 4 [pid 5849] close(3) = 0 [pid 5849] symlink("/dev/binderfs", "./binderfs") = 0 [ 111.797811][ T5848] loop0: detected capacity change from 0 to 4096 [ 111.805952][ T5848] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5849] memfd_create("syzkaller", 0) = 3 [pid 5849] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5849] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5849] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5849] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5849] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5849] close(3) = 0 [pid 5849] mkdir("./file0", 0777) = 0 [pid 5849] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5849] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5849] chdir("./file0") = 0 [pid 5849] ioctl(4, LOOP_CLR_FD) = 0 [pid 5849] close(4) = 0 [pid 5849] exit_group(0) = ? [pid 5849] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5849, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./821", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./821", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./821/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./821/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./821/binderfs") = 0 umount2("./821/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./821/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./821/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./821/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./821/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./821/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./821") = 0 mkdir("./822", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 111.880366][ T5849] loop0: detected capacity change from 0 to 4096 [ 111.888713][ T5849] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5850 ./strace-static-x86_64: Process 5850 attached [pid 5850] chdir("./822") = 0 [pid 5850] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5850] setpgid(0, 0) = 0 [pid 5850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5850] write(3, "1000", 4) = 4 [pid 5850] close(3) = 0 [pid 5850] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5850] memfd_create("syzkaller", 0) = 3 [pid 5850] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5850] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5850] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5850] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5850] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5850] close(3) = 0 [pid 5850] mkdir("./file0", 0777) = 0 [pid 5850] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5850] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5850] chdir("./file0") = 0 [pid 5850] ioctl(4, LOOP_CLR_FD) = 0 [pid 5850] close(4) = 0 [pid 5850] exit_group(0) = ? [pid 5850] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5850, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./822", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./822", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./822/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./822/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./822/binderfs") = 0 umount2("./822/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./822/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./822/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./822/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./822/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./822/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./822") = 0 mkdir("./823", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5851 ./strace-static-x86_64: Process 5851 attached [pid 5851] chdir("./823") = 0 [pid 5851] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5851] setpgid(0, 0) = 0 [pid 5851] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5851] write(3, "1000", 4) = 4 [pid 5851] close(3) = 0 [pid 5851] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5851] memfd_create("syzkaller", 0) = 3 [pid 5851] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 111.970613][ T5850] loop0: detected capacity change from 0 to 4096 [ 111.979163][ T5850] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5851] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5851] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5851] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5851] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5851] close(3) = 0 [pid 5851] mkdir("./file0", 0777) = 0 [pid 5851] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5851] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5851] chdir("./file0") = 0 [pid 5851] ioctl(4, LOOP_CLR_FD) = 0 [pid 5851] close(4) = 0 [pid 5851] exit_group(0) = ? [pid 5851] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5851, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./823", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./823", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./823/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./823/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./823/binderfs") = 0 umount2("./823/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./823/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./823/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./823/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./823/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./823/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./823") = 0 mkdir("./824", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 112.050440][ T5851] loop0: detected capacity change from 0 to 4096 [ 112.059349][ T5851] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5852 ./strace-static-x86_64: Process 5852 attached [pid 5852] chdir("./824") = 0 [pid 5852] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5852] setpgid(0, 0) = 0 [pid 5852] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5852] write(3, "1000", 4) = 4 [pid 5852] close(3) = 0 [pid 5852] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5852] memfd_create("syzkaller", 0) = 3 [pid 5852] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5852] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5852] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5852] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5852] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5852] close(3) = 0 [pid 5852] mkdir("./file0", 0777) = 0 [pid 5852] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5852] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5852] chdir("./file0") = 0 [pid 5852] ioctl(4, LOOP_CLR_FD) = 0 [pid 5852] close(4) = 0 [pid 5852] exit_group(0) = ? [pid 5852] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5852, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./824", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./824", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./824/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./824/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./824/binderfs") = 0 umount2("./824/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./824/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./824/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./824/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./824/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./824/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./824") = 0 mkdir("./825", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 112.137965][ T5852] loop0: detected capacity change from 0 to 4096 [ 112.146800][ T5852] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5853 ./strace-static-x86_64: Process 5853 attached [pid 5853] chdir("./825") = 0 [pid 5853] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5853] setpgid(0, 0) = 0 [pid 5853] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5853] write(3, "1000", 4) = 4 [pid 5853] close(3) = 0 [pid 5853] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5853] memfd_create("syzkaller", 0) = 3 [pid 5853] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5853] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5853] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5853] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5853] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5853] close(3) = 0 [pid 5853] mkdir("./file0", 0777) = 0 [pid 5853] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5853] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5853] chdir("./file0") = 0 [pid 5853] ioctl(4, LOOP_CLR_FD) = 0 [pid 5853] close(4) = 0 [pid 5853] exit_group(0) = ? [pid 5853] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5853, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./825", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./825", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./825/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./825/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./825/binderfs") = 0 umount2("./825/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./825/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./825/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./825/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./825/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./825/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./825") = 0 mkdir("./826", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 112.225785][ T5853] loop0: detected capacity change from 0 to 4096 [ 112.233794][ T5853] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5854 ./strace-static-x86_64: Process 5854 attached [pid 5854] chdir("./826") = 0 [pid 5854] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5854] setpgid(0, 0) = 0 [pid 5854] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5854] write(3, "1000", 4) = 4 [pid 5854] close(3) = 0 [pid 5854] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5854] memfd_create("syzkaller", 0) = 3 [pid 5854] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5854] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5854] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5854] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5854] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5854] close(3) = 0 [pid 5854] mkdir("./file0", 0777) = 0 [pid 5854] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5854] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5854] chdir("./file0") = 0 [pid 5854] ioctl(4, LOOP_CLR_FD) = 0 [pid 5854] close(4) = 0 [pid 5854] exit_group(0) = ? [pid 5854] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5854, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./826", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./826", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./826/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./826/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./826/binderfs") = 0 umount2("./826/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./826/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./826/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./826/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./826/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./826/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./826") = 0 mkdir("./827", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 112.310376][ T5854] loop0: detected capacity change from 0 to 4096 [ 112.318535][ T5854] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5855 attached , child_tidptr=0x5555568435d0) = 5855 [pid 5855] chdir("./827") = 0 [pid 5855] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5855] setpgid(0, 0) = 0 [pid 5855] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5855] write(3, "1000", 4) = 4 [pid 5855] close(3) = 0 [pid 5855] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5855] memfd_create("syzkaller", 0) = 3 [pid 5855] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5855] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5855] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5855] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5855] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5855] close(3) = 0 [pid 5855] mkdir("./file0", 0777) = 0 [pid 5855] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5855] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5855] chdir("./file0") = 0 [pid 5855] ioctl(4, LOOP_CLR_FD) = 0 [pid 5855] close(4) = 0 [pid 5855] exit_group(0) = ? [pid 5855] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5855, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./827", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./827", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./827/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./827/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./827/binderfs") = 0 umount2("./827/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./827/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./827/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./827/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./827/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./827/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./827") = 0 mkdir("./828", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5856 ./strace-static-x86_64: Process 5856 attached [pid 5856] chdir("./828") = 0 [pid 5856] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5856] setpgid(0, 0) = 0 [pid 5856] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5856] write(3, "1000", 4) = 4 [pid 5856] close(3) = 0 [pid 5856] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5856] memfd_create("syzkaller", 0) = 3 [pid 5856] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 112.398112][ T5855] loop0: detected capacity change from 0 to 4096 [ 112.406998][ T5855] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5856] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5856] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5856] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5856] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5856] close(3) = 0 [pid 5856] mkdir("./file0", 0777) = 0 [pid 5856] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5856] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5856] chdir("./file0") = 0 [pid 5856] ioctl(4, LOOP_CLR_FD) = 0 [pid 5856] close(4) = 0 [pid 5856] exit_group(0) = ? [pid 5856] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5856, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./828", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./828", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./828/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./828/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./828/binderfs") = 0 umount2("./828/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./828/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./828/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./828/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./828/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./828/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./828") = 0 mkdir("./829", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 112.478256][ T5856] loop0: detected capacity change from 0 to 4096 [ 112.487149][ T5856] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5857 ./strace-static-x86_64: Process 5857 attached [pid 5857] chdir("./829") = 0 [pid 5857] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5857] setpgid(0, 0) = 0 [pid 5857] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5857] write(3, "1000", 4) = 4 [pid 5857] close(3) = 0 [pid 5857] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5857] memfd_create("syzkaller", 0) = 3 [pid 5857] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5857] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5857] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5857] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5857] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5857] close(3) = 0 [pid 5857] mkdir("./file0", 0777) = 0 [pid 5857] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5857] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5857] chdir("./file0") = 0 [pid 5857] ioctl(4, LOOP_CLR_FD) = 0 [pid 5857] close(4) = 0 [pid 5857] exit_group(0) = ? [pid 5857] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5857, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- umount2("./829", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./829", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./829/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./829/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./829/binderfs") = 0 umount2("./829/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./829/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./829/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./829/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./829/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./829/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./829") = 0 mkdir("./830", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5858 ./strace-static-x86_64: Process 5858 attached [pid 5858] chdir("./830") = 0 [pid 5858] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5858] setpgid(0, 0) = 0 [pid 5858] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5858] write(3, "1000", 4) = 4 [pid 5858] close(3) = 0 [pid 5858] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5858] memfd_create("syzkaller", 0) = 3 [pid 5858] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 112.560701][ T5857] loop0: detected capacity change from 0 to 4096 [ 112.569299][ T5857] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5858] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5858] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5858] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5858] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5858] close(3) = 0 [pid 5858] mkdir("./file0", 0777) = 0 [pid 5858] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5858] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5858] chdir("./file0") = 0 [pid 5858] ioctl(4, LOOP_CLR_FD) = 0 [pid 5858] close(4) = 0 [pid 5858] exit_group(0) = ? [pid 5858] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5858, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./830", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./830", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./830/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./830/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./830/binderfs") = 0 umount2("./830/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./830/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./830/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./830/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./830/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./830/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./830") = 0 mkdir("./831", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5859 ./strace-static-x86_64: Process 5859 attached [pid 5859] chdir("./831") = 0 [pid 5859] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5859] setpgid(0, 0) = 0 [pid 5859] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5859] write(3, "1000", 4) = 4 [pid 5859] close(3) = 0 [pid 5859] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5859] memfd_create("syzkaller", 0) = 3 [pid 5859] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 112.637264][ T5858] loop0: detected capacity change from 0 to 4096 [ 112.645327][ T5858] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5859] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5859] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5859] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5859] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5859] close(3) = 0 [pid 5859] mkdir("./file0", 0777) = 0 [pid 5859] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5859] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5859] chdir("./file0") = 0 [pid 5859] ioctl(4, LOOP_CLR_FD) = 0 [pid 5859] close(4) = 0 [pid 5859] exit_group(0) = ? [pid 5859] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5859, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./831", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./831", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./831/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./831/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./831/binderfs") = 0 umount2("./831/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./831/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./831/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./831/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./831/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./831/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./831") = 0 mkdir("./832", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5860 ./strace-static-x86_64: Process 5860 attached [pid 5860] chdir("./832") = 0 [pid 5860] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5860] setpgid(0, 0) = 0 [pid 5860] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5860] write(3, "1000", 4) = 4 [pid 5860] close(3) = 0 [pid 5860] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5860] memfd_create("syzkaller", 0) = 3 [ 112.709881][ T5859] loop0: detected capacity change from 0 to 4096 [ 112.718342][ T5859] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5860] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5860] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5860] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5860] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5860] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5860] close(3) = 0 [pid 5860] mkdir("./file0", 0777) = 0 [pid 5860] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5860] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5860] chdir("./file0") = 0 [pid 5860] ioctl(4, LOOP_CLR_FD) = 0 [pid 5860] close(4) = 0 [pid 5860] exit_group(0) = ? [pid 5860] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5860, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./832", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./832", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./832/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./832/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./832/binderfs") = 0 umount2("./832/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./832/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./832/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./832/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./832/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./832/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./832") = 0 mkdir("./833", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5861 ./strace-static-x86_64: Process 5861 attached [pid 5861] chdir("./833") = 0 [pid 5861] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5861] setpgid(0, 0) = 0 [pid 5861] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5861] write(3, "1000", 4) = 4 [pid 5861] close(3) = 0 [pid 5861] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5861] memfd_create("syzkaller", 0) = 3 [pid 5861] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 112.789645][ T5860] loop0: detected capacity change from 0 to 4096 [ 112.798102][ T5860] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5861] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5861] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5861] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5861] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5861] close(3) = 0 [pid 5861] mkdir("./file0", 0777) = 0 [pid 5861] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5861] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5861] chdir("./file0") = 0 [pid 5861] ioctl(4, LOOP_CLR_FD) = 0 [pid 5861] close(4) = 0 [pid 5861] exit_group(0) = ? [pid 5861] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5861, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./833", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./833", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./833/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./833/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./833/binderfs") = 0 umount2("./833/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./833/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./833/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./833/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./833/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./833/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./833") = 0 mkdir("./834", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5862 ./strace-static-x86_64: Process 5862 attached [pid 5862] chdir("./834") = 0 [pid 5862] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5862] setpgid(0, 0) = 0 [pid 5862] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5862] write(3, "1000", 4) = 4 [pid 5862] close(3) = 0 [pid 5862] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5862] memfd_create("syzkaller", 0) = 3 [pid 5862] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 112.871405][ T5861] loop0: detected capacity change from 0 to 4096 [ 112.879933][ T5861] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5862] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5862] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5862] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5862] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5862] close(3) = 0 [pid 5862] mkdir("./file0", 0777) = 0 [pid 5862] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5862] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5862] chdir("./file0") = 0 [pid 5862] ioctl(4, LOOP_CLR_FD) = 0 [pid 5862] close(4) = 0 [pid 5862] exit_group(0) = ? [pid 5862] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5862, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./834", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./834", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./834/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./834/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./834/binderfs") = 0 umount2("./834/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./834/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./834/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./834/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./834/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./834/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./834") = 0 mkdir("./835", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5863 ./strace-static-x86_64: Process 5863 attached [pid 5863] chdir("./835") = 0 [pid 5863] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5863] setpgid(0, 0) = 0 [pid 5863] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5863] write(3, "1000", 4) = 4 [pid 5863] close(3) = 0 [pid 5863] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5863] memfd_create("syzkaller", 0) = 3 [pid 5863] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 112.948425][ T5862] loop0: detected capacity change from 0 to 4096 [ 112.957072][ T5862] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5863] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5863] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5863] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5863] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5863] close(3) = 0 [pid 5863] mkdir("./file0", 0777) = 0 [pid 5863] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5863] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5863] chdir("./file0") = 0 [pid 5863] ioctl(4, LOOP_CLR_FD) = 0 [pid 5863] close(4) = 0 [pid 5863] exit_group(0) = ? [pid 5863] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5863, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./835", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./835", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./835/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./835/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./835/binderfs") = 0 umount2("./835/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./835/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./835/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./835/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./835/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./835/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./835") = 0 mkdir("./836", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5864 ./strace-static-x86_64: Process 5864 attached [pid 5864] chdir("./836") = 0 [pid 5864] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5864] setpgid(0, 0) = 0 [pid 5864] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5864] write(3, "1000", 4) = 4 [pid 5864] close(3) = 0 [pid 5864] symlink("/dev/binderfs", "./binderfs") = 0 [ 113.030314][ T5863] loop0: detected capacity change from 0 to 4096 [ 113.038881][ T5863] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5864] memfd_create("syzkaller", 0) = 3 [pid 5864] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5864] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5864] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5864] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5864] close(3) = 0 [pid 5864] mkdir("./file0", 0777) = 0 [pid 5864] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5864] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5864] chdir("./file0") = 0 [pid 5864] ioctl(4, LOOP_CLR_FD) = 0 [pid 5864] close(4) = 0 [pid 5864] exit_group(0) = ? [pid 5864] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5864, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./836", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./836", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./836/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./836/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./836/binderfs") = 0 umount2("./836/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./836/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./836/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./836/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./836/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./836/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./836") = 0 mkdir("./837", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5865 [ 113.112806][ T5864] loop0: detected capacity change from 0 to 4096 [ 113.121376][ T5864] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ./strace-static-x86_64: Process 5865 attached [pid 5865] chdir("./837") = 0 [pid 5865] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5865] setpgid(0, 0) = 0 [pid 5865] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5865] write(3, "1000", 4) = 4 [pid 5865] close(3) = 0 [pid 5865] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5865] memfd_create("syzkaller", 0) = 3 [pid 5865] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5865] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5865] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5865] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5865] close(3) = 0 [pid 5865] mkdir("./file0", 0777) = 0 [pid 5865] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5865] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5865] chdir("./file0") = 0 [pid 5865] ioctl(4, LOOP_CLR_FD) = 0 [pid 5865] close(4) = 0 [pid 5865] exit_group(0) = ? [pid 5865] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5865, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./837", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./837", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./837/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./837/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./837/binderfs") = 0 umount2("./837/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./837/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./837/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./837/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./837/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./837/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./837") = 0 mkdir("./838", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 113.201014][ T5865] loop0: detected capacity change from 0 to 4096 [ 113.210330][ T5865] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5866 ./strace-static-x86_64: Process 5866 attached [pid 5866] chdir("./838") = 0 [pid 5866] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5866] setpgid(0, 0) = 0 [pid 5866] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5866] write(3, "1000", 4) = 4 [pid 5866] close(3) = 0 [pid 5866] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5866] memfd_create("syzkaller", 0) = 3 [pid 5866] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5866] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5866] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5866] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5866] close(3) = 0 [pid 5866] mkdir("./file0", 0777) = 0 [pid 5866] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5866] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5866] chdir("./file0") = 0 [pid 5866] ioctl(4, LOOP_CLR_FD) = 0 [pid 5866] close(4) = 0 [pid 5866] exit_group(0) = ? [pid 5866] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5866, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./838", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./838", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./838/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./838/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./838/binderfs") = 0 umount2("./838/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./838/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./838/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./838/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./838/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./838/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./838") = 0 mkdir("./839", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5867 ./strace-static-x86_64: Process 5867 attached [pid 5867] chdir("./839") = 0 [pid 5867] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5867] setpgid(0, 0) = 0 [pid 5867] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5867] write(3, "1000", 4) = 4 [pid 5867] close(3) = 0 [pid 5867] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5867] memfd_create("syzkaller", 0) = 3 [pid 5867] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 113.285621][ T5866] loop0: detected capacity change from 0 to 4096 [ 113.294275][ T5866] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5867] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5867] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5867] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5867] close(3) = 0 [pid 5867] mkdir("./file0", 0777) = 0 [pid 5867] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5867] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5867] chdir("./file0") = 0 [pid 5867] ioctl(4, LOOP_CLR_FD) = 0 [pid 5867] close(4) = 0 [pid 5867] exit_group(0) = ? [pid 5867] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5867, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./839", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./839", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./839/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./839/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./839/binderfs") = 0 umount2("./839/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./839/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./839/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./839/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./839/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./839/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./839") = 0 [ 113.360323][ T5867] loop0: detected capacity change from 0 to 4096 [ 113.369062][ T5867] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./840", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5868 ./strace-static-x86_64: Process 5868 attached [pid 5868] chdir("./840") = 0 [pid 5868] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5868] setpgid(0, 0) = 0 [pid 5868] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5868] write(3, "1000", 4) = 4 [pid 5868] close(3) = 0 [pid 5868] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5868] memfd_create("syzkaller", 0) = 3 [pid 5868] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5868] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5868] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5868] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5868] close(3) = 0 [pid 5868] mkdir("./file0", 0777) = 0 [pid 5868] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5868] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5868] chdir("./file0") = 0 [pid 5868] ioctl(4, LOOP_CLR_FD) = 0 [pid 5868] close(4) = 0 [pid 5868] exit_group(0) = ? [pid 5868] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5868, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./840", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./840", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./840/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./840/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./840/binderfs") = 0 umount2("./840/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./840/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./840/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./840/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./840/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./840/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./840") = 0 mkdir("./841", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5869 ./strace-static-x86_64: Process 5869 attached [pid 5869] chdir("./841") = 0 [pid 5869] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5869] setpgid(0, 0) = 0 [pid 5869] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5869] write(3, "1000", 4) = 4 [pid 5869] close(3) = 0 [pid 5869] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5869] memfd_create("syzkaller", 0) = 3 [pid 5869] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 113.452328][ T5868] loop0: detected capacity change from 0 to 4096 [ 113.460898][ T5868] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5869] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5869] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5869] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5869] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5869] close(3) = 0 [pid 5869] mkdir("./file0", 0777) = 0 [pid 5869] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5869] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5869] chdir("./file0") = 0 [pid 5869] ioctl(4, LOOP_CLR_FD) = 0 [pid 5869] close(4) = 0 [pid 5869] exit_group(0) = ? [pid 5869] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5869, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./841", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./841", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./841/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./841/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./841/binderfs") = 0 umount2("./841/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./841/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./841/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./841/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./841/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./841/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./841") = 0 mkdir("./842", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5870 ./strace-static-x86_64: Process 5870 attached [pid 5870] chdir("./842") = 0 [pid 5870] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5870] setpgid(0, 0) = 0 [pid 5870] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5870] write(3, "1000", 4) = 4 [pid 5870] close(3) = 0 [pid 5870] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5870] memfd_create("syzkaller", 0) = 3 [pid 5870] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 113.542945][ T5869] loop0: detected capacity change from 0 to 4096 [ 113.551153][ T5869] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5870] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5870] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5870] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5870] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5870] close(3) = 0 [pid 5870] mkdir("./file0", 0777) = 0 [pid 5870] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5870] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5870] chdir("./file0") = 0 [pid 5870] ioctl(4, LOOP_CLR_FD) = 0 [pid 5870] close(4) = 0 [pid 5870] exit_group(0) = ? [pid 5870] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5870, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./842", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./842", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./842/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./842/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./842/binderfs") = 0 umount2("./842/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./842/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./842/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./842/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./842/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./842/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./842") = 0 mkdir("./843", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5871 attached , child_tidptr=0x5555568435d0) = 5871 [pid 5871] chdir("./843") = 0 [pid 5871] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5871] setpgid(0, 0) = 0 [pid 5871] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5871] write(3, "1000", 4) = 4 [pid 5871] close(3) = 0 [pid 5871] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5871] memfd_create("syzkaller", 0) = 3 [pid 5871] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 113.616437][ T5870] loop0: detected capacity change from 0 to 4096 [ 113.625030][ T5870] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5871] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5871] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5871] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5871] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5871] close(3) = 0 [pid 5871] mkdir("./file0", 0777) = 0 [pid 5871] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5871] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5871] chdir("./file0") = 0 [pid 5871] ioctl(4, LOOP_CLR_FD) = 0 [pid 5871] close(4) = 0 [pid 5871] exit_group(0) = ? [pid 5871] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5871, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./843", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./843", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./843/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./843/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./843/binderfs") = 0 umount2("./843/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./843/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./843/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./843/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./843/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./843/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./843") = 0 mkdir("./844", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5872 ./strace-static-x86_64: Process 5872 attached [ 113.694441][ T5871] loop0: detected capacity change from 0 to 4096 [ 113.703329][ T5871] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5872] chdir("./844") = 0 [pid 5872] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5872] setpgid(0, 0) = 0 [pid 5872] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5872] write(3, "1000", 4) = 4 [pid 5872] close(3) = 0 [pid 5872] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5872] memfd_create("syzkaller", 0) = 3 [pid 5872] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5872] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5872] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5872] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5872] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5872] close(3) = 0 [pid 5872] mkdir("./file0", 0777) = 0 [pid 5872] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5872] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5872] chdir("./file0") = 0 [pid 5872] ioctl(4, LOOP_CLR_FD) = 0 [pid 5872] close(4) = 0 [pid 5872] exit_group(0) = ? [pid 5872] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5872, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./844", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./844", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./844/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./844/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./844/binderfs") = 0 umount2("./844/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./844/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./844/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./844/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./844/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./844/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./844") = 0 mkdir("./845", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 113.782201][ T5872] loop0: detected capacity change from 0 to 4096 [ 113.790381][ T5872] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5873 attached [pid 5873] chdir("./845") = 0 [pid 5873] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5873] setpgid(0, 0) = 0 [pid 5873] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5873] write(3, "1000", 4) = 4 [pid 5873] close(3) = 0 [pid 5873] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5873 [pid 5873] memfd_create("syzkaller", 0) = 3 [pid 5873] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5873] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5873] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5873] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5873] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5873] close(3) = 0 [pid 5873] mkdir("./file0", 0777) = 0 [pid 5873] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5873] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5873] chdir("./file0") = 0 [pid 5873] ioctl(4, LOOP_CLR_FD) = 0 [pid 5873] close(4) = 0 [pid 5873] exit_group(0) = ? [pid 5873] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5873, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./845", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./845", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./845/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./845/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./845/binderfs") = 0 umount2("./845/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./845/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./845/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./845/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./845/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./845/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./845") = 0 mkdir("./846", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5874 ./strace-static-x86_64: Process 5874 attached [pid 5874] chdir("./846") = 0 [pid 5874] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5874] setpgid(0, 0) = 0 [pid 5874] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5874] write(3, "1000", 4) = 4 [pid 5874] close(3) = 0 [pid 5874] symlink("/dev/binderfs", "./binderfs") = 0 [ 113.869114][ T5873] loop0: detected capacity change from 0 to 4096 [ 113.877996][ T5873] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5874] memfd_create("syzkaller", 0) = 3 [pid 5874] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5874] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5874] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5874] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5874] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5874] close(3) = 0 [pid 5874] mkdir("./file0", 0777) = 0 [pid 5874] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5874] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5874] chdir("./file0") = 0 [pid 5874] ioctl(4, LOOP_CLR_FD) = 0 [pid 5874] close(4) = 0 [pid 5874] exit_group(0) = ? [pid 5874] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5874, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- umount2("./846", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./846", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./846/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./846/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./846/binderfs") = 0 umount2("./846/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./846/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./846/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./846/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./846/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./846/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./846") = 0 [ 113.950078][ T5874] loop0: detected capacity change from 0 to 4096 [ 113.958756][ T5874] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./847", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5875 ./strace-static-x86_64: Process 5875 attached [pid 5875] chdir("./847") = 0 [pid 5875] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5875] setpgid(0, 0) = 0 [pid 5875] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5875] write(3, "1000", 4) = 4 [pid 5875] close(3) = 0 [pid 5875] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5875] memfd_create("syzkaller", 0) = 3 [pid 5875] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5875] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5875] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5875] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5875] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5875] close(3) = 0 [pid 5875] mkdir("./file0", 0777) = 0 [pid 5875] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5875] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5875] chdir("./file0") = 0 [pid 5875] ioctl(4, LOOP_CLR_FD) = 0 [pid 5875] close(4) = 0 [pid 5875] exit_group(0) = ? [pid 5875] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5875, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./847", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./847", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./847/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./847/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./847/binderfs") = 0 umount2("./847/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./847/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./847/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./847/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./847/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./847/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./847") = 0 mkdir("./848", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5876 ./strace-static-x86_64: Process 5876 attached [pid 5876] chdir("./848") = 0 [pid 5876] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5876] setpgid(0, 0) = 0 [pid 5876] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5876] write(3, "1000", 4) = 4 [pid 5876] close(3) = 0 [ 114.043869][ T5875] loop0: detected capacity change from 0 to 4096 [ 114.052345][ T5875] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5876] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5876] memfd_create("syzkaller", 0) = 3 [pid 5876] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5876] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5876] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5876] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5876] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5876] close(3) = 0 [pid 5876] mkdir("./file0", 0777) = 0 [pid 5876] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5876] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5876] chdir("./file0") = 0 [pid 5876] ioctl(4, LOOP_CLR_FD) = 0 [pid 5876] close(4) = 0 [pid 5876] exit_group(0) = ? [pid 5876] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5876, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./848", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./848", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./848/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./848/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./848/binderfs") = 0 umount2("./848/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./848/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./848/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./848/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./848/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./848/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./848") = 0 mkdir("./849", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5877 attached [pid 5877] chdir("./849") = 0 [pid 5877] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5877] setpgid(0, 0) = 0 [pid 5877] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5877] write(3, "1000", 4) = 4 [pid 5877] close(3) = 0 [pid 5877] symlink("/dev/binderfs", "./binderfs" [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5877 [pid 5877] <... symlink resumed>) = 0 [pid 5877] memfd_create("syzkaller", 0) = 3 [pid 5877] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 114.124078][ T5876] loop0: detected capacity change from 0 to 4096 [ 114.133107][ T5876] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5877] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5877] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5877] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5877] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5877] close(3) = 0 [pid 5877] mkdir("./file0", 0777) = 0 [pid 5877] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5877] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5877] chdir("./file0") = 0 [pid 5877] ioctl(4, LOOP_CLR_FD) = 0 [pid 5877] close(4) = 0 [pid 5877] exit_group(0) = ? [pid 5877] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5877, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./849", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./849", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./849/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./849/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./849/binderfs") = 0 umount2("./849/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./849/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./849/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./849/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./849/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./849/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./849") = 0 [ 114.203505][ T5877] loop0: detected capacity change from 0 to 4096 [ 114.212527][ T5877] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./850", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5878 ./strace-static-x86_64: Process 5878 attached [pid 5878] chdir("./850") = 0 [pid 5878] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5878] setpgid(0, 0) = 0 [pid 5878] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5878] write(3, "1000", 4) = 4 [pid 5878] close(3) = 0 [pid 5878] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5878] memfd_create("syzkaller", 0) = 3 [pid 5878] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5878] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5878] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5878] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5878] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5878] close(3) = 0 [pid 5878] mkdir("./file0", 0777) = 0 [pid 5878] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5878] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5878] chdir("./file0") = 0 [pid 5878] ioctl(4, LOOP_CLR_FD) = 0 [pid 5878] close(4) = 0 [pid 5878] exit_group(0) = ? [pid 5878] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5878, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./850", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./850", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./850/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./850/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./850/binderfs") = 0 umount2("./850/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./850/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./850/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./850/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./850/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./850/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./850") = 0 mkdir("./851", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5879 attached , child_tidptr=0x5555568435d0) = 5879 [pid 5879] chdir("./851") = 0 [pid 5879] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5879] setpgid(0, 0) = 0 [pid 5879] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5879] write(3, "1000", 4) = 4 [pid 5879] close(3) = 0 [pid 5879] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5879] memfd_create("syzkaller", 0) = 3 [pid 5879] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 114.297246][ T5878] loop0: detected capacity change from 0 to 4096 [ 114.305304][ T5878] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5879] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5879] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5879] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5879] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5879] close(3) = 0 [pid 5879] mkdir("./file0", 0777) = 0 [pid 5879] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5879] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5879] chdir("./file0") = 0 [pid 5879] ioctl(4, LOOP_CLR_FD) = 0 [pid 5879] close(4) = 0 [pid 5879] exit_group(0) = ? [pid 5879] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5879, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./851", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./851", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./851/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./851/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./851/binderfs") = 0 umount2("./851/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./851/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./851/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./851/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./851/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./851/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./851") = 0 mkdir("./852", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5880 ./strace-static-x86_64: Process 5880 attached [pid 5880] chdir("./852") = 0 [pid 5880] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5880] setpgid(0, 0) = 0 [pid 5880] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5880] write(3, "1000", 4) = 4 [pid 5880] close(3) = 0 [pid 5880] symlink("/dev/binderfs", "./binderfs") = 0 [ 114.376662][ T5879] loop0: detected capacity change from 0 to 4096 [ 114.384844][ T5879] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5880] memfd_create("syzkaller", 0) = 3 [pid 5880] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5880] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5880] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5880] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5880] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5880] close(3) = 0 [pid 5880] mkdir("./file0", 0777) = 0 [pid 5880] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5880] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5880] chdir("./file0") = 0 [pid 5880] ioctl(4, LOOP_CLR_FD) = 0 [pid 5880] close(4) = 0 [pid 5880] exit_group(0) = ? [pid 5880] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5880, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./852", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./852", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./852/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./852/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./852/binderfs") = 0 umount2("./852/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./852/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./852/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./852/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./852/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./852/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./852") = 0 mkdir("./853", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 114.462197][ T5880] loop0: detected capacity change from 0 to 4096 [ 114.471424][ T5880] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5881 attached , child_tidptr=0x5555568435d0) = 5881 [pid 5881] chdir("./853") = 0 [pid 5881] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5881] setpgid(0, 0) = 0 [pid 5881] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5881] write(3, "1000", 4) = 4 [pid 5881] close(3) = 0 [pid 5881] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5881] memfd_create("syzkaller", 0) = 3 [pid 5881] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5881] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5881] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5881] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5881] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5881] close(3) = 0 [pid 5881] mkdir("./file0", 0777) = 0 [pid 5881] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5881] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5881] chdir("./file0") = 0 [pid 5881] ioctl(4, LOOP_CLR_FD) = 0 [pid 5881] close(4) = 0 [pid 5881] exit_group(0) = ? [pid 5881] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5881, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./853", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./853", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./853/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./853/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./853/binderfs") = 0 umount2("./853/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./853/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./853/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./853/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./853/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./853/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./853") = 0 mkdir("./854", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5882 ./strace-static-x86_64: Process 5882 attached [pid 5882] chdir("./854") = 0 [pid 5882] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5882] setpgid(0, 0) = 0 [pid 5882] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 114.549144][ T5881] loop0: detected capacity change from 0 to 4096 [ 114.557197][ T5881] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5882] write(3, "1000", 4) = 4 [pid 5882] close(3) = 0 [pid 5882] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5882] memfd_create("syzkaller", 0) = 3 [pid 5882] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5882] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5882] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5882] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5882] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5882] close(3) = 0 [pid 5882] mkdir("./file0", 0777) = 0 [pid 5882] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5882] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5882] chdir("./file0") = 0 [pid 5882] ioctl(4, LOOP_CLR_FD) = 0 [pid 5882] close(4) = 0 [pid 5882] exit_group(0) = ? [pid 5882] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5882, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./854", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./854", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./854/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./854/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./854/binderfs") = 0 umount2("./854/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./854/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./854/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./854/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./854/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./854/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./854") = 0 mkdir("./855", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5883 ./strace-static-x86_64: Process 5883 attached [pid 5883] chdir("./855") = 0 [pid 5883] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5883] setpgid(0, 0) = 0 [pid 5883] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5883] write(3, "1000", 4) = 4 [pid 5883] close(3) = 0 [pid 5883] symlink("/dev/binderfs", "./binderfs") = 0 [ 114.635274][ T5882] loop0: detected capacity change from 0 to 4096 [ 114.643858][ T5882] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5883] memfd_create("syzkaller", 0) = 3 [pid 5883] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5883] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5883] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5883] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5883] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5883] close(3) = 0 [pid 5883] mkdir("./file0", 0777) = 0 [pid 5883] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5883] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5883] chdir("./file0") = 0 [pid 5883] ioctl(4, LOOP_CLR_FD) = 0 [pid 5883] close(4) = 0 [pid 5883] exit_group(0) = ? [pid 5883] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5883, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./855", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./855", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./855/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./855/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./855/binderfs") = 0 umount2("./855/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./855/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./855/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./855/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./855/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./855/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./855") = 0 mkdir("./856", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5884 ./strace-static-x86_64: Process 5884 attached [pid 5884] chdir("./856") = 0 [pid 5884] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5884] setpgid(0, 0) = 0 [pid 5884] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5884] write(3, "1000", 4) = 4 [pid 5884] close(3) = 0 [pid 5884] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5884] memfd_create("syzkaller", 0) = 3 [pid 5884] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 114.718085][ T5883] loop0: detected capacity change from 0 to 4096 [ 114.726605][ T5883] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5884] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5884] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5884] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5884] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5884] close(3) = 0 [pid 5884] mkdir("./file0", 0777) = 0 [pid 5884] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5884] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5884] chdir("./file0") = 0 [pid 5884] ioctl(4, LOOP_CLR_FD) = 0 [pid 5884] close(4) = 0 [pid 5884] exit_group(0) = ? [pid 5884] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5884, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./856", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./856", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./856/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./856/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./856/binderfs") = 0 umount2("./856/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./856/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./856/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./856/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./856/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./856/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./856") = 0 mkdir("./857", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5885 ./strace-static-x86_64: Process 5885 attached [pid 5885] chdir("./857") = 0 [pid 5885] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5885] setpgid(0, 0) = 0 [pid 5885] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 114.795297][ T5884] loop0: detected capacity change from 0 to 4096 [ 114.804205][ T5884] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5885] write(3, "1000", 4) = 4 [pid 5885] close(3) = 0 [pid 5885] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5885] memfd_create("syzkaller", 0) = 3 [pid 5885] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5885] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5885] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5885] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5885] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5885] close(3) = 0 [pid 5885] mkdir("./file0", 0777) = 0 [pid 5885] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5885] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5885] chdir("./file0") = 0 [pid 5885] ioctl(4, LOOP_CLR_FD) = 0 [pid 5885] close(4) = 0 [pid 5885] exit_group(0) = ? [pid 5885] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5885, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./857", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./857", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./857/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./857/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./857/binderfs") = 0 umount2("./857/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./857/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./857/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./857/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./857/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./857/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 [ 114.881352][ T5885] loop0: detected capacity change from 0 to 4096 [ 114.890793][ T5885] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). rmdir("./857") = 0 mkdir("./858", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5886 attached [pid 5886] chdir("./858") = 0 [pid 5886] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5886] setpgid(0, 0) = 0 [pid 5886] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5886 [pid 5886] write(3, "1000", 4) = 4 [pid 5886] close(3) = 0 [pid 5886] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5886] memfd_create("syzkaller", 0) = 3 [pid 5886] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5886] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5886] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5886] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5886] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5886] close(3) = 0 [pid 5886] mkdir("./file0", 0777) = 0 [pid 5886] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5886] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5886] chdir("./file0") = 0 [pid 5886] ioctl(4, LOOP_CLR_FD) = 0 [pid 5886] close(4) = 0 [pid 5886] exit_group(0) = ? [pid 5886] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5886, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./858", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./858", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./858/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./858/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./858/binderfs") = 0 umount2("./858/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./858/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./858/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./858/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./858/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./858/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 [ 114.974376][ T5886] loop0: detected capacity change from 0 to 4096 [ 114.982905][ T5886] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). rmdir("./858") = 0 mkdir("./859", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5887 ./strace-static-x86_64: Process 5887 attached [pid 5887] chdir("./859") = 0 [pid 5887] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5887] setpgid(0, 0) = 0 [pid 5887] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5887] write(3, "1000", 4) = 4 [pid 5887] close(3) = 0 [pid 5887] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5887] memfd_create("syzkaller", 0) = 3 [pid 5887] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5887] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5887] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5887] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5887] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5887] close(3) = 0 [pid 5887] mkdir("./file0", 0777) = 0 [pid 5887] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5887] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5887] chdir("./file0") = 0 [pid 5887] ioctl(4, LOOP_CLR_FD) = 0 [pid 5887] close(4) = 0 [pid 5887] exit_group(0) = ? [pid 5887] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5887, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./859", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./859", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./859/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./859/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./859/binderfs") = 0 umount2("./859/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./859/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./859/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./859/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./859/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./859/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./859") = 0 [ 115.065204][ T5887] loop0: detected capacity change from 0 to 4096 [ 115.074216][ T5887] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./860", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5888 ./strace-static-x86_64: Process 5888 attached [pid 5888] chdir("./860") = 0 [pid 5888] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5888] setpgid(0, 0) = 0 [pid 5888] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5888] write(3, "1000", 4) = 4 [pid 5888] close(3) = 0 [pid 5888] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5888] memfd_create("syzkaller", 0) = 3 [pid 5888] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5888] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5888] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5888] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5888] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5888] close(3) = 0 [pid 5888] mkdir("./file0", 0777) = 0 [pid 5888] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5888] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5888] chdir("./file0") = 0 [pid 5888] ioctl(4, LOOP_CLR_FD) = 0 [pid 5888] close(4) = 0 [pid 5888] exit_group(0) = ? [pid 5888] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5888, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./860", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./860", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./860/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./860/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./860/binderfs") = 0 umount2("./860/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./860/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./860/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./860/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./860/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./860/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./860") = 0 mkdir("./861", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5889 ./strace-static-x86_64: Process 5889 attached [pid 5889] chdir("./861") = 0 [pid 5889] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5889] setpgid(0, 0) = 0 [pid 5889] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5889] write(3, "1000", 4) = 4 [pid 5889] close(3) = 0 [pid 5889] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5889] memfd_create("syzkaller", 0) = 3 [pid 5889] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 115.161110][ T5888] loop0: detected capacity change from 0 to 4096 [ 115.169520][ T5888] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5889] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5889] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5889] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5889] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5889] close(3) = 0 [pid 5889] mkdir("./file0", 0777) = 0 [pid 5889] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5889] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5889] chdir("./file0") = 0 [pid 5889] ioctl(4, LOOP_CLR_FD) = 0 [pid 5889] close(4) = 0 [pid 5889] exit_group(0) = ? [pid 5889] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5889, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./861", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./861", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./861/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./861/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./861/binderfs") = 0 umount2("./861/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./861/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./861/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./861/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./861/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./861/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./861") = 0 mkdir("./862", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5890 ./strace-static-x86_64: Process 5890 attached [pid 5890] chdir("./862") = 0 [pid 5890] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5890] setpgid(0, 0) = 0 [pid 5890] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5890] write(3, "1000", 4) = 4 [pid 5890] close(3) = 0 [pid 5890] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5890] memfd_create("syzkaller", 0) = 3 [pid 5890] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 115.240766][ T5889] loop0: detected capacity change from 0 to 4096 [ 115.249529][ T5889] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5890] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5890] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5890] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5890] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5890] close(3) = 0 [pid 5890] mkdir("./file0", 0777) = 0 [pid 5890] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5890] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5890] chdir("./file0") = 0 [pid 5890] ioctl(4, LOOP_CLR_FD) = 0 [pid 5890] close(4) = 0 [pid 5890] exit_group(0) = ? [pid 5890] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5890, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./862", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./862", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./862/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./862/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./862/binderfs") = 0 umount2("./862/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./862/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./862/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./862/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./862/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./862/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./862") = 0 mkdir("./863", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 115.322148][ T5890] loop0: detected capacity change from 0 to 4096 [ 115.330555][ T5890] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5891 ./strace-static-x86_64: Process 5891 attached [pid 5891] chdir("./863") = 0 [pid 5891] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5891] setpgid(0, 0) = 0 [pid 5891] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5891] write(3, "1000", 4) = 4 [pid 5891] close(3) = 0 [pid 5891] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5891] memfd_create("syzkaller", 0) = 3 [pid 5891] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5891] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5891] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5891] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5891] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5891] close(3) = 0 [pid 5891] mkdir("./file0", 0777) = 0 [pid 5891] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5891] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5891] chdir("./file0") = 0 [pid 5891] ioctl(4, LOOP_CLR_FD) = 0 [pid 5891] close(4) = 0 [pid 5891] exit_group(0) = ? [pid 5891] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5891, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./863", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./863", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./863/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./863/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./863/binderfs") = 0 [ 115.414321][ T5891] loop0: detected capacity change from 0 to 4096 [ 115.423078][ T5891] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). umount2("./863/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./863/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./863/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./863/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./863/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./863/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./863") = 0 mkdir("./864", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5892 ./strace-static-x86_64: Process 5892 attached [pid 5892] chdir("./864") = 0 [pid 5892] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5892] setpgid(0, 0) = 0 [pid 5892] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5892] write(3, "1000", 4) = 4 [pid 5892] close(3) = 0 [pid 5892] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5892] memfd_create("syzkaller", 0) = 3 [pid 5892] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5892] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5892] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5892] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5892] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5892] close(3) = 0 [pid 5892] mkdir("./file0", 0777) = 0 [pid 5892] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5892] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5892] chdir("./file0") = 0 [pid 5892] ioctl(4, LOOP_CLR_FD) = 0 [pid 5892] close(4) = 0 [pid 5892] exit_group(0) = ? [pid 5892] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5892, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./864", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./864", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./864/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./864/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./864/binderfs") = 0 umount2("./864/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./864/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./864/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./864/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./864/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./864/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./864") = 0 mkdir("./865", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5893 ./strace-static-x86_64: Process 5893 attached [pid 5893] chdir("./865") = 0 [pid 5893] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5893] setpgid(0, 0) = 0 [pid 5893] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5893] write(3, "1000", 4) = 4 [pid 5893] close(3) = 0 [pid 5893] symlink("/dev/binderfs", "./binderfs") = 0 [ 115.509184][ T5892] loop0: detected capacity change from 0 to 4096 [ 115.517751][ T5892] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5893] memfd_create("syzkaller", 0) = 3 [pid 5893] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5893] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5893] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5893] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5893] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5893] close(3) = 0 [pid 5893] mkdir("./file0", 0777) = 0 [pid 5893] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5893] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5893] chdir("./file0") = 0 [pid 5893] ioctl(4, LOOP_CLR_FD) = 0 [pid 5893] close(4) = 0 [pid 5893] exit_group(0) = ? [pid 5893] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5893, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./865", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./865", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./865/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./865/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./865/binderfs") = 0 umount2("./865/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./865/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./865/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./865/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./865/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./865/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./865") = 0 mkdir("./866", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5894 ./strace-static-x86_64: Process 5894 attached [pid 5894] chdir("./866") = 0 [pid 5894] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5894] setpgid(0, 0) = 0 [pid 5894] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5894] write(3, "1000", 4) = 4 [pid 5894] close(3) = 0 [ 115.592112][ T5893] loop0: detected capacity change from 0 to 4096 [ 115.600805][ T5893] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5894] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5894] memfd_create("syzkaller", 0) = 3 [pid 5894] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5894] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5894] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5894] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5894] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5894] close(3) = 0 [pid 5894] mkdir("./file0", 0777) = 0 [pid 5894] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5894] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5894] chdir("./file0") = 0 [pid 5894] ioctl(4, LOOP_CLR_FD) = 0 [pid 5894] close(4) = 0 [pid 5894] exit_group(0) = ? [pid 5894] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5894, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./866", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./866", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./866/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./866/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./866/binderfs") = 0 umount2("./866/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./866/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./866/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./866/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./866/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./866/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./866") = 0 mkdir("./867", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5895 ./strace-static-x86_64: Process 5895 attached [pid 5895] chdir("./867") = 0 [pid 5895] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5895] setpgid(0, 0) = 0 [pid 5895] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5895] write(3, "1000", 4) = 4 [pid 5895] close(3) = 0 [pid 5895] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5895] memfd_create("syzkaller", 0) = 3 [pid 5895] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 115.680470][ T5894] loop0: detected capacity change from 0 to 4096 [ 115.689137][ T5894] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5895] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5895] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5895] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5895] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5895] close(3) = 0 [pid 5895] mkdir("./file0", 0777) = 0 [pid 5895] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5895] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5895] chdir("./file0") = 0 [pid 5895] ioctl(4, LOOP_CLR_FD) = 0 [pid 5895] close(4) = 0 [pid 5895] exit_group(0) = ? [pid 5895] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5895, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./867", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./867", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./867/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./867/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./867/binderfs") = 0 umount2("./867/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./867/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./867/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./867/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./867/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./867/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./867") = 0 mkdir("./868", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 115.760930][ T5895] loop0: detected capacity change from 0 to 4096 [ 115.769901][ T5895] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5896 attached , child_tidptr=0x5555568435d0) = 5896 [pid 5896] chdir("./868") = 0 [pid 5896] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5896] setpgid(0, 0) = 0 [pid 5896] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5896] write(3, "1000", 4) = 4 [pid 5896] close(3) = 0 [pid 5896] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5896] memfd_create("syzkaller", 0) = 3 [pid 5896] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5896] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5896] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5896] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5896] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5896] close(3) = 0 [pid 5896] mkdir("./file0", 0777) = 0 [pid 5896] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5896] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5896] chdir("./file0") = 0 [pid 5896] ioctl(4, LOOP_CLR_FD) = 0 [pid 5896] close(4) = 0 [pid 5896] exit_group(0) = ? [pid 5896] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5896, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./868", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./868", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./868/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./868/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./868/binderfs") = 0 umount2("./868/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./868/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./868/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./868/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./868/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./868/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./868") = 0 mkdir("./869", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 115.851795][ T5896] loop0: detected capacity change from 0 to 4096 [ 115.860214][ T5896] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5897 ./strace-static-x86_64: Process 5897 attached [pid 5897] chdir("./869") = 0 [pid 5897] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5897] setpgid(0, 0) = 0 [pid 5897] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5897] write(3, "1000", 4) = 4 [pid 5897] close(3) = 0 [pid 5897] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5897] memfd_create("syzkaller", 0) = 3 [pid 5897] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5897] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5897] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5897] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5897] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5897] close(3) = 0 [pid 5897] mkdir("./file0", 0777) = 0 [pid 5897] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5897] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5897] chdir("./file0") = 0 [pid 5897] ioctl(4, LOOP_CLR_FD) = 0 [pid 5897] close(4) = 0 [pid 5897] exit_group(0) = ? [pid 5897] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5897, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./869", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./869", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./869/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./869/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./869/binderfs") = 0 umount2("./869/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./869/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./869/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./869/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./869/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./869/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./869") = 0 mkdir("./870", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5898 ./strace-static-x86_64: Process 5898 attached [pid 5898] chdir("./870") = 0 [pid 5898] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5898] setpgid(0, 0) = 0 [pid 5898] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5898] write(3, "1000", 4) = 4 [pid 5898] close(3) = 0 [pid 5898] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5898] memfd_create("syzkaller", 0) = 3 [pid 5898] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 115.933579][ T5897] loop0: detected capacity change from 0 to 4096 [ 115.942134][ T5897] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5898] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5898] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5898] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5898] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5898] close(3) = 0 [pid 5898] mkdir("./file0", 0777) = 0 [pid 5898] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5898] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5898] chdir("./file0") = 0 [pid 5898] ioctl(4, LOOP_CLR_FD) = 0 [pid 5898] close(4) = 0 [pid 5898] exit_group(0) = ? [pid 5898] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5898, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./870", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./870", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./870/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./870/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./870/binderfs") = 0 umount2("./870/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./870/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./870/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./870/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./870/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./870/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./870") = 0 mkdir("./871", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 116.011318][ T5898] loop0: detected capacity change from 0 to 4096 [ 116.020330][ T5898] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5899 attached , child_tidptr=0x5555568435d0) = 5899 [pid 5899] chdir("./871") = 0 [pid 5899] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5899] setpgid(0, 0) = 0 [pid 5899] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5899] write(3, "1000", 4) = 4 [pid 5899] close(3) = 0 [pid 5899] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5899] memfd_create("syzkaller", 0) = 3 [pid 5899] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5899] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5899] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5899] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5899] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5899] close(3) = 0 [pid 5899] mkdir("./file0", 0777) = 0 [pid 5899] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5899] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5899] chdir("./file0") = 0 [pid 5899] ioctl(4, LOOP_CLR_FD) = 0 [pid 5899] close(4) = 0 [pid 5899] exit_group(0) = ? [pid 5899] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5899, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./871", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./871", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./871/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./871/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./871/binderfs") = 0 umount2("./871/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./871/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./871/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./871/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./871/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./871/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./871") = 0 mkdir("./872", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5900 ./strace-static-x86_64: Process 5900 attached [pid 5900] chdir("./872") = 0 [pid 5900] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5900] setpgid(0, 0) = 0 [pid 5900] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5900] write(3, "1000", 4) = 4 [pid 5900] close(3) = 0 [pid 5900] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5900] memfd_create("syzkaller", 0) = 3 [ 116.099342][ T5899] loop0: detected capacity change from 0 to 4096 [ 116.107541][ T5899] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5900] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5900] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5900] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5900] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5900] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5900] close(3) = 0 [pid 5900] mkdir("./file0", 0777) = 0 [pid 5900] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5900] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5900] chdir("./file0") = 0 [pid 5900] ioctl(4, LOOP_CLR_FD) = 0 [pid 5900] close(4) = 0 [pid 5900] exit_group(0) = ? [pid 5900] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5900, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./872", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./872", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./872/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./872/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./872/binderfs") = 0 umount2("./872/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./872/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./872/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./872/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./872/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./872/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./872") = 0 mkdir("./873", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5901 ./strace-static-x86_64: Process 5901 attached [pid 5901] chdir("./873") = 0 [pid 5901] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5901] setpgid(0, 0) = 0 [ 116.180083][ T5900] loop0: detected capacity change from 0 to 4096 [ 116.188536][ T5900] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5901] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5901] write(3, "1000", 4) = 4 [pid 5901] close(3) = 0 [pid 5901] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5901] memfd_create("syzkaller", 0) = 3 [pid 5901] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5901] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5901] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5901] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5901] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5901] close(3) = 0 [pid 5901] mkdir("./file0", 0777) = 0 [pid 5901] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5901] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5901] chdir("./file0") = 0 [pid 5901] ioctl(4, LOOP_CLR_FD) = 0 [pid 5901] close(4) = 0 [pid 5901] exit_group(0) = ? [pid 5901] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5901, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./873", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./873", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./873/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./873/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./873/binderfs") = 0 umount2("./873/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./873/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./873/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./873/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./873/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./873/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./873") = 0 mkdir("./874", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 116.264578][ T5901] loop0: detected capacity change from 0 to 4096 [ 116.273461][ T5901] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5902 ./strace-static-x86_64: Process 5902 attached [pid 5902] chdir("./874") = 0 [pid 5902] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5902] setpgid(0, 0) = 0 [pid 5902] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5902] write(3, "1000", 4) = 4 [pid 5902] close(3) = 0 [pid 5902] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5902] memfd_create("syzkaller", 0) = 3 [pid 5902] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5902] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5902] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5902] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5902] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5902] close(3) = 0 [pid 5902] mkdir("./file0", 0777) = 0 [pid 5902] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5902] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5902] chdir("./file0") = 0 [pid 5902] ioctl(4, LOOP_CLR_FD) = 0 [pid 5902] close(4) = 0 [pid 5902] exit_group(0) = ? [pid 5902] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5902, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./874", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./874", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./874/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./874/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./874/binderfs") = 0 umount2("./874/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./874/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./874/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./874/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./874/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./874/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./874") = 0 mkdir("./875", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5903 ./strace-static-x86_64: Process 5903 attached [pid 5903] chdir("./875") = 0 [pid 5903] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5903] setpgid(0, 0) = 0 [pid 5903] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5903] write(3, "1000", 4) = 4 [pid 5903] close(3) = 0 [pid 5903] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5903] memfd_create("syzkaller", 0) = 3 [pid 5903] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 116.354772][ T5902] loop0: detected capacity change from 0 to 4096 [ 116.363770][ T5902] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5903] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5903] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5903] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5903] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5903] close(3) = 0 [pid 5903] mkdir("./file0", 0777) = 0 [pid 5903] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5903] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5903] chdir("./file0") = 0 [pid 5903] ioctl(4, LOOP_CLR_FD) = 0 [pid 5903] close(4) = 0 [pid 5903] exit_group(0) = ? [pid 5903] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5903, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./875", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./875", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./875/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./875/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./875/binderfs") = 0 umount2("./875/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./875/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./875/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./875/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./875/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./875/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./875") = 0 mkdir("./876", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5904 ./strace-static-x86_64: Process 5904 attached [pid 5904] chdir("./876") = 0 [pid 5904] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5904] setpgid(0, 0) = 0 [pid 5904] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5904] write(3, "1000", 4) = 4 [pid 5904] close(3) = 0 [pid 5904] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5904] memfd_create("syzkaller", 0) = 3 [pid 5904] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 116.434731][ T5903] loop0: detected capacity change from 0 to 4096 [ 116.443391][ T5903] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5904] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5904] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5904] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5904] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5904] close(3) = 0 [pid 5904] mkdir("./file0", 0777) = 0 [pid 5904] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5904] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5904] chdir("./file0") = 0 [pid 5904] ioctl(4, LOOP_CLR_FD) = 0 [pid 5904] close(4) = 0 [pid 5904] exit_group(0) = ? [pid 5904] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5904, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./876", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./876", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./876/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./876/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./876/binderfs") = 0 umount2("./876/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./876/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./876/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./876/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./876/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./876/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./876") = 0 mkdir("./877", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5905 ./strace-static-x86_64: Process 5905 attached [pid 5905] chdir("./877") = 0 [pid 5905] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5905] setpgid(0, 0) = 0 [pid 5905] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5905] write(3, "1000", 4) = 4 [pid 5905] close(3) = 0 [pid 5905] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5905] memfd_create("syzkaller", 0) = 3 [pid 5905] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 116.515690][ T5904] loop0: detected capacity change from 0 to 4096 [ 116.524963][ T5904] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5905] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5905] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5905] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5905] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5905] close(3) = 0 [pid 5905] mkdir("./file0", 0777) = 0 [pid 5905] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5905] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5905] chdir("./file0") = 0 [pid 5905] ioctl(4, LOOP_CLR_FD) = 0 [pid 5905] close(4) = 0 [pid 5905] exit_group(0) = ? [pid 5905] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5905, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=1 /* 0.01 s */} --- umount2("./877", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./877", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./877/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./877/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./877/binderfs") = 0 umount2("./877/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./877/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./877/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./877/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./877/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./877/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./877") = 0 mkdir("./878", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 116.599396][ T5905] loop0: detected capacity change from 0 to 4096 [ 116.608168][ T5905] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5906 ./strace-static-x86_64: Process 5906 attached [pid 5906] chdir("./878") = 0 [pid 5906] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5906] setpgid(0, 0) = 0 [pid 5906] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5906] write(3, "1000", 4) = 4 [pid 5906] close(3) = 0 [pid 5906] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5906] memfd_create("syzkaller", 0) = 3 [pid 5906] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5906] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5906] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5906] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5906] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5906] close(3) = 0 [pid 5906] mkdir("./file0", 0777) = 0 [pid 5906] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5906] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5906] chdir("./file0") = 0 [pid 5906] ioctl(4, LOOP_CLR_FD) = 0 [pid 5906] close(4) = 0 [pid 5906] exit_group(0) = ? [pid 5906] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5906, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./878", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./878", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./878/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./878/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./878/binderfs") = 0 umount2("./878/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./878/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./878/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./878/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./878/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./878/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./878") = 0 mkdir("./879", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5907 ./strace-static-x86_64: Process 5907 attached [pid 5907] chdir("./879") = 0 [pid 5907] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5907] setpgid(0, 0) = 0 [pid 5907] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5907] write(3, "1000", 4) = 4 [pid 5907] close(3) = 0 [pid 5907] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5907] memfd_create("syzkaller", 0) = 3 [pid 5907] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 116.680607][ T5906] loop0: detected capacity change from 0 to 4096 [ 116.689204][ T5906] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5907] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5907] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5907] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5907] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5907] close(3) = 0 [pid 5907] mkdir("./file0", 0777) = 0 [pid 5907] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5907] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5907] chdir("./file0") = 0 [pid 5907] ioctl(4, LOOP_CLR_FD) = 0 [pid 5907] close(4) = 0 [pid 5907] exit_group(0) = ? [pid 5907] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5907, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./879", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./879", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./879/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./879/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./879/binderfs") = 0 umount2("./879/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./879/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./879/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./879/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./879/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./879/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./879") = 0 mkdir("./880", 0777) = 0 [ 116.759515][ T5907] loop0: detected capacity change from 0 to 4096 [ 116.767872][ T5907] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5908 attached [pid 5908] chdir("./880") = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5908 [pid 5908] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5908] setpgid(0, 0) = 0 [pid 5908] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5908] write(3, "1000", 4) = 4 [pid 5908] close(3) = 0 [pid 5908] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5908] memfd_create("syzkaller", 0) = 3 [pid 5908] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5908] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5908] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5908] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5908] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5908] close(3) = 0 [pid 5908] mkdir("./file0", 0777) = 0 [pid 5908] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5908] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5908] chdir("./file0") = 0 [pid 5908] ioctl(4, LOOP_CLR_FD) = 0 [pid 5908] close(4) = 0 [pid 5908] exit_group(0) = ? [pid 5908] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5908, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./880", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./880", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./880/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./880/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./880/binderfs") = 0 umount2("./880/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./880/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./880/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./880/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./880/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./880/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./880") = 0 [ 116.849655][ T5908] loop0: detected capacity change from 0 to 4096 [ 116.858490][ T5908] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./881", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5909 attached , child_tidptr=0x5555568435d0) = 5909 [pid 5909] chdir("./881") = 0 [pid 5909] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5909] setpgid(0, 0) = 0 [pid 5909] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5909] write(3, "1000", 4) = 4 [pid 5909] close(3) = 0 [pid 5909] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5909] memfd_create("syzkaller", 0) = 3 [pid 5909] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5909] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5909] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5909] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5909] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5909] close(3) = 0 [pid 5909] mkdir("./file0", 0777) = 0 [pid 5909] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5909] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5909] chdir("./file0") = 0 [pid 5909] ioctl(4, LOOP_CLR_FD) = 0 [pid 5909] close(4) = 0 [pid 5909] exit_group(0) = ? [pid 5909] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5909, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./881", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./881", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./881/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./881/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./881/binderfs") = 0 umount2("./881/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./881/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./881/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./881/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./881/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./881/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./881") = 0 mkdir("./882", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5910 ./strace-static-x86_64: Process 5910 attached [pid 5910] chdir("./882") = 0 [pid 5910] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5910] setpgid(0, 0) = 0 [pid 5910] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5910] write(3, "1000", 4) = 4 [pid 5910] close(3) = 0 [pid 5910] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5910] memfd_create("syzkaller", 0) = 3 [ 116.939570][ T5909] loop0: detected capacity change from 0 to 4096 [ 116.947475][ T5909] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5910] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5910] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5910] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5910] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5910] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5910] close(3) = 0 [pid 5910] mkdir("./file0", 0777) = 0 [pid 5910] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5910] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5910] chdir("./file0") = 0 [pid 5910] ioctl(4, LOOP_CLR_FD) = 0 [pid 5910] close(4) = 0 [pid 5910] exit_group(0) = ? [pid 5910] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5910, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./882", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./882", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./882/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./882/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./882/binderfs") = 0 umount2("./882/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./882/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./882/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./882/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./882/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./882/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./882") = 0 mkdir("./883", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 117.020774][ T5910] loop0: detected capacity change from 0 to 4096 [ 117.028894][ T5910] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5911 attached , child_tidptr=0x5555568435d0) = 5911 [pid 5911] chdir("./883") = 0 [pid 5911] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5911] setpgid(0, 0) = 0 [pid 5911] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5911] write(3, "1000", 4) = 4 [pid 5911] close(3) = 0 [pid 5911] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5911] memfd_create("syzkaller", 0) = 3 [pid 5911] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5911] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5911] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5911] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5911] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5911] close(3) = 0 [pid 5911] mkdir("./file0", 0777) = 0 [pid 5911] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5911] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5911] chdir("./file0") = 0 [pid 5911] ioctl(4, LOOP_CLR_FD) = 0 [pid 5911] close(4) = 0 [pid 5911] exit_group(0) = ? [pid 5911] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5911, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./883", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./883", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./883/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./883/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./883/binderfs") = 0 umount2("./883/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./883/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./883/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./883/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./883/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./883/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./883") = 0 mkdir("./884", 0777) = 0 [ 117.112029][ T5911] loop0: detected capacity change from 0 to 4096 [ 117.120914][ T5911] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5912 ./strace-static-x86_64: Process 5912 attached [pid 5912] chdir("./884") = 0 [pid 5912] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5912] setpgid(0, 0) = 0 [pid 5912] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5912] write(3, "1000", 4) = 4 [pid 5912] close(3) = 0 [pid 5912] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5912] memfd_create("syzkaller", 0) = 3 [pid 5912] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5912] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5912] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5912] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5912] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5912] close(3) = 0 [pid 5912] mkdir("./file0", 0777) = 0 [pid 5912] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5912] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5912] chdir("./file0") = 0 [pid 5912] ioctl(4, LOOP_CLR_FD) = 0 [pid 5912] close(4) = 0 [pid 5912] exit_group(0) = ? [pid 5912] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5912, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./884", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./884", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./884/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./884/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./884/binderfs") = 0 umount2("./884/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./884/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./884/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./884/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./884/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./884/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./884") = 0 mkdir("./885", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 117.205208][ T5912] loop0: detected capacity change from 0 to 4096 [ 117.213608][ T5912] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5913 attached [pid 5913] chdir("./885") = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5913 [pid 5913] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5913] setpgid(0, 0) = 0 [pid 5913] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5913] write(3, "1000", 4) = 4 [pid 5913] close(3) = 0 [pid 5913] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5913] memfd_create("syzkaller", 0) = 3 [pid 5913] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5913] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5913] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5913] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5913] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5913] close(3) = 0 [pid 5913] mkdir("./file0", 0777) = 0 [pid 5913] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5913] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5913] chdir("./file0") = 0 [pid 5913] ioctl(4, LOOP_CLR_FD) = 0 [pid 5913] close(4) = 0 [pid 5913] exit_group(0) = ? [pid 5913] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5913, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./885", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./885", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./885/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./885/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./885/binderfs") = 0 umount2("./885/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [ 117.293075][ T5913] loop0: detected capacity change from 0 to 4096 [ 117.301698][ T5913] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). umount2("./885/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./885/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./885/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./885/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./885/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./885") = 0 mkdir("./886", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5914 ./strace-static-x86_64: Process 5914 attached [pid 5914] chdir("./886") = 0 [pid 5914] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5914] setpgid(0, 0) = 0 [pid 5914] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5914] write(3, "1000", 4) = 4 [pid 5914] close(3) = 0 [pid 5914] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5914] memfd_create("syzkaller", 0) = 3 [pid 5914] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5914] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5914] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5914] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5914] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5914] close(3) = 0 [pid 5914] mkdir("./file0", 0777) = 0 [pid 5914] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5914] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5914] chdir("./file0") = 0 [pid 5914] ioctl(4, LOOP_CLR_FD) = 0 [pid 5914] close(4) = 0 [pid 5914] exit_group(0) = ? [pid 5914] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5914, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./886", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./886", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./886/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./886/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./886/binderfs") = 0 umount2("./886/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./886/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./886/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./886/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./886/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./886/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./886") = 0 mkdir("./887", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 117.390724][ T5914] loop0: detected capacity change from 0 to 4096 [ 117.398884][ T5914] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5915 attached , child_tidptr=0x5555568435d0) = 5915 [pid 5915] chdir("./887") = 0 [pid 5915] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5915] setpgid(0, 0) = 0 [pid 5915] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5915] write(3, "1000", 4) = 4 [pid 5915] close(3) = 0 [pid 5915] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5915] memfd_create("syzkaller", 0) = 3 [pid 5915] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5915] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5915] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5915] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5915] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5915] close(3) = 0 [pid 5915] mkdir("./file0", 0777) = 0 [pid 5915] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5915] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5915] chdir("./file0") = 0 [pid 5915] ioctl(4, LOOP_CLR_FD) = 0 [pid 5915] close(4) = 0 [pid 5915] exit_group(0) = ? [pid 5915] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5915, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./887", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./887", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./887/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./887/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./887/binderfs") = 0 umount2("./887/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./887/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./887/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./887/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./887/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./887/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./887") = 0 mkdir("./888", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 117.482685][ T5915] loop0: detected capacity change from 0 to 4096 [ 117.491184][ T5915] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5916 ./strace-static-x86_64: Process 5916 attached [pid 5916] chdir("./888") = 0 [pid 5916] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5916] setpgid(0, 0) = 0 [pid 5916] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5916] write(3, "1000", 4) = 4 [pid 5916] close(3) = 0 [pid 5916] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5916] memfd_create("syzkaller", 0) = 3 [pid 5916] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5916] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5916] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5916] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5916] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5916] close(3) = 0 [pid 5916] mkdir("./file0", 0777) = 0 [pid 5916] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5916] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5916] chdir("./file0") = 0 [pid 5916] ioctl(4, LOOP_CLR_FD) = 0 [pid 5916] close(4) = 0 [pid 5916] exit_group(0) = ? [pid 5916] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5916, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./888", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./888", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./888/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./888/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./888/binderfs") = 0 umount2("./888/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./888/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./888/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./888/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./888/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./888/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 [ 117.572838][ T5916] loop0: detected capacity change from 0 to 4096 [ 117.581218][ T5916] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). rmdir("./888") = 0 mkdir("./889", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5917 ./strace-static-x86_64: Process 5917 attached [pid 5917] chdir("./889") = 0 [pid 5917] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5917] setpgid(0, 0) = 0 [pid 5917] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5917] write(3, "1000", 4) = 4 [pid 5917] close(3) = 0 [pid 5917] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5917] memfd_create("syzkaller", 0) = 3 [pid 5917] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5917] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5917] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5917] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5917] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5917] close(3) = 0 [pid 5917] mkdir("./file0", 0777) = 0 [pid 5917] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5917] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5917] chdir("./file0") = 0 [pid 5917] ioctl(4, LOOP_CLR_FD) = 0 [pid 5917] close(4) = 0 [pid 5917] exit_group(0) = ? [pid 5917] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5917, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./889", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./889", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./889/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./889/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./889/binderfs") = 0 umount2("./889/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./889/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./889/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./889/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./889/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./889/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./889") = 0 mkdir("./890", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5918 ./strace-static-x86_64: Process 5918 attached [pid 5918] chdir("./890") = 0 [pid 5918] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5918] setpgid(0, 0) = 0 [pid 5918] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 117.668211][ T5917] loop0: detected capacity change from 0 to 4096 [ 117.677035][ T5917] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5918] write(3, "1000", 4) = 4 [pid 5918] close(3) = 0 [pid 5918] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5918] memfd_create("syzkaller", 0) = 3 [pid 5918] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5918] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5918] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5918] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5918] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5918] close(3) = 0 [pid 5918] mkdir("./file0", 0777) = 0 [pid 5918] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5918] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5918] chdir("./file0") = 0 [pid 5918] ioctl(4, LOOP_CLR_FD) = 0 [pid 5918] close(4) = 0 [pid 5918] exit_group(0) = ? [pid 5918] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5918, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./890", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./890", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./890/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./890/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./890/binderfs") = 0 umount2("./890/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./890/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./890/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./890/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./890/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./890/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./890") = 0 mkdir("./891", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5919 ./strace-static-x86_64: Process 5919 attached [pid 5919] chdir("./891") = 0 [pid 5919] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5919] setpgid(0, 0) = 0 [pid 5919] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5919] write(3, "1000", 4) = 4 [pid 5919] close(3) = 0 [pid 5919] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5919] memfd_create("syzkaller", 0) = 3 [pid 5919] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 117.756587][ T5918] loop0: detected capacity change from 0 to 4096 [ 117.765159][ T5918] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5919] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5919] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5919] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5919] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5919] close(3) = 0 [pid 5919] mkdir("./file0", 0777) = 0 [pid 5919] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5919] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5919] chdir("./file0") = 0 [pid 5919] ioctl(4, LOOP_CLR_FD) = 0 [pid 5919] close(4) = 0 [pid 5919] exit_group(0) = ? [pid 5919] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5919, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./891", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./891", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./891/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./891/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./891/binderfs") = 0 umount2("./891/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./891/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./891/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./891/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./891/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./891/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./891") = 0 mkdir("./892", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 117.843107][ T5919] loop0: detected capacity change from 0 to 4096 [ 117.851821][ T5919] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5920 ./strace-static-x86_64: Process 5920 attached [pid 5920] chdir("./892") = 0 [pid 5920] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5920] setpgid(0, 0) = 0 [pid 5920] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5920] write(3, "1000", 4) = 4 [pid 5920] close(3) = 0 [pid 5920] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5920] memfd_create("syzkaller", 0) = 3 [pid 5920] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5920] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5920] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5920] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5920] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5920] close(3) = 0 [pid 5920] mkdir("./file0", 0777) = 0 [pid 5920] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5920] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5920] chdir("./file0") = 0 [pid 5920] ioctl(4, LOOP_CLR_FD) = 0 [pid 5920] close(4) = 0 [pid 5920] exit_group(0) = ? [pid 5920] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5920, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./892", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./892", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./892/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./892/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./892/binderfs") = 0 umount2("./892/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./892/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./892/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./892/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./892/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 [ 117.927951][ T5920] loop0: detected capacity change from 0 to 4096 [ 117.937160][ T5920] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). rmdir("./892/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./892") = 0 mkdir("./893", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5921 ./strace-static-x86_64: Process 5921 attached [pid 5921] chdir("./893") = 0 [pid 5921] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5921] setpgid(0, 0) = 0 [pid 5921] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5921] write(3, "1000", 4) = 4 [pid 5921] close(3) = 0 [pid 5921] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5921] memfd_create("syzkaller", 0) = 3 [pid 5921] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5921] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5921] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5921] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5921] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5921] close(3) = 0 [pid 5921] mkdir("./file0", 0777) = 0 [pid 5921] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5921] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5921] chdir("./file0") = 0 [pid 5921] ioctl(4, LOOP_CLR_FD) = 0 [pid 5921] close(4) = 0 [pid 5921] exit_group(0) = ? [pid 5921] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5921, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./893", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./893", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./893/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./893/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./893/binderfs") = 0 umount2("./893/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./893/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./893/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./893/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./893/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./893/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./893") = 0 mkdir("./894", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5922 ./strace-static-x86_64: Process 5922 attached [pid 5922] chdir("./894") = 0 [pid 5922] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5922] setpgid(0, 0) = 0 [pid 5922] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5922] write(3, "1000", 4) = 4 [pid 5922] close(3) = 0 [pid 5922] symlink("/dev/binderfs", "./binderfs") = 0 [ 118.025928][ T5921] loop0: detected capacity change from 0 to 4096 [ 118.034366][ T5921] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5922] memfd_create("syzkaller", 0) = 3 [pid 5922] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5922] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5922] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5922] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5922] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5922] close(3) = 0 [pid 5922] mkdir("./file0", 0777) = 0 [pid 5922] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5922] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5922] chdir("./file0") = 0 [pid 5922] ioctl(4, LOOP_CLR_FD) = 0 [pid 5922] close(4) = 0 [pid 5922] exit_group(0) = ? [pid 5922] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5922, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./894", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./894", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./894/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./894/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./894/binderfs") = 0 umount2("./894/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./894/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./894/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./894/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./894/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./894/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./894") = 0 mkdir("./895", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5923 ./strace-static-x86_64: Process 5923 attached [pid 5923] chdir("./895") = 0 [pid 5923] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5923] setpgid(0, 0) = 0 [pid 5923] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5923] write(3, "1000", 4) = 4 [pid 5923] close(3) = 0 [pid 5923] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5923] memfd_create("syzkaller", 0) = 3 [pid 5923] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 118.111002][ T5922] loop0: detected capacity change from 0 to 4096 [ 118.119750][ T5922] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5923] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5923] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5923] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5923] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5923] close(3) = 0 [pid 5923] mkdir("./file0", 0777) = 0 [pid 5923] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5923] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5923] chdir("./file0") = 0 [pid 5923] ioctl(4, LOOP_CLR_FD) = 0 [pid 5923] close(4) = 0 [pid 5923] exit_group(0) = ? [pid 5923] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5923, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./895", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./895", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./895/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./895/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./895/binderfs") = 0 umount2("./895/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./895/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./895/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./895/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./895/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./895/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./895") = 0 mkdir("./896", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5924 ./strace-static-x86_64: Process 5924 attached [pid 5924] chdir("./896") = 0 [pid 5924] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5924] setpgid(0, 0) = 0 [pid 5924] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5924] write(3, "1000", 4) = 4 [ 118.193114][ T5923] loop0: detected capacity change from 0 to 4096 [ 118.201052][ T5923] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5924] close(3) = 0 [pid 5924] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5924] memfd_create("syzkaller", 0) = 3 [pid 5924] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5924] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5924] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5924] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5924] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5924] close(3) = 0 [pid 5924] mkdir("./file0", 0777) = 0 [pid 5924] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5924] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5924] chdir("./file0") = 0 [pid 5924] ioctl(4, LOOP_CLR_FD) = 0 [pid 5924] close(4) = 0 [pid 5924] exit_group(0) = ? [pid 5924] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5924, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./896", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./896", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./896/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./896/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./896/binderfs") = 0 umount2("./896/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./896/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./896/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./896/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./896/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./896/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./896") = 0 mkdir("./897", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5925 attached , child_tidptr=0x5555568435d0) = 5925 [ 118.278142][ T5924] loop0: detected capacity change from 0 to 4096 [ 118.287509][ T5924] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5925] chdir("./897") = 0 [pid 5925] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5925] setpgid(0, 0) = 0 [pid 5925] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5925] write(3, "1000", 4) = 4 [pid 5925] close(3) = 0 [pid 5925] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5925] memfd_create("syzkaller", 0) = 3 [pid 5925] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5925] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5925] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5925] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5925] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5925] close(3) = 0 [pid 5925] mkdir("./file0", 0777) = 0 [pid 5925] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5925] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5925] chdir("./file0") = 0 [pid 5925] ioctl(4, LOOP_CLR_FD) = 0 [pid 5925] close(4) = 0 [pid 5925] exit_group(0) = ? [pid 5925] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5925, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./897", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./897", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./897/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./897/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./897/binderfs") = 0 umount2("./897/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./897/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./897/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./897/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./897/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./897/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./897") = 0 mkdir("./898", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5926 attached [pid 5926] chdir("./898") = 0 [pid 5926] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5926] setpgid(0, 0) = 0 [pid 5926] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5926] write(3, "1000", 4) = 4 [pid 5926] close(3) = 0 [pid 5926] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 5926 [pid 5926] memfd_create("syzkaller", 0) = 3 [pid 5926] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 118.367314][ T5925] loop0: detected capacity change from 0 to 4096 [ 118.375563][ T5925] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5926] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5926] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5926] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5926] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5926] close(3) = 0 [pid 5926] mkdir("./file0", 0777) = 0 [pid 5926] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5926] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5926] chdir("./file0") = 0 [pid 5926] ioctl(4, LOOP_CLR_FD) = 0 [pid 5926] close(4) = 0 [pid 5926] exit_group(0) = ? [pid 5926] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5926, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./898", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./898", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./898/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./898/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./898/binderfs") = 0 umount2("./898/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./898/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./898/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./898/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./898/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./898/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./898") = 0 mkdir("./899", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5927 ./strace-static-x86_64: Process 5927 attached [pid 5927] chdir("./899") = 0 [ 118.443163][ T5926] loop0: detected capacity change from 0 to 4096 [ 118.451936][ T5926] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5927] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5927] setpgid(0, 0) = 0 [pid 5927] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5927] write(3, "1000", 4) = 4 [pid 5927] close(3) = 0 [pid 5927] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5927] memfd_create("syzkaller", 0) = 3 [pid 5927] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5927] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5927] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5927] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5927] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5927] close(3) = 0 [pid 5927] mkdir("./file0", 0777) = 0 [pid 5927] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5927] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5927] chdir("./file0") = 0 [pid 5927] ioctl(4, LOOP_CLR_FD) = 0 [pid 5927] close(4) = 0 [pid 5927] exit_group(0) = ? [pid 5927] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5927, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./899", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./899", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./899/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./899/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./899/binderfs") = 0 umount2("./899/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./899/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./899/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./899/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./899/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./899/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./899") = 0 mkdir("./900", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5928 ./strace-static-x86_64: Process 5928 attached [ 118.528602][ T5927] loop0: detected capacity change from 0 to 4096 [ 118.537701][ T5927] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5928] chdir("./900") = 0 [pid 5928] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5928] setpgid(0, 0) = 0 [pid 5928] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5928] write(3, "1000", 4) = 4 [pid 5928] close(3) = 0 [pid 5928] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5928] memfd_create("syzkaller", 0) = 3 [pid 5928] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5928] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5928] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5928] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5928] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5928] close(3) = 0 [pid 5928] mkdir("./file0", 0777) = 0 [pid 5928] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5928] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5928] chdir("./file0") = 0 [pid 5928] ioctl(4, LOOP_CLR_FD) = 0 [pid 5928] close(4) = 0 [pid 5928] exit_group(0) = ? [pid 5928] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5928, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./900", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./900", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./900/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./900/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./900/binderfs") = 0 umount2("./900/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./900/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./900/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./900/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./900/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./900/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./900") = 0 mkdir("./901", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5929 ./strace-static-x86_64: Process 5929 attached [pid 5929] chdir("./901") = 0 [pid 5929] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 118.622705][ T5928] loop0: detected capacity change from 0 to 4096 [ 118.630854][ T5928] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5929] setpgid(0, 0) = 0 [pid 5929] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5929] write(3, "1000", 4) = 4 [pid 5929] close(3) = 0 [pid 5929] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5929] memfd_create("syzkaller", 0) = 3 [pid 5929] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5929] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5929] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5929] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5929] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5929] close(3) = 0 [pid 5929] mkdir("./file0", 0777) = 0 [pid 5929] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5929] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5929] chdir("./file0") = 0 [pid 5929] ioctl(4, LOOP_CLR_FD) = 0 [pid 5929] close(4) = 0 [pid 5929] exit_group(0) = ? [pid 5929] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5929, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./901", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./901", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./901/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./901/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./901/binderfs") = 0 umount2("./901/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./901/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./901/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./901/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./901/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./901/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./901") = 0 mkdir("./902", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 118.704502][ T5929] loop0: detected capacity change from 0 to 4096 [ 118.712783][ T5929] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5930 ./strace-static-x86_64: Process 5930 attached [pid 5930] chdir("./902") = 0 [pid 5930] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5930] setpgid(0, 0) = 0 [pid 5930] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5930] write(3, "1000", 4) = 4 [pid 5930] close(3) = 0 [pid 5930] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5930] memfd_create("syzkaller", 0) = 3 [pid 5930] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5930] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5930] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5930] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5930] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5930] close(3) = 0 [pid 5930] mkdir("./file0", 0777) = 0 [pid 5930] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5930] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5930] chdir("./file0") = 0 [pid 5930] ioctl(4, LOOP_CLR_FD) = 0 [pid 5930] close(4) = 0 [pid 5930] exit_group(0) = ? [pid 5930] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5930, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./902", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./902", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./902/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./902/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./902/binderfs") = 0 umount2("./902/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./902/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./902/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./902/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./902/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./902/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./902") = 0 mkdir("./903", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5931 ./strace-static-x86_64: Process 5931 attached [pid 5931] chdir("./903") = 0 [pid 5931] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5931] setpgid(0, 0) = 0 [pid 5931] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5931] write(3, "1000", 4) = 4 [pid 5931] close(3) = 0 [pid 5931] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5931] memfd_create("syzkaller", 0) = 3 [pid 5931] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 118.795370][ T5930] loop0: detected capacity change from 0 to 4096 [ 118.803246][ T5930] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5931] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5931] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5931] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5931] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5931] close(3) = 0 [pid 5931] mkdir("./file0", 0777) = 0 [pid 5931] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5931] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5931] chdir("./file0") = 0 [pid 5931] ioctl(4, LOOP_CLR_FD) = 0 [pid 5931] close(4) = 0 [pid 5931] exit_group(0) = ? [pid 5931] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5931, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./903", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./903", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./903/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./903/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./903/binderfs") = 0 umount2("./903/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./903/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./903/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./903/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./903/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./903/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./903") = 0 mkdir("./904", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5932 ./strace-static-x86_64: Process 5932 attached [pid 5932] chdir("./904") = 0 [pid 5932] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5932] setpgid(0, 0) = 0 [pid 5932] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5932] write(3, "1000", 4) = 4 [pid 5932] close(3) = 0 [pid 5932] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5932] memfd_create("syzkaller", 0) = 3 [pid 5932] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 118.868986][ T5931] loop0: detected capacity change from 0 to 4096 [ 118.877788][ T5931] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5932] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5932] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5932] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5932] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5932] close(3) = 0 [pid 5932] mkdir("./file0", 0777) = 0 [pid 5932] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5932] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5932] chdir("./file0") = 0 [pid 5932] ioctl(4, LOOP_CLR_FD) = 0 [pid 5932] close(4) = 0 [pid 5932] exit_group(0) = ? [pid 5932] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5932, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./904", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./904", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./904/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./904/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./904/binderfs") = 0 umount2("./904/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./904/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./904/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./904/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./904/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./904/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./904") = 0 mkdir("./905", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5933 ./strace-static-x86_64: Process 5933 attached [pid 5933] chdir("./905") = 0 [pid 5933] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5933] setpgid(0, 0) = 0 [pid 5933] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5933] write(3, "1000", 4) = 4 [pid 5933] close(3) = 0 [pid 5933] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5933] memfd_create("syzkaller", 0) = 3 [pid 5933] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 118.949696][ T5932] loop0: detected capacity change from 0 to 4096 [ 118.957934][ T5932] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5933] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5933] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5933] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5933] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5933] close(3) = 0 [pid 5933] mkdir("./file0", 0777) = 0 [pid 5933] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5933] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5933] chdir("./file0") = 0 [pid 5933] ioctl(4, LOOP_CLR_FD) = 0 [pid 5933] close(4) = 0 [pid 5933] exit_group(0) = ? [pid 5933] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5933, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./905", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./905", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./905/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./905/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./905/binderfs") = 0 umount2("./905/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./905/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./905/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./905/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./905/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./905/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./905") = 0 mkdir("./906", 0777) = 0 [ 119.032486][ T5933] loop0: detected capacity change from 0 to 4096 [ 119.040739][ T5933] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5934 ./strace-static-x86_64: Process 5934 attached [pid 5934] chdir("./906") = 0 [pid 5934] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5934] setpgid(0, 0) = 0 [pid 5934] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5934] write(3, "1000", 4) = 4 [pid 5934] close(3) = 0 [pid 5934] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5934] memfd_create("syzkaller", 0) = 3 [pid 5934] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5934] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5934] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5934] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5934] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5934] close(3) = 0 [pid 5934] mkdir("./file0", 0777) = 0 [pid 5934] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5934] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5934] chdir("./file0") = 0 [pid 5934] ioctl(4, LOOP_CLR_FD) = 0 [pid 5934] close(4) = 0 [pid 5934] exit_group(0) = ? [pid 5934] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5934, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./906", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./906", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./906/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./906/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./906/binderfs") = 0 umount2("./906/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./906/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./906/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./906/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./906/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./906/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./906") = 0 mkdir("./907", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 119.122998][ T5934] loop0: detected capacity change from 0 to 4096 [ 119.131484][ T5934] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5935 ./strace-static-x86_64: Process 5935 attached [pid 5935] chdir("./907") = 0 [pid 5935] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5935] setpgid(0, 0) = 0 [pid 5935] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5935] write(3, "1000", 4) = 4 [pid 5935] close(3) = 0 [pid 5935] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5935] memfd_create("syzkaller", 0) = 3 [pid 5935] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5935] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5935] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5935] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5935] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5935] close(3) = 0 [pid 5935] mkdir("./file0", 0777) = 0 [pid 5935] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5935] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5935] chdir("./file0") = 0 [pid 5935] ioctl(4, LOOP_CLR_FD) = 0 [pid 5935] close(4) = 0 [pid 5935] exit_group(0) = ? [pid 5935] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5935, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./907", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./907", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./907/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./907/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./907/binderfs") = 0 umount2("./907/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./907/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./907/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./907/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./907/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./907/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./907") = 0 mkdir("./908", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5936 ./strace-static-x86_64: Process 5936 attached [pid 5936] chdir("./908") = 0 [pid 5936] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5936] setpgid(0, 0) = 0 [pid 5936] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5936] write(3, "1000", 4) = 4 [pid 5936] close(3) = 0 [ 119.205650][ T5935] loop0: detected capacity change from 0 to 4096 [ 119.214082][ T5935] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5936] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5936] memfd_create("syzkaller", 0) = 3 [pid 5936] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5936] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5936] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5936] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5936] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5936] close(3) = 0 [pid 5936] mkdir("./file0", 0777) = 0 [pid 5936] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5936] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5936] chdir("./file0") = 0 [pid 5936] ioctl(4, LOOP_CLR_FD) = 0 [pid 5936] close(4) = 0 [pid 5936] exit_group(0) = ? [pid 5936] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5936, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./908", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./908", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./908/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./908/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./908/binderfs") = 0 umount2("./908/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./908/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./908/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./908/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./908/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./908/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./908") = 0 mkdir("./909", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5937 ./strace-static-x86_64: Process 5937 attached [pid 5937] chdir("./909") = 0 [pid 5937] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5937] setpgid(0, 0) = 0 [pid 5937] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5937] write(3, "1000", 4) = 4 [pid 5937] close(3) = 0 [pid 5937] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5937] memfd_create("syzkaller", 0) = 3 [ 119.287565][ T5936] loop0: detected capacity change from 0 to 4096 [ 119.295609][ T5936] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5937] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5937] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5937] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5937] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5937] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5937] close(3) = 0 [pid 5937] mkdir("./file0", 0777) = 0 [pid 5937] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5937] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5937] chdir("./file0") = 0 [pid 5937] ioctl(4, LOOP_CLR_FD) = 0 [pid 5937] close(4) = 0 [pid 5937] exit_group(0) = ? [pid 5937] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5937, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./909", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./909", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./909/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./909/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./909/binderfs") = 0 umount2("./909/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./909/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./909/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./909/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./909/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./909/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./909") = 0 mkdir("./910", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5938 ./strace-static-x86_64: Process 5938 attached [pid 5938] chdir("./910") = 0 [pid 5938] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5938] setpgid(0, 0) = 0 [pid 5938] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5938] write(3, "1000", 4) = 4 [pid 5938] close(3) = 0 [pid 5938] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5938] memfd_create("syzkaller", 0) = 3 [pid 5938] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 119.372019][ T5937] loop0: detected capacity change from 0 to 4096 [ 119.381130][ T5937] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5938] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5938] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5938] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5938] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5938] close(3) = 0 [pid 5938] mkdir("./file0", 0777) = 0 [pid 5938] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5938] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5938] chdir("./file0") = 0 [pid 5938] ioctl(4, LOOP_CLR_FD) = 0 [pid 5938] close(4) = 0 [pid 5938] exit_group(0) = ? [pid 5938] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5938, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./910", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./910", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./910/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./910/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./910/binderfs") = 0 umount2("./910/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./910/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./910/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./910/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./910/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./910/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./910") = 0 mkdir("./911", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 119.449760][ T5938] loop0: detected capacity change from 0 to 4096 [ 119.458076][ T5938] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5939 ./strace-static-x86_64: Process 5939 attached [pid 5939] chdir("./911") = 0 [pid 5939] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5939] setpgid(0, 0) = 0 [pid 5939] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5939] write(3, "1000", 4) = 4 [pid 5939] close(3) = 0 [pid 5939] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5939] memfd_create("syzkaller", 0) = 3 [pid 5939] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5939] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5939] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5939] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5939] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5939] close(3) = 0 [pid 5939] mkdir("./file0", 0777) = 0 [pid 5939] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5939] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5939] chdir("./file0") = 0 [pid 5939] ioctl(4, LOOP_CLR_FD) = 0 [pid 5939] close(4) = 0 [pid 5939] exit_group(0) = ? [pid 5939] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5939, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./911", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./911", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./911/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./911/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./911/binderfs") = 0 umount2("./911/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./911/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./911/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./911/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./911/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./911/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./911") = 0 mkdir("./912", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 119.537211][ T5939] loop0: detected capacity change from 0 to 4096 [ 119.545492][ T5939] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5940 ./strace-static-x86_64: Process 5940 attached [pid 5940] chdir("./912") = 0 [pid 5940] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5940] setpgid(0, 0) = 0 [pid 5940] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5940] write(3, "1000", 4) = 4 [pid 5940] close(3) = 0 [pid 5940] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5940] memfd_create("syzkaller", 0) = 3 [pid 5940] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5940] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5940] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5940] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5940] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5940] close(3) = 0 [pid 5940] mkdir("./file0", 0777) = 0 [pid 5940] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5940] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5940] chdir("./file0") = 0 [pid 5940] ioctl(4, LOOP_CLR_FD) = 0 [pid 5940] close(4) = 0 [pid 5940] exit_group(0) = ? [pid 5940] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5940, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./912", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./912", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./912/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./912/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./912/binderfs") = 0 umount2("./912/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./912/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./912/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./912/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./912/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./912/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./912") = 0 mkdir("./913", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5941 ./strace-static-x86_64: Process 5941 attached [pid 5941] chdir("./913") = 0 [pid 5941] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5941] setpgid(0, 0) = 0 [pid 5941] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5941] write(3, "1000", 4) = 4 [pid 5941] close(3) = 0 [pid 5941] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5941] memfd_create("syzkaller", 0) = 3 [pid 5941] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 119.622945][ T5940] loop0: detected capacity change from 0 to 4096 [ 119.631586][ T5940] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5941] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5941] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5941] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5941] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5941] close(3) = 0 [pid 5941] mkdir("./file0", 0777) = 0 [pid 5941] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5941] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5941] chdir("./file0") = 0 [pid 5941] ioctl(4, LOOP_CLR_FD) = 0 [pid 5941] close(4) = 0 [pid 5941] exit_group(0) = ? [pid 5941] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5941, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./913", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./913", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./913/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./913/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./913/binderfs") = 0 umount2("./913/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./913/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./913/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./913/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./913/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./913/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./913") = 0 mkdir("./914", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 119.701405][ T5941] loop0: detected capacity change from 0 to 4096 [ 119.710339][ T5941] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5942 attached , child_tidptr=0x5555568435d0) = 5942 [pid 5942] chdir("./914") = 0 [pid 5942] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5942] setpgid(0, 0) = 0 [pid 5942] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5942] write(3, "1000", 4) = 4 [pid 5942] close(3) = 0 [pid 5942] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5942] memfd_create("syzkaller", 0) = 3 [pid 5942] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5942] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5942] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5942] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5942] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5942] close(3) = 0 [pid 5942] mkdir("./file0", 0777) = 0 [pid 5942] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5942] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5942] chdir("./file0") = 0 [pid 5942] ioctl(4, LOOP_CLR_FD) = 0 [pid 5942] close(4) = 0 [pid 5942] exit_group(0) = ? [pid 5942] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5942, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./914", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./914", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./914/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./914/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./914/binderfs") = 0 umount2("./914/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./914/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./914/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./914/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./914/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./914/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./914") = 0 mkdir("./915", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5943 ./strace-static-x86_64: Process 5943 attached [pid 5943] chdir("./915") = 0 [pid 5943] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5943] setpgid(0, 0) = 0 [pid 5943] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5943] write(3, "1000", 4) = 4 [pid 5943] close(3) = 0 [pid 5943] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5943] memfd_create("syzkaller", 0) = 3 [pid 5943] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 119.791039][ T5942] loop0: detected capacity change from 0 to 4096 [ 119.800243][ T5942] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5943] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5943] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5943] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5943] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5943] close(3) = 0 [pid 5943] mkdir("./file0", 0777) = 0 [pid 5943] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5943] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5943] chdir("./file0") = 0 [pid 5943] ioctl(4, LOOP_CLR_FD) = 0 [pid 5943] close(4) = 0 [pid 5943] exit_group(0) = ? [pid 5943] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5943, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./915", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./915", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./915/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./915/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./915/binderfs") = 0 umount2("./915/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./915/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./915/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./915/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./915/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./915/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./915") = 0 mkdir("./916", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5944 ./strace-static-x86_64: Process 5944 attached [pid 5944] chdir("./916") = 0 [pid 5944] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5944] setpgid(0, 0) = 0 [pid 5944] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5944] write(3, "1000", 4) = 4 [pid 5944] close(3) = 0 [pid 5944] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5944] memfd_create("syzkaller", 0) = 3 [pid 5944] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 119.870332][ T5943] loop0: detected capacity change from 0 to 4096 [ 119.879181][ T5943] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5944] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5944] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5944] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5944] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5944] close(3) = 0 [pid 5944] mkdir("./file0", 0777) = 0 [pid 5944] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5944] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5944] chdir("./file0") = 0 [pid 5944] ioctl(4, LOOP_CLR_FD) = 0 [pid 5944] close(4) = 0 [pid 5944] exit_group(0) = ? [pid 5944] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5944, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./916", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./916", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./916/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./916/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./916/binderfs") = 0 umount2("./916/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./916/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./916/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./916/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./916/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./916/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./916") = 0 mkdir("./917", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5945 ./strace-static-x86_64: Process 5945 attached [pid 5945] chdir("./917") = 0 [pid 5945] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5945] setpgid(0, 0) = 0 [pid 5945] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5945] write(3, "1000", 4) = 4 [pid 5945] close(3) = 0 [pid 5945] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5945] memfd_create("syzkaller", 0) = 3 [pid 5945] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 119.950032][ T5944] loop0: detected capacity change from 0 to 4096 [ 119.958526][ T5944] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5945] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5945] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5945] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5945] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5945] close(3) = 0 [pid 5945] mkdir("./file0", 0777) = 0 [pid 5945] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5945] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5945] chdir("./file0") = 0 [pid 5945] ioctl(4, LOOP_CLR_FD) = 0 [pid 5945] close(4) = 0 [pid 5945] exit_group(0) = ? [pid 5945] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5945, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./917", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./917", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./917/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./917/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./917/binderfs") = 0 umount2("./917/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./917/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./917/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./917/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./917/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./917/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./917") = 0 mkdir("./918", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5946 ./strace-static-x86_64: Process 5946 attached [pid 5946] chdir("./918") = 0 [pid 5946] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5946] setpgid(0, 0) = 0 [pid 5946] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5946] write(3, "1000", 4) = 4 [pid 5946] close(3) = 0 [pid 5946] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5946] memfd_create("syzkaller", 0) = 3 [pid 5946] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 120.032708][ T5945] loop0: detected capacity change from 0 to 4096 [ 120.041352][ T5945] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5946] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5946] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5946] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5946] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5946] close(3) = 0 [pid 5946] mkdir("./file0", 0777) = 0 [pid 5946] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5946] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5946] chdir("./file0") = 0 [pid 5946] ioctl(4, LOOP_CLR_FD) = 0 [pid 5946] close(4) = 0 [pid 5946] exit_group(0) = ? [pid 5946] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5946, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./918", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./918", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./918/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./918/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./918/binderfs") = 0 umount2("./918/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./918/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./918/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./918/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./918/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./918/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./918") = 0 mkdir("./919", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 120.112227][ T5946] loop0: detected capacity change from 0 to 4096 [ 120.120548][ T5946] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5947 ./strace-static-x86_64: Process 5947 attached [pid 5947] chdir("./919") = 0 [pid 5947] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5947] setpgid(0, 0) = 0 [pid 5947] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5947] write(3, "1000", 4) = 4 [pid 5947] close(3) = 0 [pid 5947] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5947] memfd_create("syzkaller", 0) = 3 [pid 5947] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5947] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5947] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5947] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5947] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5947] close(3) = 0 [pid 5947] mkdir("./file0", 0777) = 0 [pid 5947] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5947] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5947] chdir("./file0") = 0 [pid 5947] ioctl(4, LOOP_CLR_FD) = 0 [pid 5947] close(4) = 0 [pid 5947] exit_group(0) = ? [pid 5947] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5947, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./919", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./919", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./919/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./919/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./919/binderfs") = 0 umount2("./919/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./919/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./919/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./919/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./919/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./919/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./919") = 0 mkdir("./920", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5948 ./strace-static-x86_64: Process 5948 attached [pid 5948] chdir("./920") = 0 [pid 5948] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5948] setpgid(0, 0) = 0 [pid 5948] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5948] write(3, "1000", 4) = 4 [pid 5948] close(3) = 0 [pid 5948] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5948] memfd_create("syzkaller", 0) = 3 [pid 5948] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 120.198753][ T5947] loop0: detected capacity change from 0 to 4096 [ 120.206900][ T5947] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5948] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5948] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5948] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5948] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5948] close(3) = 0 [pid 5948] mkdir("./file0", 0777) = 0 [pid 5948] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5948] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5948] chdir("./file0") = 0 [pid 5948] ioctl(4, LOOP_CLR_FD) = 0 [pid 5948] close(4) = 0 [pid 5948] exit_group(0) = ? [pid 5948] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5948, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./920", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./920", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./920/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./920/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./920/binderfs") = 0 umount2("./920/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./920/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./920/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./920/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./920/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./920/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./920") = 0 mkdir("./921", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5949 ./strace-static-x86_64: Process 5949 attached [pid 5949] chdir("./921") = 0 [pid 5949] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5949] setpgid(0, 0) = 0 [pid 5949] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5949] write(3, "1000", 4) = 4 [pid 5949] close(3) = 0 [pid 5949] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5949] memfd_create("syzkaller", 0) = 3 [pid 5949] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 120.276795][ T5948] loop0: detected capacity change from 0 to 4096 [ 120.284690][ T5948] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5949] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5949] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5949] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5949] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5949] close(3) = 0 [pid 5949] mkdir("./file0", 0777) = 0 [pid 5949] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5949] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5949] chdir("./file0") = 0 [pid 5949] ioctl(4, LOOP_CLR_FD) = 0 [pid 5949] close(4) = 0 [pid 5949] exit_group(0) = ? [pid 5949] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5949, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./921", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./921", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./921/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./921/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./921/binderfs") = 0 umount2("./921/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./921/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./921/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./921/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./921/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./921/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./921") = 0 mkdir("./922", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5950 [ 120.348147][ T5949] loop0: detected capacity change from 0 to 4096 [ 120.357502][ T5949] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ./strace-static-x86_64: Process 5950 attached [pid 5950] chdir("./922") = 0 [pid 5950] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5950] setpgid(0, 0) = 0 [pid 5950] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5950] write(3, "1000", 4) = 4 [pid 5950] close(3) = 0 [pid 5950] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5950] memfd_create("syzkaller", 0) = 3 [pid 5950] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5950] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5950] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5950] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5950] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5950] close(3) = 0 [pid 5950] mkdir("./file0", 0777) = 0 [pid 5950] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5950] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5950] chdir("./file0") = 0 [pid 5950] ioctl(4, LOOP_CLR_FD) = 0 [pid 5950] close(4) = 0 [pid 5950] exit_group(0) = ? [pid 5950] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5950, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./922", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./922", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./922/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./922/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./922/binderfs") = 0 umount2("./922/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./922/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./922/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./922/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./922/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./922/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./922") = 0 mkdir("./923", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5951 attached , child_tidptr=0x5555568435d0) = 5951 [pid 5951] chdir("./923") = 0 [pid 5951] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5951] setpgid(0, 0) = 0 [pid 5951] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5951] write(3, "1000", 4) = 4 [pid 5951] close(3) = 0 [pid 5951] symlink("/dev/binderfs", "./binderfs") = 0 [ 120.437582][ T5950] loop0: detected capacity change from 0 to 4096 [ 120.446595][ T5950] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5951] memfd_create("syzkaller", 0) = 3 [pid 5951] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5951] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5951] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5951] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5951] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5951] close(3) = 0 [pid 5951] mkdir("./file0", 0777) = 0 [pid 5951] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5951] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5951] chdir("./file0") = 0 [pid 5951] ioctl(4, LOOP_CLR_FD) = 0 [pid 5951] close(4) = 0 [pid 5951] exit_group(0) = ? [pid 5951] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5951, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./923", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./923", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./923/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./923/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./923/binderfs") = 0 umount2("./923/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./923/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./923/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./923/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./923/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./923/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./923") = 0 mkdir("./924", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5952 ./strace-static-x86_64: Process 5952 attached [pid 5952] chdir("./924") = 0 [pid 5952] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5952] setpgid(0, 0) = 0 [pid 5952] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 120.522258][ T5951] loop0: detected capacity change from 0 to 4096 [ 120.531052][ T5951] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5952] write(3, "1000", 4) = 4 [pid 5952] close(3) = 0 [pid 5952] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5952] memfd_create("syzkaller", 0) = 3 [pid 5952] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5952] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5952] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5952] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5952] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5952] close(3) = 0 [pid 5952] mkdir("./file0", 0777) = 0 [pid 5952] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5952] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5952] chdir("./file0") = 0 [pid 5952] ioctl(4, LOOP_CLR_FD) = 0 [pid 5952] close(4) = 0 [pid 5952] exit_group(0) = ? [pid 5952] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5952, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./924", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./924", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./924/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./924/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./924/binderfs") = 0 umount2("./924/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./924/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./924/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./924/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./924/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./924/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./924") = 0 mkdir("./925", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5953 ./strace-static-x86_64: Process 5953 attached [pid 5953] chdir("./925") = 0 [pid 5953] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5953] setpgid(0, 0) = 0 [pid 5953] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5953] write(3, "1000", 4) = 4 [pid 5953] close(3) = 0 [pid 5953] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5953] memfd_create("syzkaller", 0) = 3 [pid 5953] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 120.606641][ T5952] loop0: detected capacity change from 0 to 4096 [ 120.614892][ T5952] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5953] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5953] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5953] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5953] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5953] close(3) = 0 [pid 5953] mkdir("./file0", 0777) = 0 [pid 5953] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5953] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5953] chdir("./file0") = 0 [pid 5953] ioctl(4, LOOP_CLR_FD) = 0 [pid 5953] close(4) = 0 [pid 5953] exit_group(0) = ? [pid 5953] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5953, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./925", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./925", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./925/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./925/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./925/binderfs") = 0 umount2("./925/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./925/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./925/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./925/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./925/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./925/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./925") = 0 mkdir("./926", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5954 ./strace-static-x86_64: Process 5954 attached [pid 5954] chdir("./926") = 0 [pid 5954] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5954] setpgid(0, 0) = 0 [pid 5954] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 120.688520][ T5953] loop0: detected capacity change from 0 to 4096 [ 120.697551][ T5953] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5954] write(3, "1000", 4) = 4 [pid 5954] close(3) = 0 [pid 5954] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5954] memfd_create("syzkaller", 0) = 3 [pid 5954] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5954] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5954] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5954] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5954] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5954] close(3) = 0 [pid 5954] mkdir("./file0", 0777) = 0 [pid 5954] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5954] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5954] chdir("./file0") = 0 [pid 5954] ioctl(4, LOOP_CLR_FD) = 0 [pid 5954] close(4) = 0 [pid 5954] exit_group(0) = ? [pid 5954] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5954, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./926", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./926", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./926/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./926/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./926/binderfs") = 0 umount2("./926/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./926/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./926/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./926/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./926/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./926/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./926") = 0 mkdir("./927", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5955 ./strace-static-x86_64: Process 5955 attached [pid 5955] chdir("./927") = 0 [pid 5955] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5955] setpgid(0, 0) = 0 [pid 5955] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5955] write(3, "1000", 4) = 4 [pid 5955] close(3) = 0 [pid 5955] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5955] memfd_create("syzkaller", 0) = 3 [pid 5955] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 120.772222][ T5954] loop0: detected capacity change from 0 to 4096 [ 120.780742][ T5954] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5955] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5955] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5955] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5955] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5955] close(3) = 0 [pid 5955] mkdir("./file0", 0777) = 0 [pid 5955] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5955] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5955] chdir("./file0") = 0 [pid 5955] ioctl(4, LOOP_CLR_FD) = 0 [pid 5955] close(4) = 0 [pid 5955] exit_group(0) = ? [pid 5955] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5955, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./927", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./927", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./927/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./927/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./927/binderfs") = 0 umount2("./927/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./927/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./927/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./927/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./927/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./927/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./927") = 0 mkdir("./928", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5956 ./strace-static-x86_64: Process 5956 attached [pid 5956] chdir("./928") = 0 [pid 5956] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5956] setpgid(0, 0) = 0 [pid 5956] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5956] write(3, "1000", 4) = 4 [pid 5956] close(3) = 0 [ 120.849427][ T5955] loop0: detected capacity change from 0 to 4096 [ 120.858207][ T5955] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5956] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5956] memfd_create("syzkaller", 0) = 3 [pid 5956] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5956] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5956] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5956] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5956] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5956] close(3) = 0 [pid 5956] mkdir("./file0", 0777) = 0 [pid 5956] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5956] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5956] chdir("./file0") = 0 [pid 5956] ioctl(4, LOOP_CLR_FD) = 0 [pid 5956] close(4) = 0 [pid 5956] exit_group(0) = ? [pid 5956] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5956, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./928", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./928", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./928/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./928/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./928/binderfs") = 0 umount2("./928/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./928/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./928/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./928/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./928/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./928/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./928") = 0 mkdir("./929", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5957 ./strace-static-x86_64: Process 5957 attached [pid 5957] chdir("./929") = 0 [pid 5957] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5957] setpgid(0, 0) = 0 [pid 5957] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5957] write(3, "1000", 4) = 4 [pid 5957] close(3) = 0 [pid 5957] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5957] memfd_create("syzkaller", 0) = 3 [ 120.935253][ T5956] loop0: detected capacity change from 0 to 4096 [ 120.943824][ T5956] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5957] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5957] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5957] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5957] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5957] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5957] close(3) = 0 [pid 5957] mkdir("./file0", 0777) = 0 [pid 5957] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5957] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5957] chdir("./file0") = 0 [pid 5957] ioctl(4, LOOP_CLR_FD) = 0 [pid 5957] close(4) = 0 [pid 5957] exit_group(0) = ? [pid 5957] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5957, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./929", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./929", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./929/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./929/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./929/binderfs") = 0 umount2("./929/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./929/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./929/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./929/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./929/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./929/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./929") = 0 mkdir("./930", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5958 ./strace-static-x86_64: Process 5958 attached [pid 5958] chdir("./930") = 0 [pid 5958] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5958] setpgid(0, 0) = 0 [ 121.020056][ T5957] loop0: detected capacity change from 0 to 4096 [ 121.028006][ T5957] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5958] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5958] write(3, "1000", 4) = 4 [pid 5958] close(3) = 0 [pid 5958] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5958] memfd_create("syzkaller", 0) = 3 [pid 5958] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5958] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5958] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5958] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5958] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5958] close(3) = 0 [pid 5958] mkdir("./file0", 0777) = 0 [pid 5958] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5958] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5958] chdir("./file0") = 0 [pid 5958] ioctl(4, LOOP_CLR_FD) = 0 [pid 5958] close(4) = 0 [pid 5958] exit_group(0) = ? [pid 5958] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5958, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./930", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./930", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./930/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./930/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./930/binderfs") = 0 umount2("./930/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./930/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./930/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./930/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./930/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./930/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./930") = 0 mkdir("./931", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5959 ./strace-static-x86_64: Process 5959 attached [pid 5959] chdir("./931") = 0 [pid 5959] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5959] setpgid(0, 0) = 0 [pid 5959] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5959] write(3, "1000", 4) = 4 [pid 5959] close(3) = 0 [pid 5959] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5959] memfd_create("syzkaller", 0) = 3 [pid 5959] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 121.104237][ T5958] loop0: detected capacity change from 0 to 4096 [ 121.112619][ T5958] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5959] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5959] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5959] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5959] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5959] close(3) = 0 [pid 5959] mkdir("./file0", 0777) = 0 [pid 5959] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5959] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5959] chdir("./file0") = 0 [pid 5959] ioctl(4, LOOP_CLR_FD) = 0 [pid 5959] close(4) = 0 [pid 5959] exit_group(0) = ? [pid 5959] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5959, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./931", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./931", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./931/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./931/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./931/binderfs") = 0 umount2("./931/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./931/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./931/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./931/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./931/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./931/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./931") = 0 mkdir("./932", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5960 ./strace-static-x86_64: Process 5960 attached [pid 5960] chdir("./932") = 0 [pid 5960] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5960] setpgid(0, 0) = 0 [pid 5960] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5960] write(3, "1000", 4) = 4 [pid 5960] close(3) = 0 [pid 5960] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5960] memfd_create("syzkaller", 0) = 3 [pid 5960] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 121.186713][ T5959] loop0: detected capacity change from 0 to 4096 [ 121.195017][ T5959] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5960] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5960] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5960] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5960] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5960] close(3) = 0 [pid 5960] mkdir("./file0", 0777) = 0 [pid 5960] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5960] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5960] chdir("./file0") = 0 [pid 5960] ioctl(4, LOOP_CLR_FD) = 0 [pid 5960] close(4) = 0 [pid 5960] exit_group(0) = ? [pid 5960] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5960, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./932", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./932", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./932/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./932/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./932/binderfs") = 0 umount2("./932/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./932/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./932/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./932/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./932/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./932/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./932") = 0 mkdir("./933", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 121.267098][ T5960] loop0: detected capacity change from 0 to 4096 [ 121.275155][ T5960] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5961 ./strace-static-x86_64: Process 5961 attached [pid 5961] chdir("./933") = 0 [pid 5961] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5961] setpgid(0, 0) = 0 [pid 5961] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5961] write(3, "1000", 4) = 4 [pid 5961] close(3) = 0 [pid 5961] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5961] memfd_create("syzkaller", 0) = 3 [pid 5961] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5961] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5961] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5961] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5961] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5961] close(3) = 0 [pid 5961] mkdir("./file0", 0777) = 0 [pid 5961] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5961] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5961] chdir("./file0") = 0 [pid 5961] ioctl(4, LOOP_CLR_FD) = 0 [pid 5961] close(4) = 0 [pid 5961] exit_group(0) = ? [pid 5961] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5961, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./933", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./933", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./933/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./933/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./933/binderfs") = 0 umount2("./933/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./933/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./933/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./933/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./933/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./933/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./933") = 0 mkdir("./934", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5962 ./strace-static-x86_64: Process 5962 attached [pid 5962] chdir("./934") = 0 [pid 5962] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5962] setpgid(0, 0) = 0 [pid 5962] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5962] write(3, "1000", 4) = 4 [pid 5962] close(3) = 0 [pid 5962] symlink("/dev/binderfs", "./binderfs") = 0 [ 121.381076][ T5961] loop0: detected capacity change from 0 to 4096 [ 121.389689][ T5961] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5962] memfd_create("syzkaller", 0) = 3 [pid 5962] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5962] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5962] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5962] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5962] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5962] close(3) = 0 [pid 5962] mkdir("./file0", 0777) = 0 [pid 5962] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5962] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5962] chdir("./file0") = 0 [pid 5962] ioctl(4, LOOP_CLR_FD) = 0 [pid 5962] close(4) = 0 [pid 5962] exit_group(0) = ? [pid 5962] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5962, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./934", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./934", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./934/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./934/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./934/binderfs") = 0 umount2("./934/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./934/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./934/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./934/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./934/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./934/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./934") = 0 mkdir("./935", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5963 ./strace-static-x86_64: Process 5963 attached [pid 5963] chdir("./935") = 0 [pid 5963] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5963] setpgid(0, 0) = 0 [pid 5963] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5963] write(3, "1000", 4) = 4 [pid 5963] close(3) = 0 [pid 5963] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5963] memfd_create("syzkaller", 0) = 3 [pid 5963] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 121.460838][ T5962] loop0: detected capacity change from 0 to 4096 [ 121.470390][ T5962] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5963] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5963] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5963] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5963] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5963] close(3) = 0 [pid 5963] mkdir("./file0", 0777) = 0 [pid 5963] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5963] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5963] chdir("./file0") = 0 [pid 5963] ioctl(4, LOOP_CLR_FD) = 0 [pid 5963] close(4) = 0 [pid 5963] exit_group(0) = ? [pid 5963] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5963, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./935", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./935", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./935/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./935/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./935/binderfs") = 0 umount2("./935/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./935/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./935/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./935/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./935/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./935/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./935") = 0 mkdir("./936", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5964 ./strace-static-x86_64: Process 5964 attached [pid 5964] chdir("./936") = 0 [pid 5964] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5964] setpgid(0, 0) = 0 [pid 5964] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5964] write(3, "1000", 4) = 4 [pid 5964] close(3) = 0 [pid 5964] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5964] memfd_create("syzkaller", 0) = 3 [pid 5964] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 121.539333][ T5963] loop0: detected capacity change from 0 to 4096 [ 121.557389][ T5963] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5964] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5964] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5964] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5964] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5964] close(3) = 0 [pid 5964] mkdir("./file0", 0777) = 0 [pid 5964] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5964] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5964] chdir("./file0") = 0 [pid 5964] ioctl(4, LOOP_CLR_FD) = 0 [pid 5964] close(4) = 0 [pid 5964] exit_group(0) = ? [pid 5964] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5964, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./936", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./936", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./936/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./936/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./936/binderfs") = 0 umount2("./936/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./936/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./936/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./936/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./936/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./936/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./936") = 0 mkdir("./937", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5965 ./strace-static-x86_64: Process 5965 attached [pid 5965] chdir("./937") = 0 [ 121.623326][ T5964] loop0: detected capacity change from 0 to 4096 [ 121.631624][ T5964] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5965] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5965] setpgid(0, 0) = 0 [pid 5965] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5965] write(3, "1000", 4) = 4 [pid 5965] close(3) = 0 [pid 5965] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5965] memfd_create("syzkaller", 0) = 3 [pid 5965] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5965] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5965] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5965] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5965] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5965] close(3) = 0 [pid 5965] mkdir("./file0", 0777) = 0 [pid 5965] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5965] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5965] chdir("./file0") = 0 [pid 5965] ioctl(4, LOOP_CLR_FD) = 0 [pid 5965] close(4) = 0 [pid 5965] exit_group(0) = ? [pid 5965] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5965, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./937", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./937", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./937/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./937/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./937/binderfs") = 0 umount2("./937/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./937/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./937/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./937/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./937/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./937/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./937") = 0 mkdir("./938", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 121.710319][ T5965] loop0: detected capacity change from 0 to 4096 [ 121.718853][ T5965] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5966 ./strace-static-x86_64: Process 5966 attached [pid 5966] chdir("./938") = 0 [pid 5966] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5966] setpgid(0, 0) = 0 [pid 5966] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5966] write(3, "1000", 4) = 4 [pid 5966] close(3) = 0 [pid 5966] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5966] memfd_create("syzkaller", 0) = 3 [pid 5966] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5966] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5966] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5966] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5966] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5966] close(3) = 0 [pid 5966] mkdir("./file0", 0777) = 0 [pid 5966] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5966] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5966] chdir("./file0") = 0 [pid 5966] ioctl(4, LOOP_CLR_FD) = 0 [pid 5966] close(4) = 0 [pid 5966] exit_group(0) = ? [pid 5966] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5966, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./938", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./938", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./938/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./938/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./938/binderfs") = 0 umount2("./938/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./938/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./938/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./938/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./938/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./938/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./938") = 0 mkdir("./939", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5967 ./strace-static-x86_64: Process 5967 attached [pid 5967] chdir("./939") = 0 [pid 5967] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5967] setpgid(0, 0) = 0 [pid 5967] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5967] write(3, "1000", 4) = 4 [pid 5967] close(3) = 0 [pid 5967] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5967] memfd_create("syzkaller", 0) = 3 [pid 5967] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 121.798959][ T5966] loop0: detected capacity change from 0 to 4096 [ 121.807489][ T5966] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5967] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5967] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5967] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5967] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5967] close(3) = 0 [pid 5967] mkdir("./file0", 0777) = 0 [pid 5967] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5967] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5967] chdir("./file0") = 0 [pid 5967] ioctl(4, LOOP_CLR_FD) = 0 [pid 5967] close(4) = 0 [pid 5967] exit_group(0) = ? [pid 5967] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5967, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=0} --- umount2("./939", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./939", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./939/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./939/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./939/binderfs") = 0 umount2("./939/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./939/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./939/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./939/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./939/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./939/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./939") = 0 mkdir("./940", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5968 ./strace-static-x86_64: Process 5968 attached [pid 5968] chdir("./940") = 0 [pid 5968] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5968] setpgid(0, 0) = 0 [pid 5968] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5968] write(3, "1000", 4) = 4 [pid 5968] close(3) = 0 [pid 5968] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5968] memfd_create("syzkaller", 0) = 3 [pid 5968] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 121.877019][ T5967] loop0: detected capacity change from 0 to 4096 [ 121.885519][ T5967] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5968] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5968] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5968] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5968] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5968] close(3) = 0 [pid 5968] mkdir("./file0", 0777) = 0 [pid 5968] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5968] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5968] chdir("./file0") = 0 [pid 5968] ioctl(4, LOOP_CLR_FD) = 0 [pid 5968] close(4) = 0 [pid 5968] exit_group(0) = ? [pid 5968] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5968, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./940", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./940", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./940/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./940/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./940/binderfs") = 0 umount2("./940/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./940/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./940/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./940/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./940/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./940/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./940") = 0 mkdir("./941", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 121.949791][ T5968] loop0: detected capacity change from 0 to 4096 [ 121.957888][ T5968] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5969 ./strace-static-x86_64: Process 5969 attached [pid 5969] chdir("./941") = 0 [pid 5969] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5969] setpgid(0, 0) = 0 [pid 5969] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5969] write(3, "1000", 4) = 4 [pid 5969] close(3) = 0 [pid 5969] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5969] memfd_create("syzkaller", 0) = 3 [pid 5969] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5969] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5969] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5969] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5969] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5969] close(3) = 0 [pid 5969] mkdir("./file0", 0777) = 0 [pid 5969] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5969] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5969] chdir("./file0") = 0 [pid 5969] ioctl(4, LOOP_CLR_FD) = 0 [pid 5969] close(4) = 0 [pid 5969] exit_group(0) = ? [pid 5969] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5969, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./941", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./941", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./941/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./941/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./941/binderfs") = 0 umount2("./941/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./941/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./941/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./941/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./941/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./941/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./941") = 0 mkdir("./942", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5970 ./strace-static-x86_64: Process 5970 attached [pid 5970] chdir("./942") = 0 [pid 5970] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5970] setpgid(0, 0) = 0 [pid 5970] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5970] write(3, "1000", 4) = 4 [pid 5970] close(3) = 0 [pid 5970] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5970] memfd_create("syzkaller", 0) = 3 [pid 5970] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 122.035722][ T5969] loop0: detected capacity change from 0 to 4096 [ 122.044564][ T5969] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5970] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5970] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5970] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5970] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5970] close(3) = 0 [pid 5970] mkdir("./file0", 0777) = 0 [pid 5970] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5970] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5970] chdir("./file0") = 0 [pid 5970] ioctl(4, LOOP_CLR_FD) = 0 [pid 5970] close(4) = 0 [pid 5970] exit_group(0) = ? [pid 5970] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5970, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./942", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./942", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./942/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./942/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./942/binderfs") = 0 umount2("./942/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./942/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./942/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./942/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./942/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./942/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./942") = 0 mkdir("./943", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5971 ./strace-static-x86_64: Process 5971 attached [pid 5971] chdir("./943") = 0 [pid 5971] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5971] setpgid(0, 0) = 0 [pid 5971] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5971] write(3, "1000", 4) = 4 [pid 5971] close(3) = 0 [pid 5971] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5971] memfd_create("syzkaller", 0) = 3 [pid 5971] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 122.113105][ T5970] loop0: detected capacity change from 0 to 4096 [ 122.121461][ T5970] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5971] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5971] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5971] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5971] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5971] close(3) = 0 [pid 5971] mkdir("./file0", 0777) = 0 [pid 5971] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5971] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5971] chdir("./file0") = 0 [pid 5971] ioctl(4, LOOP_CLR_FD) = 0 [pid 5971] close(4) = 0 [pid 5971] exit_group(0) = ? [pid 5971] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5971, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./943", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./943", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./943/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./943/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./943/binderfs") = 0 umount2("./943/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./943/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./943/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./943/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./943/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./943/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./943") = 0 mkdir("./944", 0777) = 0 [ 122.191982][ T5971] loop0: detected capacity change from 0 to 4096 [ 122.200463][ T5971] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5972 ./strace-static-x86_64: Process 5972 attached [pid 5972] chdir("./944") = 0 [pid 5972] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5972] setpgid(0, 0) = 0 [pid 5972] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5972] write(3, "1000", 4) = 4 [pid 5972] close(3) = 0 [pid 5972] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5972] memfd_create("syzkaller", 0) = 3 [pid 5972] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5972] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5972] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5972] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5972] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5972] close(3) = 0 [pid 5972] mkdir("./file0", 0777) = 0 [pid 5972] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5972] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5972] chdir("./file0") = 0 [pid 5972] ioctl(4, LOOP_CLR_FD) = 0 [pid 5972] close(4) = 0 [pid 5972] exit_group(0) = ? [pid 5972] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5972, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./944", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./944", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./944/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./944/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./944/binderfs") = 0 umount2("./944/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./944/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./944/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./944/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./944/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./944/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./944") = 0 mkdir("./945", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5973 ./strace-static-x86_64: Process 5973 attached [pid 5973] chdir("./945") = 0 [ 122.285740][ T5972] loop0: detected capacity change from 0 to 4096 [ 122.294085][ T5972] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5973] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5973] setpgid(0, 0) = 0 [pid 5973] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5973] write(3, "1000", 4) = 4 [pid 5973] close(3) = 0 [pid 5973] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5973] memfd_create("syzkaller", 0) = 3 [pid 5973] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5973] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5973] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5973] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5973] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5973] close(3) = 0 [pid 5973] mkdir("./file0", 0777) = 0 [pid 5973] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5973] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5973] chdir("./file0") = 0 [pid 5973] ioctl(4, LOOP_CLR_FD) = 0 [pid 5973] close(4) = 0 [pid 5973] exit_group(0) = ? [pid 5973] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5973, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./945", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./945", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./945/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./945/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./945/binderfs") = 0 umount2("./945/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./945/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./945/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./945/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./945/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./945/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./945") = 0 mkdir("./946", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 122.373130][ T5973] loop0: detected capacity change from 0 to 4096 [ 122.381387][ T5973] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5974 ./strace-static-x86_64: Process 5974 attached [pid 5974] chdir("./946") = 0 [pid 5974] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5974] setpgid(0, 0) = 0 [pid 5974] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5974] write(3, "1000", 4) = 4 [pid 5974] close(3) = 0 [pid 5974] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5974] memfd_create("syzkaller", 0) = 3 [pid 5974] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5974] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5974] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5974] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5974] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5974] close(3) = 0 [pid 5974] mkdir("./file0", 0777) = 0 [pid 5974] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5974] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5974] chdir("./file0") = 0 [pid 5974] ioctl(4, LOOP_CLR_FD) = 0 [pid 5974] close(4) = 0 [pid 5974] exit_group(0) = ? [pid 5974] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5974, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./946", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./946", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./946/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./946/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./946/binderfs") = 0 umount2("./946/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./946/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./946/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./946/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./946/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./946/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./946") = 0 [ 122.462494][ T5974] loop0: detected capacity change from 0 to 4096 [ 122.471466][ T5974] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./947", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5975 ./strace-static-x86_64: Process 5975 attached [pid 5975] chdir("./947") = 0 [pid 5975] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5975] setpgid(0, 0) = 0 [pid 5975] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5975] write(3, "1000", 4) = 4 [pid 5975] close(3) = 0 [pid 5975] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5975] memfd_create("syzkaller", 0) = 3 [pid 5975] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5975] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5975] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5975] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5975] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5975] close(3) = 0 [pid 5975] mkdir("./file0", 0777) = 0 [pid 5975] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5975] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5975] chdir("./file0") = 0 [pid 5975] ioctl(4, LOOP_CLR_FD) = 0 [pid 5975] close(4) = 0 [pid 5975] exit_group(0) = ? [pid 5975] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5975, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./947", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./947", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./947/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./947/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./947/binderfs") = 0 umount2("./947/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./947/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./947/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./947/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./947/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./947/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./947") = 0 mkdir("./948", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5976 ./strace-static-x86_64: Process 5976 attached [pid 5976] chdir("./948") = 0 [pid 5976] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5976] setpgid(0, 0) = 0 [pid 5976] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5976] write(3, "1000", 4) = 4 [pid 5976] close(3) = 0 [pid 5976] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5976] memfd_create("syzkaller", 0) = 3 [pid 5976] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 122.555653][ T5975] loop0: detected capacity change from 0 to 4096 [ 122.564091][ T5975] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5976] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5976] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5976] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5976] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5976] close(3) = 0 [pid 5976] mkdir("./file0", 0777) = 0 [pid 5976] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5976] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5976] chdir("./file0") = 0 [pid 5976] ioctl(4, LOOP_CLR_FD) = 0 [pid 5976] close(4) = 0 [pid 5976] exit_group(0) = ? [pid 5976] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5976, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./948", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./948", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./948/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./948/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./948/binderfs") = 0 umount2("./948/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./948/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./948/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./948/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./948/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./948/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./948") = 0 mkdir("./949", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5977 ./strace-static-x86_64: Process 5977 attached [pid 5977] chdir("./949") = 0 [pid 5977] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5977] setpgid(0, 0) = 0 [pid 5977] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5977] write(3, "1000", 4) = 4 [pid 5977] close(3) = 0 [pid 5977] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5977] memfd_create("syzkaller", 0) = 3 [pid 5977] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 122.640120][ T5976] loop0: detected capacity change from 0 to 4096 [ 122.648396][ T5976] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5977] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5977] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5977] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5977] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5977] close(3) = 0 [pid 5977] mkdir("./file0", 0777) = 0 [pid 5977] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5977] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5977] chdir("./file0") = 0 [pid 5977] ioctl(4, LOOP_CLR_FD) = 0 [pid 5977] close(4) = 0 [pid 5977] exit_group(0) = ? [pid 5977] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5977, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./949", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./949", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./949/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./949/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./949/binderfs") = 0 umount2("./949/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./949/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./949/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./949/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./949/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./949/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./949") = 0 mkdir("./950", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5978 ./strace-static-x86_64: Process 5978 attached [pid 5978] chdir("./950") = 0 [pid 5978] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5978] setpgid(0, 0) = 0 [pid 5978] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5978] write(3, "1000", 4) = 4 [pid 5978] close(3) = 0 [pid 5978] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5978] memfd_create("syzkaller", 0) = 3 [pid 5978] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 122.718617][ T5977] loop0: detected capacity change from 0 to 4096 [ 122.727342][ T5977] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5978] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5978] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5978] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5978] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5978] close(3) = 0 [pid 5978] mkdir("./file0", 0777) = 0 [pid 5978] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5978] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5978] chdir("./file0") = 0 [pid 5978] ioctl(4, LOOP_CLR_FD) = 0 [pid 5978] close(4) = 0 [pid 5978] exit_group(0) = ? [pid 5978] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5978, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./950", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./950", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./950/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./950/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./950/binderfs") = 0 umount2("./950/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./950/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./950/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./950/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./950/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./950/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./950") = 0 mkdir("./951", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5979 ./strace-static-x86_64: Process 5979 attached [ 122.800478][ T5978] loop0: detected capacity change from 0 to 4096 [ 122.808925][ T5978] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5979] chdir("./951") = 0 [pid 5979] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5979] setpgid(0, 0) = 0 [pid 5979] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5979] write(3, "1000", 4) = 4 [pid 5979] close(3) = 0 [pid 5979] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5979] memfd_create("syzkaller", 0) = 3 [pid 5979] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5979] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5979] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5979] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5979] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5979] close(3) = 0 [pid 5979] mkdir("./file0", 0777) = 0 [pid 5979] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5979] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5979] chdir("./file0") = 0 [pid 5979] ioctl(4, LOOP_CLR_FD) = 0 [pid 5979] close(4) = 0 [pid 5979] exit_group(0) = ? [pid 5979] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5979, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./951", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./951", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./951/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./951/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./951/binderfs") = 0 umount2("./951/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./951/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./951/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./951/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./951/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./951/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./951") = 0 mkdir("./952", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5980 attached , child_tidptr=0x5555568435d0) = 5980 [pid 5980] chdir("./952") = 0 [pid 5980] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5980] setpgid(0, 0) = 0 [pid 5980] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5980] write(3, "1000", 4) = 4 [pid 5980] close(3) = 0 [pid 5980] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5980] memfd_create("syzkaller", 0) = 3 [pid 5980] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 122.887471][ T5979] loop0: detected capacity change from 0 to 4096 [ 122.895893][ T5979] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5980] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5980] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5980] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5980] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5980] close(3) = 0 [pid 5980] mkdir("./file0", 0777) = 0 [pid 5980] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5980] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5980] chdir("./file0") = 0 [pid 5980] ioctl(4, LOOP_CLR_FD) = 0 [pid 5980] close(4) = 0 [pid 5980] exit_group(0) = ? [pid 5980] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5980, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./952", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./952", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./952/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./952/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./952/binderfs") = 0 umount2("./952/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./952/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./952/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./952/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./952/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./952/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./952") = 0 mkdir("./953", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5981 [ 122.962004][ T5980] loop0: detected capacity change from 0 to 4096 [ 122.971194][ T5980] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ./strace-static-x86_64: Process 5981 attached [pid 5981] chdir("./953") = 0 [pid 5981] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5981] setpgid(0, 0) = 0 [pid 5981] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5981] write(3, "1000", 4) = 4 [pid 5981] close(3) = 0 [pid 5981] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5981] memfd_create("syzkaller", 0) = 3 [pid 5981] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5981] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5981] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5981] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5981] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5981] close(3) = 0 [pid 5981] mkdir("./file0", 0777) = 0 [pid 5981] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5981] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5981] chdir("./file0") = 0 [pid 5981] ioctl(4, LOOP_CLR_FD) = 0 [pid 5981] close(4) = 0 [pid 5981] exit_group(0) = ? [pid 5981] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5981, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./953", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./953", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./953/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./953/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./953/binderfs") = 0 umount2("./953/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./953/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./953/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./953/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./953/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./953/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./953") = 0 mkdir("./954", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5982 ./strace-static-x86_64: Process 5982 attached [pid 5982] chdir("./954") = 0 [pid 5982] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5982] setpgid(0, 0) = 0 [pid 5982] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5982] write(3, "1000", 4) = 4 [pid 5982] close(3) = 0 [pid 5982] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5982] memfd_create("syzkaller", 0) = 3 [pid 5982] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 123.049274][ T5981] loop0: detected capacity change from 0 to 4096 [ 123.057731][ T5981] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5982] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5982] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5982] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5982] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5982] close(3) = 0 [pid 5982] mkdir("./file0", 0777) = 0 [pid 5982] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5982] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5982] chdir("./file0") = 0 [pid 5982] ioctl(4, LOOP_CLR_FD) = 0 [pid 5982] close(4) = 0 [pid 5982] exit_group(0) = ? [pid 5982] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5982, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./954", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./954", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./954/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./954/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./954/binderfs") = 0 umount2("./954/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./954/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./954/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./954/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./954/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./954/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./954") = 0 mkdir("./955", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5983 ./strace-static-x86_64: Process 5983 attached [pid 5983] chdir("./955") = 0 [pid 5983] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5983] setpgid(0, 0) = 0 [pid 5983] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5983] write(3, "1000", 4) = 4 [pid 5983] close(3) = 0 [pid 5983] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5983] memfd_create("syzkaller", 0) = 3 [pid 5983] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 123.126237][ T5982] loop0: detected capacity change from 0 to 4096 [ 123.134440][ T5982] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5983] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5983] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5983] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5983] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5983] close(3) = 0 [pid 5983] mkdir("./file0", 0777) = 0 [pid 5983] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5983] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5983] chdir("./file0") = 0 [pid 5983] ioctl(4, LOOP_CLR_FD) = 0 [pid 5983] close(4) = 0 [pid 5983] exit_group(0) = ? [pid 5983] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5983, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./955", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./955", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./955/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./955/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./955/binderfs") = 0 umount2("./955/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./955/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./955/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./955/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./955/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./955/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./955") = 0 mkdir("./956", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5984 ./strace-static-x86_64: Process 5984 attached [pid 5984] chdir("./956") = 0 [pid 5984] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5984] setpgid(0, 0) = 0 [pid 5984] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5984] write(3, "1000", 4) = 4 [pid 5984] close(3) = 0 [pid 5984] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5984] memfd_create("syzkaller", 0) = 3 [pid 5984] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 123.208979][ T5983] loop0: detected capacity change from 0 to 4096 [ 123.217433][ T5983] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5984] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5984] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5984] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5984] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5984] close(3) = 0 [pid 5984] mkdir("./file0", 0777) = 0 [pid 5984] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5984] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5984] chdir("./file0") = 0 [pid 5984] ioctl(4, LOOP_CLR_FD) = 0 [pid 5984] close(4) = 0 [pid 5984] exit_group(0) = ? [pid 5984] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5984, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./956", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./956", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./956/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./956/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./956/binderfs") = 0 umount2("./956/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./956/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./956/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./956/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./956/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./956/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./956") = 0 mkdir("./957", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5985 ./strace-static-x86_64: Process 5985 attached [pid 5985] chdir("./957") = 0 [ 123.283863][ T5984] loop0: detected capacity change from 0 to 4096 [ 123.292471][ T5984] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5985] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5985] setpgid(0, 0) = 0 [pid 5985] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5985] write(3, "1000", 4) = 4 [pid 5985] close(3) = 0 [pid 5985] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5985] memfd_create("syzkaller", 0) = 3 [pid 5985] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5985] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5985] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5985] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5985] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5985] close(3) = 0 [pid 5985] mkdir("./file0", 0777) = 0 [pid 5985] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5985] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5985] chdir("./file0") = 0 [pid 5985] ioctl(4, LOOP_CLR_FD) = 0 [pid 5985] close(4) = 0 [pid 5985] exit_group(0) = ? [pid 5985] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5985, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./957", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./957", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./957/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./957/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./957/binderfs") = 0 umount2("./957/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./957/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./957/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./957/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./957/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./957/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./957") = 0 mkdir("./958", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 123.368491][ T5985] loop0: detected capacity change from 0 to 4096 [ 123.377207][ T5985] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5986 ./strace-static-x86_64: Process 5986 attached [pid 5986] chdir("./958") = 0 [pid 5986] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5986] setpgid(0, 0) = 0 [pid 5986] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5986] write(3, "1000", 4) = 4 [pid 5986] close(3) = 0 [pid 5986] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5986] memfd_create("syzkaller", 0) = 3 [pid 5986] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5986] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5986] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5986] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5986] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5986] close(3) = 0 [pid 5986] mkdir("./file0", 0777) = 0 [pid 5986] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5986] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5986] chdir("./file0") = 0 [pid 5986] ioctl(4, LOOP_CLR_FD) = 0 [pid 5986] close(4) = 0 [pid 5986] exit_group(0) = ? [pid 5986] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5986, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./958", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./958", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./958/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./958/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./958/binderfs") = 0 umount2("./958/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./958/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./958/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./958/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./958/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./958/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./958") = 0 mkdir("./959", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5987 ./strace-static-x86_64: Process 5987 attached [pid 5987] chdir("./959") = 0 [pid 5987] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5987] setpgid(0, 0) = 0 [pid 5987] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5987] write(3, "1000", 4) = 4 [pid 5987] close(3) = 0 [ 123.455352][ T5986] loop0: detected capacity change from 0 to 4096 [ 123.463704][ T5986] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5987] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5987] memfd_create("syzkaller", 0) = 3 [pid 5987] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5987] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5987] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5987] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5987] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5987] close(3) = 0 [pid 5987] mkdir("./file0", 0777) = 0 [pid 5987] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5987] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5987] chdir("./file0") = 0 [pid 5987] ioctl(4, LOOP_CLR_FD) = 0 [pid 5987] close(4) = 0 [pid 5987] exit_group(0) = ? [pid 5987] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5987, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./959", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./959", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./959/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./959/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./959/binderfs") = 0 umount2("./959/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./959/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./959/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./959/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./959/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./959/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./959") = 0 mkdir("./960", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5988 ./strace-static-x86_64: Process 5988 attached [pid 5988] chdir("./960") = 0 [pid 5988] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5988] setpgid(0, 0) = 0 [pid 5988] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5988] write(3, "1000", 4) = 4 [pid 5988] close(3) = 0 [pid 5988] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5988] memfd_create("syzkaller", 0) = 3 [ 123.536633][ T5987] loop0: detected capacity change from 0 to 4096 [ 123.544796][ T5987] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5988] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5988] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5988] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5988] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5988] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5988] close(3) = 0 [pid 5988] mkdir("./file0", 0777) = 0 [pid 5988] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5988] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5988] chdir("./file0") = 0 [pid 5988] ioctl(4, LOOP_CLR_FD) = 0 [pid 5988] close(4) = 0 [pid 5988] exit_group(0) = ? [pid 5988] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5988, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./960", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./960", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./960/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./960/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./960/binderfs") = 0 umount2("./960/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./960/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./960/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./960/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./960/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./960/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./960") = 0 mkdir("./961", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5989 [ 123.621283][ T5988] loop0: detected capacity change from 0 to 4096 [ 123.629489][ T5988] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ./strace-static-x86_64: Process 5989 attached [pid 5989] chdir("./961") = 0 [pid 5989] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5989] setpgid(0, 0) = 0 [pid 5989] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5989] write(3, "1000", 4) = 4 [pid 5989] close(3) = 0 [pid 5989] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5989] memfd_create("syzkaller", 0) = 3 [pid 5989] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5989] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5989] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5989] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5989] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5989] close(3) = 0 [pid 5989] mkdir("./file0", 0777) = 0 [pid 5989] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5989] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5989] chdir("./file0") = 0 [pid 5989] ioctl(4, LOOP_CLR_FD) = 0 [pid 5989] close(4) = 0 [pid 5989] exit_group(0) = ? [pid 5989] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5989, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./961", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./961", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./961/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./961/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./961/binderfs") = 0 umount2("./961/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./961/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./961/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./961/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./961/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./961/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./961") = 0 mkdir("./962", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5990 attached , child_tidptr=0x5555568435d0) = 5990 [pid 5990] chdir("./962") = 0 [pid 5990] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5990] setpgid(0, 0) = 0 [pid 5990] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5990] write(3, "1000", 4) = 4 [pid 5990] close(3) = 0 [pid 5990] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5990] memfd_create("syzkaller", 0) = 3 [pid 5990] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 123.710043][ T5989] loop0: detected capacity change from 0 to 4096 [ 123.718060][ T5989] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5990] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5990] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5990] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5990] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5990] close(3) = 0 [pid 5990] mkdir("./file0", 0777) = 0 [pid 5990] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5990] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5990] chdir("./file0") = 0 [pid 5990] ioctl(4, LOOP_CLR_FD) = 0 [pid 5990] close(4) = 0 [pid 5990] exit_group(0) = ? [pid 5990] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5990, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./962", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./962", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./962/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./962/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./962/binderfs") = 0 umount2("./962/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./962/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./962/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./962/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./962/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./962/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./962") = 0 mkdir("./963", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5991 ./strace-static-x86_64: Process 5991 attached [pid 5991] chdir("./963") = 0 [pid 5991] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5991] setpgid(0, 0) = 0 [pid 5991] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5991] write(3, "1000", 4) = 4 [pid 5991] close(3) = 0 [pid 5991] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5991] memfd_create("syzkaller", 0) = 3 [ 123.796060][ T5990] loop0: detected capacity change from 0 to 4096 [ 123.804993][ T5990] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5991] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5991] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5991] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5991] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5991] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5991] close(3) = 0 [pid 5991] mkdir("./file0", 0777) = 0 [pid 5991] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5991] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5991] chdir("./file0") = 0 [pid 5991] ioctl(4, LOOP_CLR_FD) = 0 [pid 5991] close(4) = 0 [pid 5991] exit_group(0) = ? [pid 5991] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5991, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./963", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./963", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./963/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./963/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./963/binderfs") = 0 umount2("./963/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./963/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./963/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./963/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./963/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./963/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./963") = 0 mkdir("./964", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5992 ./strace-static-x86_64: Process 5992 attached [pid 5992] chdir("./964") = 0 [pid 5992] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5992] setpgid(0, 0) = 0 [pid 5992] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5992] write(3, "1000", 4) = 4 [pid 5992] close(3) = 0 [pid 5992] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5992] memfd_create("syzkaller", 0) = 3 [pid 5992] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 123.877869][ T5991] loop0: detected capacity change from 0 to 4096 [ 123.886709][ T5991] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5992] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5992] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5992] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5992] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5992] close(3) = 0 [pid 5992] mkdir("./file0", 0777) = 0 [pid 5992] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5992] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5992] chdir("./file0") = 0 [pid 5992] ioctl(4, LOOP_CLR_FD) = 0 [pid 5992] close(4) = 0 [pid 5992] exit_group(0) = ? [pid 5992] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5992, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./964", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./964", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./964/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./964/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./964/binderfs") = 0 umount2("./964/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./964/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./964/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./964/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./964/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./964/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./964") = 0 mkdir("./965", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5993 ./strace-static-x86_64: Process 5993 attached [ 123.964273][ T5992] loop0: detected capacity change from 0 to 4096 [ 123.972697][ T5992] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5993] chdir("./965") = 0 [pid 5993] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5993] setpgid(0, 0) = 0 [pid 5993] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5993] write(3, "1000", 4) = 4 [pid 5993] close(3) = 0 [pid 5993] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5993] memfd_create("syzkaller", 0) = 3 [pid 5993] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5993] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5993] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5993] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5993] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5993] close(3) = 0 [pid 5993] mkdir("./file0", 0777) = 0 [pid 5993] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5993] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5993] chdir("./file0") = 0 [pid 5993] ioctl(4, LOOP_CLR_FD) = 0 [pid 5993] close(4) = 0 [pid 5993] exit_group(0) = ? [pid 5993] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5993, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./965", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./965", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./965/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./965/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./965/binderfs") = 0 umount2("./965/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./965/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./965/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./965/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./965/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./965/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./965") = 0 mkdir("./966", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 124.050219][ T5993] loop0: detected capacity change from 0 to 4096 [ 124.058862][ T5993] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5994 ./strace-static-x86_64: Process 5994 attached [pid 5994] chdir("./966") = 0 [pid 5994] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5994] setpgid(0, 0) = 0 [pid 5994] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5994] write(3, "1000", 4) = 4 [pid 5994] close(3) = 0 [pid 5994] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5994] memfd_create("syzkaller", 0) = 3 [pid 5994] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5994] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5994] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5994] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5994] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5994] close(3) = 0 [pid 5994] mkdir("./file0", 0777) = 0 [pid 5994] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5994] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5994] chdir("./file0") = 0 [pid 5994] ioctl(4, LOOP_CLR_FD) = 0 [pid 5994] close(4) = 0 [pid 5994] exit_group(0) = ? [pid 5994] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5994, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./966", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./966", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./966/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./966/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./966/binderfs") = 0 umount2("./966/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./966/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./966/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./966/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./966/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./966/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./966") = 0 mkdir("./967", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5995 ./strace-static-x86_64: Process 5995 attached [pid 5995] chdir("./967") = 0 [pid 5995] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5995] setpgid(0, 0) = 0 [pid 5995] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5995] write(3, "1000", 4) = 4 [pid 5995] close(3) = 0 [pid 5995] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5995] memfd_create("syzkaller", 0) = 3 [pid 5995] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 124.132891][ T5994] loop0: detected capacity change from 0 to 4096 [ 124.141138][ T5994] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5995] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5995] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5995] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5995] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5995] close(3) = 0 [pid 5995] mkdir("./file0", 0777) = 0 [pid 5995] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5995] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5995] chdir("./file0") = 0 [pid 5995] ioctl(4, LOOP_CLR_FD) = 0 [pid 5995] close(4) = 0 [pid 5995] exit_group(0) = ? [pid 5995] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5995, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./967", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./967", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./967/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./967/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./967/binderfs") = 0 umount2("./967/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./967/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./967/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./967/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./967/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./967/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./967") = 0 mkdir("./968", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5996 ./strace-static-x86_64: Process 5996 attached [pid 5996] chdir("./968") = 0 [pid 5996] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5996] setpgid(0, 0) = 0 [pid 5996] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5996] write(3, "1000", 4) = 4 [pid 5996] close(3) = 0 [pid 5996] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5996] memfd_create("syzkaller", 0) = 3 [pid 5996] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 124.210599][ T5995] loop0: detected capacity change from 0 to 4096 [ 124.219071][ T5995] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5996] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5996] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5996] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5996] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5996] close(3) = 0 [pid 5996] mkdir("./file0", 0777) = 0 [pid 5996] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5996] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5996] chdir("./file0") = 0 [pid 5996] ioctl(4, LOOP_CLR_FD) = 0 [pid 5996] close(4) = 0 [pid 5996] exit_group(0) = ? [pid 5996] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5996, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- umount2("./968", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./968", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./968/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./968/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./968/binderfs") = 0 umount2("./968/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./968/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./968/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./968/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./968/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./968/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./968") = 0 mkdir("./969", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5997 attached , child_tidptr=0x5555568435d0) = 5997 [pid 5997] chdir("./969") = 0 [pid 5997] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5997] setpgid(0, 0) = 0 [pid 5997] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5997] write(3, "1000", 4) = 4 [pid 5997] close(3) = 0 [pid 5997] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5997] memfd_create("syzkaller", 0) = 3 [ 124.282043][ T5996] loop0: detected capacity change from 0 to 4096 [ 124.290475][ T5996] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5997] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5997] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5997] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5997] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5997] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5997] close(3) = 0 [pid 5997] mkdir("./file0", 0777) = 0 [pid 5997] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5997] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5997] chdir("./file0") = 0 [pid 5997] ioctl(4, LOOP_CLR_FD) = 0 [pid 5997] close(4) = 0 [pid 5997] exit_group(0) = ? [pid 5997] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5997, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./969", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./969", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./969/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./969/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./969/binderfs") = 0 umount2("./969/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./969/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./969/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./969/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./969/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./969/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./969") = 0 mkdir("./970", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5998 attached , child_tidptr=0x5555568435d0) = 5998 [pid 5998] chdir("./970") = 0 [pid 5998] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5998] setpgid(0, 0) = 0 [pid 5998] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5998] write(3, "1000", 4) = 4 [pid 5998] close(3) = 0 [pid 5998] symlink("/dev/binderfs", "./binderfs") = 0 [ 124.366929][ T5997] loop0: detected capacity change from 0 to 4096 [ 124.374816][ T5997] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5998] memfd_create("syzkaller", 0) = 3 [pid 5998] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5998] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5998] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5998] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5998] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5998] close(3) = 0 [pid 5998] mkdir("./file0", 0777) = 0 [pid 5998] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5998] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5998] chdir("./file0") = 0 [pid 5998] ioctl(4, LOOP_CLR_FD) = 0 [pid 5998] close(4) = 0 [pid 5998] exit_group(0) = ? [pid 5998] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5998, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./970", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./970", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./970/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./970/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./970/binderfs") = 0 umount2("./970/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./970/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./970/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./970/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./970/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./970/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 [ 124.449502][ T5998] loop0: detected capacity change from 0 to 4096 [ 124.457782][ T5998] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). rmdir("./970") = 0 mkdir("./971", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 5999 ./strace-static-x86_64: Process 5999 attached [pid 5999] chdir("./971") = 0 [pid 5999] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5999] setpgid(0, 0) = 0 [pid 5999] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5999] write(3, "1000", 4) = 4 [pid 5999] close(3) = 0 [pid 5999] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5999] memfd_create("syzkaller", 0) = 3 [pid 5999] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5999] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5999] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 5999] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5999] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5999] close(3) = 0 [pid 5999] mkdir("./file0", 0777) = 0 [pid 5999] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 5999] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5999] chdir("./file0") = 0 [pid 5999] ioctl(4, LOOP_CLR_FD) = 0 [pid 5999] close(4) = 0 [pid 5999] exit_group(0) = ? [pid 5999] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5999, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./971", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./971", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./971/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./971/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./971/binderfs") = 0 umount2("./971/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./971/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./971/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./971/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./971/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./971/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./971") = 0 mkdir("./972", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6000 attached , child_tidptr=0x5555568435d0) = 6000 [pid 6000] chdir("./972") = 0 [pid 6000] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6000] setpgid(0, 0) = 0 [pid 6000] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6000] write(3, "1000", 4) = 4 [pid 6000] close(3) = 0 [pid 6000] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6000] memfd_create("syzkaller", 0) = 3 [pid 6000] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 124.545030][ T5999] loop0: detected capacity change from 0 to 4096 [ 124.553459][ T5999] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6000] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6000] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6000] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6000] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6000] close(3) = 0 [pid 6000] mkdir("./file0", 0777) = 0 [pid 6000] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6000] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6000] chdir("./file0") = 0 [pid 6000] ioctl(4, LOOP_CLR_FD) = 0 [pid 6000] close(4) = 0 [pid 6000] exit_group(0) = ? [pid 6000] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6000, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=1 /* 0.01 s */} --- umount2("./972", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./972", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./972/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./972/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./972/binderfs") = 0 umount2("./972/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./972/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./972/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./972/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./972/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./972/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./972") = 0 mkdir("./973", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6001 ./strace-static-x86_64: Process 6001 attached [pid 6001] chdir("./973") = 0 [pid 6001] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6001] setpgid(0, 0) = 0 [pid 6001] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6001] write(3, "1000", 4) = 4 [pid 6001] close(3) = 0 [pid 6001] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6001] memfd_create("syzkaller", 0) = 3 [pid 6001] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 124.626360][ T6000] loop0: detected capacity change from 0 to 4096 [ 124.635069][ T6000] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6001] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6001] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6001] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6001] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6001] close(3) = 0 [pid 6001] mkdir("./file0", 0777) = 0 [pid 6001] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6001] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6001] chdir("./file0") = 0 [pid 6001] ioctl(4, LOOP_CLR_FD) = 0 [pid 6001] close(4) = 0 [pid 6001] exit_group(0) = ? [pid 6001] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6001, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./973", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./973", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./973/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./973/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./973/binderfs") = 0 umount2("./973/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./973/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./973/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./973/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./973/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./973/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./973") = 0 mkdir("./974", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6002 ./strace-static-x86_64: Process 6002 attached [pid 6002] chdir("./974") = 0 [pid 6002] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6002] setpgid(0, 0) = 0 [pid 6002] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6002] write(3, "1000", 4) = 4 [pid 6002] close(3) = 0 [pid 6002] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6002] memfd_create("syzkaller", 0) = 3 [pid 6002] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 124.706885][ T6001] loop0: detected capacity change from 0 to 4096 [ 124.715477][ T6001] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6002] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6002] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6002] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6002] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6002] close(3) = 0 [pid 6002] mkdir("./file0", 0777) = 0 [pid 6002] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6002] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6002] chdir("./file0") = 0 [pid 6002] ioctl(4, LOOP_CLR_FD) = 0 [pid 6002] close(4) = 0 [pid 6002] exit_group(0) = ? [pid 6002] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6002, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./974", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./974", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./974/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./974/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./974/binderfs") = 0 umount2("./974/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./974/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./974/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./974/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./974/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./974/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./974") = 0 mkdir("./975", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6003 ./strace-static-x86_64: Process 6003 attached [pid 6003] chdir("./975") = 0 [pid 6003] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6003] setpgid(0, 0) = 0 [pid 6003] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6003] write(3, "1000", 4) = 4 [pid 6003] close(3) = 0 [pid 6003] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6003] memfd_create("syzkaller", 0) = 3 [pid 6003] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 124.789175][ T6002] loop0: detected capacity change from 0 to 4096 [ 124.797541][ T6002] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6003] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6003] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6003] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6003] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6003] close(3) = 0 [pid 6003] mkdir("./file0", 0777) = 0 [pid 6003] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6003] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6003] chdir("./file0") = 0 [pid 6003] ioctl(4, LOOP_CLR_FD) = 0 [pid 6003] close(4) = 0 [pid 6003] exit_group(0) = ? [pid 6003] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6003, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./975", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./975", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./975/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./975/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./975/binderfs") = 0 umount2("./975/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./975/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./975/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./975/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./975/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./975/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./975") = 0 mkdir("./976", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 124.868744][ T6003] loop0: detected capacity change from 0 to 4096 [ 124.877160][ T6003] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6004 attached , child_tidptr=0x5555568435d0) = 6004 [pid 6004] chdir("./976") = 0 [pid 6004] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6004] setpgid(0, 0) = 0 [pid 6004] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6004] write(3, "1000", 4) = 4 [pid 6004] close(3) = 0 [pid 6004] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6004] memfd_create("syzkaller", 0) = 3 [pid 6004] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6004] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6004] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6004] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6004] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6004] close(3) = 0 [pid 6004] mkdir("./file0", 0777) = 0 [pid 6004] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6004] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6004] chdir("./file0") = 0 [pid 6004] ioctl(4, LOOP_CLR_FD) = 0 [pid 6004] close(4) = 0 [pid 6004] exit_group(0) = ? [pid 6004] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6004, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./976", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./976", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./976/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./976/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./976/binderfs") = 0 umount2("./976/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./976/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./976/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./976/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./976/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./976/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./976") = 0 mkdir("./977", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6005 attached , child_tidptr=0x5555568435d0) = 6005 [pid 6005] chdir("./977") = 0 [pid 6005] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6005] setpgid(0, 0) = 0 [pid 6005] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 124.955179][ T6004] loop0: detected capacity change from 0 to 4096 [ 124.963222][ T6004] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6005] write(3, "1000", 4) = 4 [pid 6005] close(3) = 0 [pid 6005] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6005] memfd_create("syzkaller", 0) = 3 [pid 6005] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6005] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6005] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6005] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6005] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6005] close(3) = 0 [pid 6005] mkdir("./file0", 0777) = 0 [pid 6005] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6005] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6005] chdir("./file0") = 0 [pid 6005] ioctl(4, LOOP_CLR_FD) = 0 [pid 6005] close(4) = 0 [pid 6005] exit_group(0) = ? [pid 6005] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6005, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./977", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./977", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./977/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./977/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./977/binderfs") = 0 umount2("./977/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./977/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./977/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./977/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./977/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./977/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./977") = 0 mkdir("./978", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 125.035184][ T6005] loop0: detected capacity change from 0 to 4096 [ 125.043633][ T6005] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6006 ./strace-static-x86_64: Process 6006 attached [pid 6006] chdir("./978") = 0 [pid 6006] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6006] setpgid(0, 0) = 0 [pid 6006] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6006] write(3, "1000", 4) = 4 [pid 6006] close(3) = 0 [pid 6006] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6006] memfd_create("syzkaller", 0) = 3 [pid 6006] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6006] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6006] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6006] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6006] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6006] close(3) = 0 [pid 6006] mkdir("./file0", 0777) = 0 [pid 6006] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6006] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6006] chdir("./file0") = 0 [pid 6006] ioctl(4, LOOP_CLR_FD) = 0 [pid 6006] close(4) = 0 [pid 6006] exit_group(0) = ? [pid 6006] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6006, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./978", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./978", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./978/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./978/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./978/binderfs") = 0 umount2("./978/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./978/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./978/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./978/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./978/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./978/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./978") = 0 mkdir("./979", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6007 ./strace-static-x86_64: Process 6007 attached [pid 6007] chdir("./979") = 0 [pid 6007] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6007] setpgid(0, 0) = 0 [pid 6007] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6007] write(3, "1000", 4) = 4 [pid 6007] close(3) = 0 [pid 6007] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6007] memfd_create("syzkaller", 0) = 3 [pid 6007] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 125.119299][ T6006] loop0: detected capacity change from 0 to 4096 [ 125.128151][ T6006] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6007] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6007] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6007] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6007] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6007] close(3) = 0 [pid 6007] mkdir("./file0", 0777) = 0 [pid 6007] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6007] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6007] chdir("./file0") = 0 [pid 6007] ioctl(4, LOOP_CLR_FD) = 0 [pid 6007] close(4) = 0 [pid 6007] exit_group(0) = ? [pid 6007] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6007, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=1 /* 0.01 s */} --- umount2("./979", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./979", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./979/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./979/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./979/binderfs") = 0 umount2("./979/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./979/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./979/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./979/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./979/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./979/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./979") = 0 mkdir("./980", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6008 ./strace-static-x86_64: Process 6008 attached [pid 6008] chdir("./980") = 0 [pid 6008] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6008] setpgid(0, 0) = 0 [pid 6008] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6008] write(3, "1000", 4) = 4 [pid 6008] close(3) = 0 [pid 6008] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6008] memfd_create("syzkaller", 0) = 3 [pid 6008] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 125.197846][ T6007] loop0: detected capacity change from 0 to 4096 [ 125.205981][ T6007] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6008] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6008] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6008] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6008] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6008] close(3) = 0 [pid 6008] mkdir("./file0", 0777) = 0 [pid 6008] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6008] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6008] chdir("./file0") = 0 [pid 6008] ioctl(4, LOOP_CLR_FD) = 0 [pid 6008] close(4) = 0 [pid 6008] exit_group(0) = ? [pid 6008] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6008, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./980", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./980", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./980/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./980/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./980/binderfs") = 0 umount2("./980/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./980/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./980/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./980/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./980/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./980/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./980") = 0 mkdir("./981", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6009 ./strace-static-x86_64: Process 6009 attached [pid 6009] chdir("./981") = 0 [pid 6009] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6009] setpgid(0, 0) = 0 [pid 6009] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6009] write(3, "1000", 4) = 4 [pid 6009] close(3) = 0 [pid 6009] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6009] memfd_create("syzkaller", 0) = 3 [ 125.280558][ T6008] loop0: detected capacity change from 0 to 4096 [ 125.289066][ T6008] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6009] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6009] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6009] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6009] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6009] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6009] close(3) = 0 [pid 6009] mkdir("./file0", 0777) = 0 [pid 6009] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6009] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6009] chdir("./file0") = 0 [pid 6009] ioctl(4, LOOP_CLR_FD) = 0 [pid 6009] close(4) = 0 [pid 6009] exit_group(0) = ? [pid 6009] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6009, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./981", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./981", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./981/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./981/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./981/binderfs") = 0 umount2("./981/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./981/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./981/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./981/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./981/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./981/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./981") = 0 mkdir("./982", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6010 ./strace-static-x86_64: Process 6010 attached [pid 6010] chdir("./982") = 0 [ 125.363486][ T6009] loop0: detected capacity change from 0 to 4096 [ 125.372116][ T6009] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6010] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6010] setpgid(0, 0) = 0 [pid 6010] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6010] write(3, "1000", 4) = 4 [pid 6010] close(3) = 0 [pid 6010] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6010] memfd_create("syzkaller", 0) = 3 [pid 6010] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6010] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6010] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6010] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6010] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6010] close(3) = 0 [pid 6010] mkdir("./file0", 0777) = 0 [pid 6010] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6010] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6010] chdir("./file0") = 0 [pid 6010] ioctl(4, LOOP_CLR_FD) = 0 [pid 6010] close(4) = 0 [pid 6010] exit_group(0) = ? [pid 6010] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6010, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./982", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./982", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./982/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./982/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./982/binderfs") = 0 umount2("./982/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./982/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./982/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./982/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./982/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./982/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./982") = 0 mkdir("./983", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6011 ./strace-static-x86_64: Process 6011 attached [pid 6011] chdir("./983") = 0 [ 125.449957][ T6010] loop0: detected capacity change from 0 to 4096 [ 125.458242][ T6010] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6011] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6011] setpgid(0, 0) = 0 [pid 6011] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6011] write(3, "1000", 4) = 4 [pid 6011] close(3) = 0 [pid 6011] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6011] memfd_create("syzkaller", 0) = 3 [pid 6011] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6011] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6011] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6011] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6011] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6011] close(3) = 0 [pid 6011] mkdir("./file0", 0777) = 0 [pid 6011] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6011] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6011] chdir("./file0") = 0 [pid 6011] ioctl(4, LOOP_CLR_FD) = 0 [pid 6011] close(4) = 0 [pid 6011] exit_group(0) = ? [pid 6011] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6011, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./983", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./983", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./983/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./983/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./983/binderfs") = 0 umount2("./983/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./983/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./983/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./983/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./983/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./983/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./983") = 0 mkdir("./984", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6012 ./strace-static-x86_64: Process 6012 attached [pid 6012] chdir("./984") = 0 [pid 6012] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6012] setpgid(0, 0) = 0 [pid 6012] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6012] write(3, "1000", 4) = 4 [pid 6012] close(3) = 0 [pid 6012] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6012] memfd_create("syzkaller", 0) = 3 [ 125.536355][ T6011] loop0: detected capacity change from 0 to 4096 [ 125.544404][ T6011] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6012] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6012] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6012] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6012] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6012] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6012] close(3) = 0 [pid 6012] mkdir("./file0", 0777) = 0 [pid 6012] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6012] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6012] chdir("./file0") = 0 [pid 6012] ioctl(4, LOOP_CLR_FD) = 0 [pid 6012] close(4) = 0 [pid 6012] exit_group(0) = ? [pid 6012] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6012, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./984", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./984", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./984/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./984/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./984/binderfs") = 0 umount2("./984/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./984/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./984/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./984/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./984/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./984/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./984") = 0 mkdir("./985", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6013 ./strace-static-x86_64: Process 6013 attached [pid 6013] chdir("./985") = 0 [pid 6013] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 125.614993][ T6012] loop0: detected capacity change from 0 to 4096 [ 125.623389][ T6012] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6013] setpgid(0, 0) = 0 [pid 6013] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6013] write(3, "1000", 4) = 4 [pid 6013] close(3) = 0 [pid 6013] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6013] memfd_create("syzkaller", 0) = 3 [pid 6013] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6013] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6013] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6013] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6013] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6013] close(3) = 0 [pid 6013] mkdir("./file0", 0777) = 0 [pid 6013] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6013] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6013] chdir("./file0") = 0 [pid 6013] ioctl(4, LOOP_CLR_FD) = 0 [pid 6013] close(4) = 0 [pid 6013] exit_group(0) = ? [pid 6013] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6013, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./985", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./985", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./985/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./985/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./985/binderfs") = 0 umount2("./985/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./985/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./985/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./985/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./985/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./985/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./985") = 0 mkdir("./986", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 125.700355][ T6013] loop0: detected capacity change from 0 to 4096 [ 125.709316][ T6013] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6014 ./strace-static-x86_64: Process 6014 attached [pid 6014] chdir("./986") = 0 [pid 6014] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6014] setpgid(0, 0) = 0 [pid 6014] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6014] write(3, "1000", 4) = 4 [pid 6014] close(3) = 0 [pid 6014] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6014] memfd_create("syzkaller", 0) = 3 [pid 6014] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6014] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6014] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6014] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6014] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6014] close(3) = 0 [pid 6014] mkdir("./file0", 0777) = 0 [pid 6014] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6014] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6014] chdir("./file0") = 0 [pid 6014] ioctl(4, LOOP_CLR_FD) = 0 [pid 6014] close(4) = 0 [pid 6014] exit_group(0) = ? [pid 6014] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6014, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./986", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./986", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./986/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./986/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./986/binderfs") = 0 umount2("./986/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./986/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./986/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./986/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./986/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./986/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./986") = 0 mkdir("./987", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6015 ./strace-static-x86_64: Process 6015 attached [pid 6015] chdir("./987") = 0 [pid 6015] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6015] setpgid(0, 0) = 0 [pid 6015] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6015] write(3, "1000", 4) = 4 [pid 6015] close(3) = 0 [pid 6015] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6015] memfd_create("syzkaller", 0) = 3 [pid 6015] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 125.787882][ T6014] loop0: detected capacity change from 0 to 4096 [ 125.796180][ T6014] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6015] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6015] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6015] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6015] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6015] close(3) = 0 [pid 6015] mkdir("./file0", 0777) = 0 [pid 6015] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6015] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6015] chdir("./file0") = 0 [pid 6015] ioctl(4, LOOP_CLR_FD) = 0 [pid 6015] close(4) = 0 [pid 6015] exit_group(0) = ? [pid 6015] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6015, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./987", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./987", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./987/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./987/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./987/binderfs") = 0 umount2("./987/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./987/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./987/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./987/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./987/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./987/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./987") = 0 mkdir("./988", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 125.870014][ T6015] loop0: detected capacity change from 0 to 4096 [ 125.878810][ T6015] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6016 attached , child_tidptr=0x5555568435d0) = 6016 [pid 6016] chdir("./988") = 0 [pid 6016] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6016] setpgid(0, 0) = 0 [pid 6016] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6016] write(3, "1000", 4) = 4 [pid 6016] close(3) = 0 [pid 6016] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6016] memfd_create("syzkaller", 0) = 3 [pid 6016] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6016] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6016] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6016] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6016] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6016] close(3) = 0 [pid 6016] mkdir("./file0", 0777) = 0 [pid 6016] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6016] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6016] chdir("./file0") = 0 [pid 6016] ioctl(4, LOOP_CLR_FD) = 0 [pid 6016] close(4) = 0 [pid 6016] exit_group(0) = ? [pid 6016] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6016, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./988", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./988", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./988/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./988/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./988/binderfs") = 0 umount2("./988/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./988/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./988/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./988/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./988/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./988/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./988") = 0 mkdir("./989", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 125.955675][ T6016] loop0: detected capacity change from 0 to 4096 [ 125.964105][ T6016] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6017 ./strace-static-x86_64: Process 6017 attached [pid 6017] chdir("./989") = 0 [pid 6017] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6017] setpgid(0, 0) = 0 [pid 6017] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6017] write(3, "1000", 4) = 4 [pid 6017] close(3) = 0 [pid 6017] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6017] memfd_create("syzkaller", 0) = 3 [pid 6017] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6017] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6017] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6017] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6017] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6017] close(3) = 0 [pid 6017] mkdir("./file0", 0777) = 0 [pid 6017] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6017] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6017] chdir("./file0") = 0 [pid 6017] ioctl(4, LOOP_CLR_FD) = 0 [pid 6017] close(4) = 0 [pid 6017] exit_group(0) = ? [pid 6017] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6017, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./989", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./989", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./989/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./989/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./989/binderfs") = 0 umount2("./989/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./989/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./989/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./989/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./989/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./989/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./989") = 0 mkdir("./990", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6018 attached , child_tidptr=0x5555568435d0) = 6018 [pid 6018] chdir("./990") = 0 [pid 6018] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6018] setpgid(0, 0) = 0 [pid 6018] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6018] write(3, "1000", 4) = 4 [pid 6018] close(3) = 0 [pid 6018] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6018] memfd_create("syzkaller", 0) = 3 [pid 6018] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 126.043949][ T6017] loop0: detected capacity change from 0 to 4096 [ 126.051773][ T6017] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6018] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6018] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6018] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6018] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6018] close(3) = 0 [pid 6018] mkdir("./file0", 0777) = 0 [pid 6018] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6018] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6018] chdir("./file0") = 0 [pid 6018] ioctl(4, LOOP_CLR_FD) = 0 [pid 6018] close(4) = 0 [pid 6018] exit_group(0) = ? [pid 6018] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6018, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./990", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./990", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./990/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./990/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./990/binderfs") = 0 umount2("./990/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./990/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./990/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./990/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./990/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./990/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./990") = 0 mkdir("./991", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6019 attached , child_tidptr=0x5555568435d0) = 6019 [pid 6019] chdir("./991") = 0 [pid 6019] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6019] setpgid(0, 0) = 0 [pid 6019] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6019] write(3, "1000", 4) = 4 [pid 6019] close(3) = 0 [pid 6019] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6019] memfd_create("syzkaller", 0) = 3 [pid 6019] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 126.121961][ T6018] loop0: detected capacity change from 0 to 4096 [ 126.130736][ T6018] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6019] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6019] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6019] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6019] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6019] close(3) = 0 [pid 6019] mkdir("./file0", 0777) = 0 [pid 6019] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6019] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6019] chdir("./file0") = 0 [pid 6019] ioctl(4, LOOP_CLR_FD) = 0 [pid 6019] close(4) = 0 [pid 6019] exit_group(0) = ? [pid 6019] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6019, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./991", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./991", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./991/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./991/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./991/binderfs") = 0 umount2("./991/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./991/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./991/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./991/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./991/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./991/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./991") = 0 mkdir("./992", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6020 ./strace-static-x86_64: Process 6020 attached [pid 6020] chdir("./992") = 0 [pid 6020] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6020] setpgid(0, 0) = 0 [pid 6020] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6020] write(3, "1000", 4) = 4 [pid 6020] close(3) = 0 [pid 6020] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6020] memfd_create("syzkaller", 0) = 3 [pid 6020] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 126.201623][ T6019] loop0: detected capacity change from 0 to 4096 [ 126.210324][ T6019] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6020] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6020] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6020] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6020] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6020] close(3) = 0 [pid 6020] mkdir("./file0", 0777) = 0 [pid 6020] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6020] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6020] chdir("./file0") = 0 [pid 6020] ioctl(4, LOOP_CLR_FD) = 0 [pid 6020] close(4) = 0 [pid 6020] exit_group(0) = ? [pid 6020] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6020, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./992", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./992", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./992/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./992/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./992/binderfs") = 0 umount2("./992/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./992/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./992/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./992/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./992/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./992/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./992") = 0 mkdir("./993", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6021 ./strace-static-x86_64: Process 6021 attached [pid 6021] chdir("./993") = 0 [pid 6021] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6021] setpgid(0, 0) = 0 [pid 6021] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6021] write(3, "1000", 4) = 4 [pid 6021] close(3) = 0 [pid 6021] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6021] memfd_create("syzkaller", 0) = 3 [pid 6021] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 126.283527][ T6020] loop0: detected capacity change from 0 to 4096 [ 126.291975][ T6020] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6021] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6021] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6021] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6021] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6021] close(3) = 0 [pid 6021] mkdir("./file0", 0777) = 0 [pid 6021] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6021] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6021] chdir("./file0") = 0 [pid 6021] ioctl(4, LOOP_CLR_FD) = 0 [pid 6021] close(4) = 0 [pid 6021] exit_group(0) = ? [pid 6021] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6021, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./993", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./993", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./993/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./993/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./993/binderfs") = 0 umount2("./993/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./993/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./993/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./993/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./993/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./993/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./993") = 0 mkdir("./994", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6022 ./strace-static-x86_64: Process 6022 attached [pid 6022] chdir("./994") = 0 [pid 6022] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6022] setpgid(0, 0) = 0 [pid 6022] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6022] write(3, "1000", 4) = 4 [pid 6022] close(3) = 0 [pid 6022] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6022] memfd_create("syzkaller", 0) = 3 [pid 6022] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 126.359624][ T6021] loop0: detected capacity change from 0 to 4096 [ 126.368929][ T6021] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6022] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6022] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6022] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6022] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6022] close(3) = 0 [pid 6022] mkdir("./file0", 0777) = 0 [pid 6022] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6022] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6022] chdir("./file0") = 0 [pid 6022] ioctl(4, LOOP_CLR_FD) = 0 [pid 6022] close(4) = 0 [pid 6022] exit_group(0) = ? [pid 6022] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6022, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=0} --- umount2("./994", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./994", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./994/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./994/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./994/binderfs") = 0 [ 126.449679][ T6022] loop0: detected capacity change from 0 to 4096 [ 126.458046][ T6022] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). umount2("./994/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./994/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./994/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./994/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./994/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./994/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./994") = 0 mkdir("./995", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6023 ./strace-static-x86_64: Process 6023 attached [pid 6023] chdir("./995") = 0 [pid 6023] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6023] setpgid(0, 0) = 0 [pid 6023] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6023] write(3, "1000", 4) = 4 [pid 6023] close(3) = 0 [pid 6023] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6023] memfd_create("syzkaller", 0) = 3 [pid 6023] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6023] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6023] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6023] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6023] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6023] close(3) = 0 [pid 6023] mkdir("./file0", 0777) = 0 [pid 6023] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6023] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6023] chdir("./file0") = 0 [pid 6023] ioctl(4, LOOP_CLR_FD) = 0 [pid 6023] close(4) = 0 [pid 6023] exit_group(0) = ? [pid 6023] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6023, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./995", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./995", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./995/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./995/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./995/binderfs") = 0 umount2("./995/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./995/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./995/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./995/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./995/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./995/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./995") = 0 mkdir("./996", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 126.550916][ T6023] loop0: detected capacity change from 0 to 4096 [ 126.559747][ T6023] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6024 attached , child_tidptr=0x5555568435d0) = 6024 [pid 6024] chdir("./996") = 0 [pid 6024] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6024] setpgid(0, 0) = 0 [pid 6024] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6024] write(3, "1000", 4) = 4 [pid 6024] close(3) = 0 [pid 6024] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6024] memfd_create("syzkaller", 0) = 3 [pid 6024] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6024] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6024] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6024] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6024] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6024] close(3) = 0 [pid 6024] mkdir("./file0", 0777) = 0 [pid 6024] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6024] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6024] chdir("./file0") = 0 [pid 6024] ioctl(4, LOOP_CLR_FD) = 0 [pid 6024] close(4) = 0 [pid 6024] exit_group(0) = ? [pid 6024] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6024, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./996", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./996", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./996/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./996/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./996/binderfs") = 0 umount2("./996/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./996/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./996/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./996/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./996/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./996/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./996") = 0 mkdir("./997", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6025 ./strace-static-x86_64: Process 6025 attached [pid 6025] chdir("./997") = 0 [pid 6025] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6025] setpgid(0, 0) = 0 [pid 6025] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6025] write(3, "1000", 4) = 4 [pid 6025] close(3) = 0 [pid 6025] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6025] memfd_create("syzkaller", 0) = 3 [pid 6025] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 126.636683][ T6024] loop0: detected capacity change from 0 to 4096 [ 126.644759][ T6024] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6025] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6025] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6025] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6025] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6025] close(3) = 0 [pid 6025] mkdir("./file0", 0777) = 0 [pid 6025] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6025] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6025] chdir("./file0") = 0 [pid 6025] ioctl(4, LOOP_CLR_FD) = 0 [pid 6025] close(4) = 0 [pid 6025] exit_group(0) = ? [pid 6025] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6025, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./997", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./997", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./997/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./997/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./997/binderfs") = 0 umount2("./997/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./997/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./997/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./997/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./997/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./997/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./997") = 0 mkdir("./998", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6026 ./strace-static-x86_64: Process 6026 attached [pid 6026] chdir("./998") = 0 [pid 6026] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 126.708274][ T6025] loop0: detected capacity change from 0 to 4096 [ 126.716623][ T6025] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6026] setpgid(0, 0) = 0 [pid 6026] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6026] write(3, "1000", 4) = 4 [pid 6026] close(3) = 0 [pid 6026] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6026] memfd_create("syzkaller", 0) = 3 [pid 6026] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6026] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6026] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6026] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6026] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6026] close(3) = 0 [pid 6026] mkdir("./file0", 0777) = 0 [pid 6026] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6026] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6026] chdir("./file0") = 0 [pid 6026] ioctl(4, LOOP_CLR_FD) = 0 [pid 6026] close(4) = 0 [pid 6026] exit_group(0) = ? [pid 6026] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6026, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./998", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./998", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./998/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./998/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./998/binderfs") = 0 umount2("./998/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./998/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./998/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./998/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./998/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./998/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./998") = 0 mkdir("./999", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6027 ./strace-static-x86_64: Process 6027 attached [pid 6027] chdir("./999") = 0 [pid 6027] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6027] setpgid(0, 0) = 0 [pid 6027] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6027] write(3, "1000", 4) = 4 [pid 6027] close(3) = 0 [pid 6027] symlink("/dev/binderfs", "./binderfs") = 0 [ 126.794670][ T6026] loop0: detected capacity change from 0 to 4096 [ 126.803734][ T6026] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6027] memfd_create("syzkaller", 0) = 3 [pid 6027] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6027] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6027] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6027] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6027] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6027] close(3) = 0 [pid 6027] mkdir("./file0", 0777) = 0 [pid 6027] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6027] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6027] chdir("./file0") = 0 [pid 6027] ioctl(4, LOOP_CLR_FD) = 0 [pid 6027] close(4) = 0 [pid 6027] exit_group(0) = ? [pid 6027] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6027, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./999", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./999", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./999/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./999/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./999/binderfs") = 0 umount2("./999/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./999/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./999/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./999/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./999/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./999/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./999") = 0 mkdir("./1000", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 126.875074][ T6027] loop0: detected capacity change from 0 to 4096 [ 126.883069][ T6027] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6028 ./strace-static-x86_64: Process 6028 attached [pid 6028] chdir("./1000") = 0 [pid 6028] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6028] setpgid(0, 0) = 0 [pid 6028] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6028] write(3, "1000", 4) = 4 [pid 6028] close(3) = 0 [pid 6028] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6028] memfd_create("syzkaller", 0) = 3 [pid 6028] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6028] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6028] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6028] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6028] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6028] close(3) = 0 [pid 6028] mkdir("./file0", 0777) = 0 [pid 6028] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6028] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6028] chdir("./file0") = 0 [pid 6028] ioctl(4, LOOP_CLR_FD) = 0 [pid 6028] close(4) = 0 [pid 6028] exit_group(0) = ? [pid 6028] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6028, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1000", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1000", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1000/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1000/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1000/binderfs") = 0 umount2("./1000/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1000/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1000/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1000/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1000/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1000/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1000") = 0 mkdir("./1001", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6029 ./strace-static-x86_64: Process 6029 attached [pid 6029] chdir("./1001") = 0 [pid 6029] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6029] setpgid(0, 0) = 0 [pid 6029] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6029] write(3, "1000", 4) = 4 [pid 6029] close(3) = 0 [pid 6029] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6029] memfd_create("syzkaller", 0) = 3 [pid 6029] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 126.963328][ T6028] loop0: detected capacity change from 0 to 4096 [ 126.971742][ T6028] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6029] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6029] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6029] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6029] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6029] close(3) = 0 [pid 6029] mkdir("./file0", 0777) = 0 [pid 6029] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6029] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6029] chdir("./file0") = 0 [pid 6029] ioctl(4, LOOP_CLR_FD) = 0 [pid 6029] close(4) = 0 [pid 6029] exit_group(0) = ? [pid 6029] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6029, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1001", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1001", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1001/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1001/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1001/binderfs") = 0 umount2("./1001/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1001/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1001/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1001/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1001/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1001/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1001") = 0 mkdir("./1002", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6030 ./strace-static-x86_64: Process 6030 attached [pid 6030] chdir("./1002") = 0 [pid 6030] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6030] setpgid(0, 0) = 0 [pid 6030] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6030] write(3, "1000", 4) = 4 [pid 6030] close(3) = 0 [pid 6030] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6030] memfd_create("syzkaller", 0) = 3 [pid 6030] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 127.039828][ T6029] loop0: detected capacity change from 0 to 4096 [ 127.048889][ T6029] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6030] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6030] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6030] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6030] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6030] close(3) = 0 [pid 6030] mkdir("./file0", 0777) = 0 [pid 6030] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6030] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6030] chdir("./file0") = 0 [pid 6030] ioctl(4, LOOP_CLR_FD) = 0 [pid 6030] close(4) = 0 [pid 6030] exit_group(0) = ? [pid 6030] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6030, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1002", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1002", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1002/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1002/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1002/binderfs") = 0 umount2("./1002/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1002/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1002/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1002/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1002/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1002/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1002") = 0 mkdir("./1003", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6031 ./strace-static-x86_64: Process 6031 attached [pid 6031] chdir("./1003") = 0 [pid 6031] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6031] setpgid(0, 0) = 0 [pid 6031] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6031] write(3, "1000", 4) = 4 [pid 6031] close(3) = 0 [pid 6031] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6031] memfd_create("syzkaller", 0) = 3 [pid 6031] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 127.114023][ T6030] loop0: detected capacity change from 0 to 4096 [ 127.122382][ T6030] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6031] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6031] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6031] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6031] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6031] close(3) = 0 [pid 6031] mkdir("./file0", 0777) = 0 [pid 6031] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6031] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6031] chdir("./file0") = 0 [pid 6031] ioctl(4, LOOP_CLR_FD) = 0 [pid 6031] close(4) = 0 [pid 6031] exit_group(0) = ? [pid 6031] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6031, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1003", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1003", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1003/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1003/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1003/binderfs") = 0 umount2("./1003/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1003/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1003/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1003/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1003/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1003/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1003") = 0 mkdir("./1004", 0777) = 0 [ 127.191001][ T6031] loop0: detected capacity change from 0 to 4096 [ 127.198945][ T6031] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6032 ./strace-static-x86_64: Process 6032 attached [pid 6032] chdir("./1004") = 0 [pid 6032] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6032] setpgid(0, 0) = 0 [pid 6032] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6032] write(3, "1000", 4) = 4 [pid 6032] close(3) = 0 [pid 6032] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6032] memfd_create("syzkaller", 0) = 3 [pid 6032] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6032] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6032] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6032] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6032] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6032] close(3) = 0 [pid 6032] mkdir("./file0", 0777) = 0 [pid 6032] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6032] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6032] chdir("./file0") = 0 [pid 6032] ioctl(4, LOOP_CLR_FD) = 0 [pid 6032] close(4) = 0 [pid 6032] exit_group(0) = ? [pid 6032] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6032, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1004", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1004", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1004/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1004/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1004/binderfs") = 0 umount2("./1004/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1004/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1004/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1004/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1004/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1004/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1004") = 0 mkdir("./1005", 0777) = 0 [ 127.283765][ T6032] loop0: detected capacity change from 0 to 4096 [ 127.292218][ T6032] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6033 ./strace-static-x86_64: Process 6033 attached [pid 6033] chdir("./1005") = 0 [pid 6033] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6033] setpgid(0, 0) = 0 [pid 6033] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6033] write(3, "1000", 4) = 4 [pid 6033] close(3) = 0 [pid 6033] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6033] memfd_create("syzkaller", 0) = 3 [pid 6033] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6033] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6033] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6033] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6033] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6033] close(3) = 0 [pid 6033] mkdir("./file0", 0777) = 0 [pid 6033] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6033] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6033] chdir("./file0") = 0 [pid 6033] ioctl(4, LOOP_CLR_FD) = 0 [pid 6033] close(4) = 0 [pid 6033] exit_group(0) = ? [pid 6033] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6033, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1005", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1005", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1005/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1005/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1005/binderfs") = 0 umount2("./1005/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1005/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1005/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1005/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1005/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1005/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1005") = 0 mkdir("./1006", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 127.374250][ T6033] loop0: detected capacity change from 0 to 4096 [ 127.383517][ T6033] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6034 attached [pid 6034] chdir("./1006") = 0 [pid 6034] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6034] setpgid(0, 0) = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 6034 [pid 6034] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6034] write(3, "1000", 4) = 4 [pid 6034] close(3) = 0 [pid 6034] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6034] memfd_create("syzkaller", 0) = 3 [pid 6034] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6034] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6034] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6034] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6034] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6034] close(3) = 0 [pid 6034] mkdir("./file0", 0777) = 0 [pid 6034] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6034] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6034] chdir("./file0") = 0 [pid 6034] ioctl(4, LOOP_CLR_FD) = 0 [pid 6034] close(4) = 0 [pid 6034] exit_group(0) = ? [pid 6034] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6034, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1006", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1006", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1006/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1006/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1006/binderfs") = 0 umount2("./1006/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1006/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1006/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1006/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1006/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1006/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1006") = 0 mkdir("./1007", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6035 ./strace-static-x86_64: Process 6035 attached [pid 6035] chdir("./1007") = 0 [pid 6035] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6035] setpgid(0, 0) = 0 [pid 6035] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6035] write(3, "1000", 4) = 4 [pid 6035] close(3) = 0 [pid 6035] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6035] memfd_create("syzkaller", 0) = 3 [pid 6035] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 127.458498][ T6034] loop0: detected capacity change from 0 to 4096 [ 127.467261][ T6034] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6035] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6035] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6035] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6035] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6035] close(3) = 0 [pid 6035] mkdir("./file0", 0777) = 0 [pid 6035] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6035] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6035] chdir("./file0") = 0 [pid 6035] ioctl(4, LOOP_CLR_FD) = 0 [pid 6035] close(4) = 0 [pid 6035] exit_group(0) = ? [pid 6035] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6035, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1007", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1007", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1007/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1007/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1007/binderfs") = 0 umount2("./1007/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1007/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1007/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1007/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1007/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1007/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1007") = 0 mkdir("./1008", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6036 ./strace-static-x86_64: Process 6036 attached [pid 6036] chdir("./1008") = 0 [pid 6036] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6036] setpgid(0, 0) = 0 [pid 6036] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6036] write(3, "1000", 4) = 4 [pid 6036] close(3) = 0 [pid 6036] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6036] memfd_create("syzkaller", 0) = 3 [pid 6036] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 127.536642][ T6035] loop0: detected capacity change from 0 to 4096 [ 127.545054][ T6035] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6036] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6036] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6036] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6036] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6036] close(3) = 0 [pid 6036] mkdir("./file0", 0777) = 0 [pid 6036] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6036] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6036] chdir("./file0") = 0 [pid 6036] ioctl(4, LOOP_CLR_FD) = 0 [pid 6036] close(4) = 0 [pid 6036] exit_group(0) = ? [pid 6036] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6036, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1008", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1008", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1008/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1008/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1008/binderfs") = 0 umount2("./1008/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1008/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1008/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1008/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1008/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1008/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1008") = 0 mkdir("./1009", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6037 attached , child_tidptr=0x5555568435d0) = 6037 [pid 6037] chdir("./1009") = 0 [pid 6037] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6037] setpgid(0, 0) = 0 [pid 6037] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6037] write(3, "1000", 4) = 4 [pid 6037] close(3) = 0 [pid 6037] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6037] memfd_create("syzkaller", 0) = 3 [pid 6037] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 127.612610][ T6036] loop0: detected capacity change from 0 to 4096 [ 127.621915][ T6036] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6037] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6037] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6037] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6037] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6037] close(3) = 0 [pid 6037] mkdir("./file0", 0777) = 0 [pid 6037] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6037] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6037] chdir("./file0") = 0 [pid 6037] ioctl(4, LOOP_CLR_FD) = 0 [pid 6037] close(4) = 0 [pid 6037] exit_group(0) = ? [pid 6037] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6037, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1009", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1009", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1009/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1009/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1009/binderfs") = 0 umount2("./1009/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1009/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1009/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1009/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1009/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1009/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1009") = 0 mkdir("./1010", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6038 ./strace-static-x86_64: Process 6038 attached [pid 6038] chdir("./1010") = 0 [pid 6038] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6038] setpgid(0, 0) = 0 [pid 6038] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6038] write(3, "1000", 4) = 4 [pid 6038] close(3) = 0 [pid 6038] symlink("/dev/binderfs", "./binderfs") = 0 [ 127.693199][ T6037] loop0: detected capacity change from 0 to 4096 [ 127.702273][ T6037] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6038] memfd_create("syzkaller", 0) = 3 [pid 6038] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6038] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6038] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6038] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6038] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6038] close(3) = 0 [pid 6038] mkdir("./file0", 0777) = 0 [pid 6038] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6038] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6038] chdir("./file0") = 0 [pid 6038] ioctl(4, LOOP_CLR_FD) = 0 [pid 6038] close(4) = 0 [pid 6038] exit_group(0) = ? [pid 6038] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6038, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1010", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1010", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1010/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1010/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1010/binderfs") = 0 umount2("./1010/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1010/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1010/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1010/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1010/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1010/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1010") = 0 mkdir("./1011", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6039 ./strace-static-x86_64: Process 6039 attached [pid 6039] chdir("./1011") = 0 [pid 6039] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6039] setpgid(0, 0) = 0 [pid 6039] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6039] write(3, "1000", 4) = 4 [pid 6039] close(3) = 0 [pid 6039] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6039] memfd_create("syzkaller", 0) = 3 [pid 6039] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 127.773611][ T6038] loop0: detected capacity change from 0 to 4096 [ 127.781824][ T6038] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6039] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6039] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6039] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6039] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6039] close(3) = 0 [pid 6039] mkdir("./file0", 0777) = 0 [pid 6039] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6039] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6039] chdir("./file0") = 0 [pid 6039] ioctl(4, LOOP_CLR_FD) = 0 [pid 6039] close(4) = 0 [pid 6039] exit_group(0) = ? [pid 6039] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6039, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1011", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1011", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1011/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1011/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1011/binderfs") = 0 umount2("./1011/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1011/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1011/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1011/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1011/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1011/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1011") = 0 mkdir("./1012", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6040 ./strace-static-x86_64: Process 6040 attached [pid 6040] chdir("./1012") = 0 [pid 6040] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 127.851921][ T6039] loop0: detected capacity change from 0 to 4096 [ 127.859873][ T6039] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6040] setpgid(0, 0) = 0 [pid 6040] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6040] write(3, "1000", 4) = 4 [pid 6040] close(3) = 0 [pid 6040] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6040] memfd_create("syzkaller", 0) = 3 [pid 6040] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6040] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6040] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6040] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6040] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6040] close(3) = 0 [pid 6040] mkdir("./file0", 0777) = 0 [pid 6040] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6040] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6040] chdir("./file0") = 0 [pid 6040] ioctl(4, LOOP_CLR_FD) = 0 [pid 6040] close(4) = 0 [pid 6040] exit_group(0) = ? [pid 6040] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6040, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1012", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1012", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1012/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1012/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1012/binderfs") = 0 umount2("./1012/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1012/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1012/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1012/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1012/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1012/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1012") = 0 mkdir("./1013", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6041 ./strace-static-x86_64: Process 6041 attached [pid 6041] chdir("./1013") = 0 [pid 6041] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6041] setpgid(0, 0) = 0 [pid 6041] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6041] write(3, "1000", 4) = 4 [pid 6041] close(3) = 0 [pid 6041] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6041] memfd_create("syzkaller", 0) = 3 [pid 6041] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 127.937314][ T6040] loop0: detected capacity change from 0 to 4096 [ 127.945642][ T6040] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6041] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6041] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6041] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6041] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6041] close(3) = 0 [pid 6041] mkdir("./file0", 0777) = 0 [pid 6041] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6041] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6041] chdir("./file0") = 0 [pid 6041] ioctl(4, LOOP_CLR_FD) = 0 [pid 6041] close(4) = 0 [pid 6041] exit_group(0) = ? [pid 6041] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6041, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1013", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1013", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1013/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1013/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1013/binderfs") = 0 umount2("./1013/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1013/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1013/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1013/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1013/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1013/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1013") = 0 mkdir("./1014", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6042 ./strace-static-x86_64: Process 6042 attached [pid 6042] chdir("./1014") = 0 [pid 6042] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6042] setpgid(0, 0) = 0 [pid 6042] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6042] write(3, "1000", 4) = 4 [pid 6042] close(3) = 0 [pid 6042] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6042] memfd_create("syzkaller", 0) = 3 [pid 6042] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 128.019300][ T6041] loop0: detected capacity change from 0 to 4096 [ 128.027610][ T6041] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6042] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6042] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6042] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6042] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6042] close(3) = 0 [pid 6042] mkdir("./file0", 0777) = 0 [pid 6042] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6042] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6042] chdir("./file0") = 0 [pid 6042] ioctl(4, LOOP_CLR_FD) = 0 [pid 6042] close(4) = 0 [pid 6042] exit_group(0) = ? [pid 6042] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6042, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1014", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1014", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1014/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1014/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1014/binderfs") = 0 umount2("./1014/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1014/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1014/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1014/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1014/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1014/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1014") = 0 mkdir("./1015", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6043 ./strace-static-x86_64: Process 6043 attached [pid 6043] chdir("./1015") = 0 [pid 6043] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6043] setpgid(0, 0) = 0 [pid 6043] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6043] write(3, "1000", 4) = 4 [pid 6043] close(3) = 0 [pid 6043] symlink("/dev/binderfs", "./binderfs") = 0 [ 128.098853][ T6042] loop0: detected capacity change from 0 to 4096 [ 128.106981][ T6042] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6043] memfd_create("syzkaller", 0) = 3 [pid 6043] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6043] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6043] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6043] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6043] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6043] close(3) = 0 [pid 6043] mkdir("./file0", 0777) = 0 [pid 6043] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6043] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6043] chdir("./file0") = 0 [pid 6043] ioctl(4, LOOP_CLR_FD) = 0 [pid 6043] close(4) = 0 [pid 6043] exit_group(0) = ? [pid 6043] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6043, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1015", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1015", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1015/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1015/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1015/binderfs") = 0 umount2("./1015/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1015/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1015/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1015/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1015/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1015/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1015") = 0 mkdir("./1016", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 128.182390][ T6043] loop0: detected capacity change from 0 to 4096 [ 128.191030][ T6043] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6044 ./strace-static-x86_64: Process 6044 attached [pid 6044] chdir("./1016") = 0 [pid 6044] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6044] setpgid(0, 0) = 0 [pid 6044] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6044] write(3, "1000", 4) = 4 [pid 6044] close(3) = 0 [pid 6044] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6044] memfd_create("syzkaller", 0) = 3 [pid 6044] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6044] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6044] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6044] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6044] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6044] close(3) = 0 [pid 6044] mkdir("./file0", 0777) = 0 [pid 6044] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6044] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6044] chdir("./file0") = 0 [pid 6044] ioctl(4, LOOP_CLR_FD) = 0 [pid 6044] close(4) = 0 [pid 6044] exit_group(0) = ? [pid 6044] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6044, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1016", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1016", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1016/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1016/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1016/binderfs") = 0 umount2("./1016/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1016/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1016/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1016/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1016/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1016/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1016") = 0 mkdir("./1017", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6045 ./strace-static-x86_64: Process 6045 attached [pid 6045] chdir("./1017") = 0 [pid 6045] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6045] setpgid(0, 0) = 0 [pid 6045] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6045] write(3, "1000", 4) = 4 [pid 6045] close(3) = 0 [pid 6045] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6045] memfd_create("syzkaller", 0) = 3 [pid 6045] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 128.269171][ T6044] loop0: detected capacity change from 0 to 4096 [ 128.277875][ T6044] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6045] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6045] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6045] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6045] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6045] close(3) = 0 [pid 6045] mkdir("./file0", 0777) = 0 [pid 6045] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6045] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6045] chdir("./file0") = 0 [pid 6045] ioctl(4, LOOP_CLR_FD) = 0 [pid 6045] close(4) = 0 [pid 6045] exit_group(0) = ? [pid 6045] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6045, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1017", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1017", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1017/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1017/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1017/binderfs") = 0 umount2("./1017/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1017/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1017/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1017/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1017/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1017/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 [ 128.348536][ T6045] loop0: detected capacity change from 0 to 4096 [ 128.356759][ T6045] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 rmdir("./1017") = 0 mkdir("./1018", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6046 ./strace-static-x86_64: Process 6046 attached [pid 6046] chdir("./1018") = 0 [pid 6046] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6046] setpgid(0, 0) = 0 [pid 6046] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6046] write(3, "1000", 4) = 4 [pid 6046] close(3) = 0 [pid 6046] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6046] memfd_create("syzkaller", 0) = 3 [pid 6046] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6046] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6046] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6046] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6046] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6046] close(3) = 0 [pid 6046] mkdir("./file0", 0777) = 0 [pid 6046] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6046] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6046] chdir("./file0") = 0 [pid 6046] ioctl(4, LOOP_CLR_FD) = 0 [pid 6046] close(4) = 0 [pid 6046] exit_group(0) = ? [pid 6046] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6046, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1018", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1018", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1018/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1018/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1018/binderfs") = 0 umount2("./1018/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1018/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1018/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1018/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1018/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1018/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1018") = 0 mkdir("./1019", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6047 ./strace-static-x86_64: Process 6047 attached [pid 6047] chdir("./1019") = 0 [pid 6047] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6047] setpgid(0, 0) = 0 [pid 6047] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6047] write(3, "1000", 4) = 4 [pid 6047] close(3) = 0 [pid 6047] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6047] memfd_create("syzkaller", 0) = 3 [pid 6047] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 128.443130][ T6046] loop0: detected capacity change from 0 to 4096 [ 128.451358][ T6046] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6047] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6047] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6047] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6047] close(3) = 0 [pid 6047] mkdir("./file0", 0777) = 0 [pid 6047] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6047] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6047] chdir("./file0") = 0 [pid 6047] ioctl(4, LOOP_CLR_FD) = 0 [pid 6047] close(4) = 0 [pid 6047] exit_group(0) = ? [pid 6047] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6047, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- umount2("./1019", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1019", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1019/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1019/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1019/binderfs") = 0 umount2("./1019/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1019/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1019/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1019/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1019/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1019/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1019") = 0 mkdir("./1020", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6048 ./strace-static-x86_64: Process 6048 attached [pid 6048] chdir("./1020") = 0 [pid 6048] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6048] setpgid(0, 0) = 0 [ 128.522893][ T6047] loop0: detected capacity change from 0 to 4096 [ 128.531664][ T6047] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6048] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6048] write(3, "1000", 4) = 4 [pid 6048] close(3) = 0 [pid 6048] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6048] memfd_create("syzkaller", 0) = 3 [pid 6048] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6048] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6048] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6048] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6048] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6048] close(3) = 0 [pid 6048] mkdir("./file0", 0777) = 0 [pid 6048] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6048] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6048] chdir("./file0") = 0 [pid 6048] ioctl(4, LOOP_CLR_FD) = 0 [pid 6048] close(4) = 0 [pid 6048] exit_group(0) = ? [pid 6048] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6048, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1020", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1020", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1020/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1020/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1020/binderfs") = 0 umount2("./1020/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1020/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1020/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1020/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1020/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1020/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1020") = 0 mkdir("./1021", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6049 ./strace-static-x86_64: Process 6049 attached [pid 6049] chdir("./1021") = 0 [pid 6049] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6049] setpgid(0, 0) = 0 [pid 6049] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6049] write(3, "1000", 4) = 4 [pid 6049] close(3) = 0 [pid 6049] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6049] memfd_create("syzkaller", 0) = 3 [pid 6049] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 128.606545][ T6048] loop0: detected capacity change from 0 to 4096 [ 128.614744][ T6048] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6049] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6049] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6049] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6049] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6049] close(3) = 0 [pid 6049] mkdir("./file0", 0777) = 0 [pid 6049] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6049] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6049] chdir("./file0") = 0 [pid 6049] ioctl(4, LOOP_CLR_FD) = 0 [pid 6049] close(4) = 0 [pid 6049] exit_group(0) = ? [pid 6049] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6049, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1021", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1021", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1021/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1021/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1021/binderfs") = 0 umount2("./1021/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1021/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1021/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1021/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1021/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1021/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1021") = 0 mkdir("./1022", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6050 ./strace-static-x86_64: Process 6050 attached [pid 6050] chdir("./1022") = 0 [pid 6050] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6050] setpgid(0, 0) = 0 [pid 6050] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6050] write(3, "1000", 4) = 4 [pid 6050] close(3) = 0 [pid 6050] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6050] memfd_create("syzkaller", 0) = 3 [pid 6050] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 128.688583][ T6049] loop0: detected capacity change from 0 to 4096 [ 128.697090][ T6049] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6050] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6050] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6050] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6050] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6050] close(3) = 0 [pid 6050] mkdir("./file0", 0777) = 0 [pid 6050] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6050] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6050] chdir("./file0") = 0 [pid 6050] ioctl(4, LOOP_CLR_FD) = 0 [pid 6050] close(4) = 0 [pid 6050] exit_group(0) = ? [pid 6050] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6050, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1022", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1022", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1022/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1022/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1022/binderfs") = 0 umount2("./1022/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1022/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1022/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1022/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1022/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1022/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1022") = 0 mkdir("./1023", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6051 ./strace-static-x86_64: Process 6051 attached [pid 6051] chdir("./1023") = 0 [pid 6051] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6051] setpgid(0, 0) = 0 [pid 6051] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6051] write(3, "1000", 4) = 4 [pid 6051] close(3) = 0 [pid 6051] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6051] memfd_create("syzkaller", 0) = 3 [pid 6051] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 128.767278][ T6050] loop0: detected capacity change from 0 to 4096 [ 128.775435][ T6050] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6051] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6051] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6051] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6051] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6051] close(3) = 0 [pid 6051] mkdir("./file0", 0777) = 0 [pid 6051] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6051] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6051] chdir("./file0") = 0 [pid 6051] ioctl(4, LOOP_CLR_FD) = 0 [pid 6051] close(4) = 0 [pid 6051] exit_group(0) = ? [pid 6051] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6051, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1023", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1023", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1023/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1023/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1023/binderfs") = 0 umount2("./1023/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1023/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1023/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1023/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1023/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1023/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1023") = 0 mkdir("./1024", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6052 attached , child_tidptr=0x5555568435d0) = 6052 [pid 6052] chdir("./1024") = 0 [pid 6052] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6052] setpgid(0, 0) = 0 [pid 6052] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6052] write(3, "1000", 4) = 4 [pid 6052] close(3) = 0 [pid 6052] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6052] memfd_create("syzkaller", 0) = 3 [pid 6052] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 128.840816][ T6051] loop0: detected capacity change from 0 to 4096 [ 128.849674][ T6051] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6052] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6052] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6052] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6052] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6052] close(3) = 0 [pid 6052] mkdir("./file0", 0777) = 0 [pid 6052] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6052] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6052] chdir("./file0") = 0 [pid 6052] ioctl(4, LOOP_CLR_FD) = 0 [pid 6052] close(4) = 0 [pid 6052] exit_group(0) = ? [pid 6052] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6052, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1024", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1024", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1024/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1024/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1024/binderfs") = 0 umount2("./1024/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1024/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1024/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1024/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1024/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1024/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1024") = 0 mkdir("./1025", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6053 ./strace-static-x86_64: Process 6053 attached [pid 6053] chdir("./1025") = 0 [pid 6053] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6053] setpgid(0, 0) = 0 [pid 6053] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6053] write(3, "1000", 4) = 4 [pid 6053] close(3) = 0 [pid 6053] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6053] memfd_create("syzkaller", 0) = 3 [pid 6053] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 128.920047][ T6052] loop0: detected capacity change from 0 to 4096 [ 128.928881][ T6052] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6053] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6053] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6053] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6053] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6053] close(3) = 0 [pid 6053] mkdir("./file0", 0777) = 0 [pid 6053] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6053] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6053] chdir("./file0") = 0 [pid 6053] ioctl(4, LOOP_CLR_FD) = 0 [pid 6053] close(4) = 0 [pid 6053] exit_group(0) = ? [pid 6053] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6053, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1025", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1025", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1025/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1025/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1025/binderfs") = 0 umount2("./1025/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1025/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1025/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1025/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1025/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1025/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1025") = 0 mkdir("./1026", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6054 ./strace-static-x86_64: Process 6054 attached [pid 6054] chdir("./1026") = 0 [pid 6054] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6054] setpgid(0, 0) = 0 [pid 6054] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6054] write(3, "1000", 4) = 4 [pid 6054] close(3) = 0 [pid 6054] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6054] memfd_create("syzkaller", 0) = 3 [pid 6054] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 129.003650][ T6053] loop0: detected capacity change from 0 to 4096 [ 129.012143][ T6053] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6054] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6054] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6054] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6054] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6054] close(3) = 0 [pid 6054] mkdir("./file0", 0777) = 0 [pid 6054] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6054] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6054] chdir("./file0") = 0 [pid 6054] ioctl(4, LOOP_CLR_FD) = 0 [pid 6054] close(4) = 0 [pid 6054] exit_group(0) = ? [pid 6054] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6054, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1026", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1026", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1026/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1026/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1026/binderfs") = 0 umount2("./1026/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1026/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1026/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1026/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1026/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1026/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1026") = 0 mkdir("./1027", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 129.084156][ T6054] loop0: detected capacity change from 0 to 4096 [ 129.092185][ T6054] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6055 ./strace-static-x86_64: Process 6055 attached [pid 6055] chdir("./1027") = 0 [pid 6055] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6055] setpgid(0, 0) = 0 [pid 6055] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6055] write(3, "1000", 4) = 4 [pid 6055] close(3) = 0 [pid 6055] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6055] memfd_create("syzkaller", 0) = 3 [pid 6055] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6055] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6055] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6055] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6055] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6055] close(3) = 0 [pid 6055] mkdir("./file0", 0777) = 0 [pid 6055] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6055] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6055] chdir("./file0") = 0 [pid 6055] ioctl(4, LOOP_CLR_FD) = 0 [pid 6055] close(4) = 0 [pid 6055] exit_group(0) = ? [pid 6055] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6055, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1027", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1027", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1027/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1027/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1027/binderfs") = 0 umount2("./1027/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1027/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1027/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1027/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1027/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1027/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1027") = 0 mkdir("./1028", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6056 ./strace-static-x86_64: Process 6056 attached [pid 6056] chdir("./1028") = 0 [pid 6056] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6056] setpgid(0, 0) = 0 [pid 6056] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6056] write(3, "1000", 4) = 4 [pid 6056] close(3) = 0 [pid 6056] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6056] memfd_create("syzkaller", 0) = 3 [pid 6056] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 129.175764][ T6055] loop0: detected capacity change from 0 to 4096 [ 129.184358][ T6055] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6056] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6056] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6056] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6056] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6056] close(3) = 0 [pid 6056] mkdir("./file0", 0777) = 0 [pid 6056] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6056] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6056] chdir("./file0") = 0 [pid 6056] ioctl(4, LOOP_CLR_FD) = 0 [pid 6056] close(4) = 0 [pid 6056] exit_group(0) = ? [pid 6056] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6056, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1028", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1028", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1028/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1028/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1028/binderfs") = 0 umount2("./1028/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1028/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1028/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1028/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1028/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1028/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1028") = 0 mkdir("./1029", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6057 attached , child_tidptr=0x5555568435d0) = 6057 [pid 6057] chdir("./1029") = 0 [pid 6057] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6057] setpgid(0, 0) = 0 [pid 6057] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6057] write(3, "1000", 4) = 4 [pid 6057] close(3) = 0 [pid 6057] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6057] memfd_create("syzkaller", 0) = 3 [ 129.256977][ T6056] loop0: detected capacity change from 0 to 4096 [ 129.265465][ T6056] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6057] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6057] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6057] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6057] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6057] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6057] close(3) = 0 [pid 6057] mkdir("./file0", 0777) = 0 [pid 6057] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6057] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6057] chdir("./file0") = 0 [pid 6057] ioctl(4, LOOP_CLR_FD) = 0 [pid 6057] close(4) = 0 [pid 6057] exit_group(0) = ? [pid 6057] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6057, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1029", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1029", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1029/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1029/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1029/binderfs") = 0 umount2("./1029/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1029/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1029/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1029/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1029/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1029/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1029") = 0 mkdir("./1030", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6058 ./strace-static-x86_64: Process 6058 attached [pid 6058] chdir("./1030") = 0 [pid 6058] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6058] setpgid(0, 0) = 0 [pid 6058] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6058] write(3, "1000", 4) = 4 [pid 6058] close(3) = 0 [pid 6058] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6058] memfd_create("syzkaller", 0) = 3 [pid 6058] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 129.337679][ T6057] loop0: detected capacity change from 0 to 4096 [ 129.346999][ T6057] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6058] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6058] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6058] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6058] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6058] close(3) = 0 [pid 6058] mkdir("./file0", 0777) = 0 [pid 6058] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6058] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6058] chdir("./file0") = 0 [pid 6058] ioctl(4, LOOP_CLR_FD) = 0 [pid 6058] close(4) = 0 [pid 6058] exit_group(0) = ? [pid 6058] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6058, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1030", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1030", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1030/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1030/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1030/binderfs") = 0 umount2("./1030/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1030/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1030/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1030/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1030/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1030/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1030") = 0 mkdir("./1031", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 129.419540][ T6058] loop0: detected capacity change from 0 to 4096 [ 129.428145][ T6058] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6059 ./strace-static-x86_64: Process 6059 attached [pid 6059] chdir("./1031") = 0 [pid 6059] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6059] setpgid(0, 0) = 0 [pid 6059] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6059] write(3, "1000", 4) = 4 [pid 6059] close(3) = 0 [pid 6059] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6059] memfd_create("syzkaller", 0) = 3 [pid 6059] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6059] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6059] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6059] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6059] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6059] close(3) = 0 [pid 6059] mkdir("./file0", 0777) = 0 [pid 6059] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6059] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6059] chdir("./file0") = 0 [pid 6059] ioctl(4, LOOP_CLR_FD) = 0 [pid 6059] close(4) = 0 [pid 6059] exit_group(0) = ? [pid 6059] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6059, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1031", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1031", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1031/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1031/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1031/binderfs") = 0 umount2("./1031/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1031/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1031/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1031/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1031/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1031/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1031") = 0 mkdir("./1032", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 129.510688][ T6059] loop0: detected capacity change from 0 to 4096 [ 129.519221][ T6059] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6060 attached [pid 6060] chdir("./1032") = 0 [pid 6060] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6060] setpgid(0, 0) = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 6060 [pid 6060] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6060] write(3, "1000", 4) = 4 [pid 6060] close(3) = 0 [pid 6060] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6060] memfd_create("syzkaller", 0) = 3 [pid 6060] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6060] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6060] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6060] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6060] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6060] close(3) = 0 [pid 6060] mkdir("./file0", 0777) = 0 [pid 6060] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6060] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6060] chdir("./file0") = 0 [pid 6060] ioctl(4, LOOP_CLR_FD) = 0 [pid 6060] close(4) = 0 [pid 6060] exit_group(0) = ? [pid 6060] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6060, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1032", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1032", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1032/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1032/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1032/binderfs") = 0 umount2("./1032/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1032/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1032/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1032/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1032/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1032/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1032") = 0 mkdir("./1033", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6061 ./strace-static-x86_64: Process 6061 attached [pid 6061] chdir("./1033") = 0 [pid 6061] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6061] setpgid(0, 0) = 0 [pid 6061] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6061] write(3, "1000", 4) = 4 [pid 6061] close(3) = 0 [pid 6061] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6061] memfd_create("syzkaller", 0) = 3 [pid 6061] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 129.599740][ T6060] loop0: detected capacity change from 0 to 4096 [ 129.608073][ T6060] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6061] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6061] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6061] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6061] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6061] close(3) = 0 [pid 6061] mkdir("./file0", 0777) = 0 [pid 6061] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6061] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6061] chdir("./file0") = 0 [pid 6061] ioctl(4, LOOP_CLR_FD) = 0 [pid 6061] close(4) = 0 [pid 6061] exit_group(0) = ? [pid 6061] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6061, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1033", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1033", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1033/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1033/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1033/binderfs") = 0 umount2("./1033/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1033/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1033/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1033/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1033/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1033/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1033") = 0 mkdir("./1034", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6062 attached , child_tidptr=0x5555568435d0) = 6062 [pid 6062] chdir("./1034") = 0 [pid 6062] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6062] setpgid(0, 0) = 0 [pid 6062] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6062] write(3, "1000", 4) = 4 [pid 6062] close(3) = 0 [pid 6062] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6062] memfd_create("syzkaller", 0) = 3 [pid 6062] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 129.679480][ T6061] loop0: detected capacity change from 0 to 4096 [ 129.688833][ T6061] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6062] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6062] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6062] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6062] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6062] close(3) = 0 [pid 6062] mkdir("./file0", 0777) = 0 [pid 6062] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6062] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6062] chdir("./file0") = 0 [pid 6062] ioctl(4, LOOP_CLR_FD) = 0 [pid 6062] close(4) = 0 [pid 6062] exit_group(0) = ? [pid 6062] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6062, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1034", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1034", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1034/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1034/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1034/binderfs") = 0 umount2("./1034/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1034/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1034/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1034/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1034/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1034/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1034") = 0 mkdir("./1035", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6063 ./strace-static-x86_64: Process 6063 attached [ 129.758352][ T6062] loop0: detected capacity change from 0 to 4096 [ 129.767170][ T6062] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6063] chdir("./1035") = 0 [pid 6063] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6063] setpgid(0, 0) = 0 [pid 6063] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6063] write(3, "1000", 4) = 4 [pid 6063] close(3) = 0 [pid 6063] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6063] memfd_create("syzkaller", 0) = 3 [pid 6063] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6063] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6063] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6063] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6063] close(3) = 0 [pid 6063] mkdir("./file0", 0777) = 0 [pid 6063] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6063] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6063] chdir("./file0") = 0 [pid 6063] ioctl(4, LOOP_CLR_FD) = 0 [pid 6063] close(4) = 0 [pid 6063] exit_group(0) = ? [pid 6063] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6063, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1035", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1035", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1035/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1035/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1035/binderfs") = 0 umount2("./1035/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1035/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1035/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1035/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1035/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1035/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1035") = 0 [ 129.850458][ T6063] loop0: detected capacity change from 0 to 4096 [ 129.859345][ T6063] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./1036", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6064 attached [pid 6064] chdir("./1036") = 0 [pid 6064] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6064] setpgid(0, 0) = 0 [pid 6064] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 6064 [pid 6064] <... openat resumed>) = 3 [pid 6064] write(3, "1000", 4) = 4 [pid 6064] close(3) = 0 [pid 6064] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6064] memfd_create("syzkaller", 0) = 3 [pid 6064] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6064] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6064] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6064] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6064] close(3) = 0 [pid 6064] mkdir("./file0", 0777) = 0 [pid 6064] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6064] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6064] chdir("./file0") = 0 [pid 6064] ioctl(4, LOOP_CLR_FD) = 0 [pid 6064] close(4) = 0 [pid 6064] exit_group(0) = ? [pid 6064] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6064, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1036", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1036", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1036/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1036/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1036/binderfs") = 0 umount2("./1036/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1036/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1036/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1036/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1036/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1036/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1036") = 0 mkdir("./1037", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6065 ./strace-static-x86_64: Process 6065 attached [pid 6065] chdir("./1037") = 0 [pid 6065] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6065] setpgid(0, 0) = 0 [pid 6065] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 129.943704][ T6064] loop0: detected capacity change from 0 to 4096 [ 129.952238][ T6064] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6065] write(3, "1000", 4) = 4 [pid 6065] close(3) = 0 [pid 6065] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6065] memfd_create("syzkaller", 0) = 3 [pid 6065] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6065] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6065] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6065] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6065] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6065] close(3) = 0 [pid 6065] mkdir("./file0", 0777) = 0 [pid 6065] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6065] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6065] chdir("./file0") = 0 [pid 6065] ioctl(4, LOOP_CLR_FD) = 0 [pid 6065] close(4) = 0 [pid 6065] exit_group(0) = ? [pid 6065] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6065, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1037", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1037", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1037/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1037/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1037/binderfs") = 0 umount2("./1037/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1037/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1037/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1037/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1037/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1037/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1037") = 0 mkdir("./1038", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6066 ./strace-static-x86_64: Process 6066 attached [pid 6066] chdir("./1038") = 0 [pid 6066] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6066] setpgid(0, 0) = 0 [pid 6066] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6066] write(3, "1000", 4) = 4 [pid 6066] close(3) = 0 [pid 6066] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6066] memfd_create("syzkaller", 0) = 3 [pid 6066] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 130.030426][ T6065] loop0: detected capacity change from 0 to 4096 [ 130.039100][ T6065] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6066] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6066] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6066] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6066] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6066] close(3) = 0 [pid 6066] mkdir("./file0", 0777) = 0 [pid 6066] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6066] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6066] chdir("./file0") = 0 [pid 6066] ioctl(4, LOOP_CLR_FD) = 0 [pid 6066] close(4) = 0 [pid 6066] exit_group(0) = ? [pid 6066] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6066, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1038", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1038", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1038/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1038/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1038/binderfs") = 0 umount2("./1038/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1038/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1038/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1038/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1038/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1038/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1038") = 0 mkdir("./1039", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 130.113615][ T6066] loop0: detected capacity change from 0 to 4096 [ 130.122874][ T6066] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6067 ./strace-static-x86_64: Process 6067 attached [pid 6067] chdir("./1039") = 0 [pid 6067] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6067] setpgid(0, 0) = 0 [pid 6067] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6067] write(3, "1000", 4) = 4 [pid 6067] close(3) = 0 [pid 6067] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6067] memfd_create("syzkaller", 0) = 3 [pid 6067] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6067] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6067] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6067] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6067] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6067] close(3) = 0 [pid 6067] mkdir("./file0", 0777) = 0 [pid 6067] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6067] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6067] chdir("./file0") = 0 [pid 6067] ioctl(4, LOOP_CLR_FD) = 0 [pid 6067] close(4) = 0 [pid 6067] exit_group(0) = ? [pid 6067] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6067, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1039", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1039", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1039/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1039/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1039/binderfs") = 0 umount2("./1039/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1039/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1039/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1039/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1039/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1039/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1039") = 0 mkdir("./1040", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 130.201710][ T6067] loop0: detected capacity change from 0 to 4096 [ 130.210121][ T6067] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6068 ./strace-static-x86_64: Process 6068 attached [pid 6068] chdir("./1040") = 0 [pid 6068] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6068] setpgid(0, 0) = 0 [pid 6068] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6068] write(3, "1000", 4) = 4 [pid 6068] close(3) = 0 [pid 6068] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6068] memfd_create("syzkaller", 0) = 3 [pid 6068] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6068] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6068] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6068] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6068] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6068] close(3) = 0 [pid 6068] mkdir("./file0", 0777) = 0 [pid 6068] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6068] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6068] chdir("./file0") = 0 [pid 6068] ioctl(4, LOOP_CLR_FD) = 0 [pid 6068] close(4) = 0 [pid 6068] exit_group(0) = ? [pid 6068] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6068, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1040", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1040", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1040/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1040/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1040/binderfs") = 0 umount2("./1040/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1040/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1040/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1040/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1040/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1040/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1040") = 0 mkdir("./1041", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6069 ./strace-static-x86_64: Process 6069 attached [pid 6069] chdir("./1041") = 0 [pid 6069] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6069] setpgid(0, 0) = 0 [pid 6069] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6069] write(3, "1000", 4) = 4 [pid 6069] close(3) = 0 [pid 6069] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6069] memfd_create("syzkaller", 0) = 3 [pid 6069] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 130.292268][ T6068] loop0: detected capacity change from 0 to 4096 [ 130.300702][ T6068] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6069] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6069] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6069] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6069] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6069] close(3) = 0 [pid 6069] mkdir("./file0", 0777) = 0 [pid 6069] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6069] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6069] chdir("./file0") = 0 [pid 6069] ioctl(4, LOOP_CLR_FD) = 0 [pid 6069] close(4) = 0 [pid 6069] exit_group(0) = ? [pid 6069] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6069, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1041", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1041", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1041/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1041/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1041/binderfs") = 0 umount2("./1041/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1041/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1041/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1041/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1041/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1041/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1041") = 0 mkdir("./1042", 0777) = 0 [ 130.368163][ T6069] loop0: detected capacity change from 0 to 4096 [ 130.377036][ T6069] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6070 ./strace-static-x86_64: Process 6070 attached [pid 6070] chdir("./1042") = 0 [pid 6070] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6070] setpgid(0, 0) = 0 [pid 6070] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6070] write(3, "1000", 4) = 4 [pid 6070] close(3) = 0 [pid 6070] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6070] memfd_create("syzkaller", 0) = 3 [pid 6070] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6070] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6070] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6070] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6070] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6070] close(3) = 0 [pid 6070] mkdir("./file0", 0777) = 0 [pid 6070] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6070] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6070] chdir("./file0") = 0 [pid 6070] ioctl(4, LOOP_CLR_FD) = 0 [pid 6070] close(4) = 0 [pid 6070] exit_group(0) = ? [pid 6070] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6070, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1042", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1042", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1042/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1042/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1042/binderfs") = 0 umount2("./1042/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1042/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1042/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1042/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1042/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1042/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1042") = 0 mkdir("./1043", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6071 ./strace-static-x86_64: Process 6071 attached [pid 6071] chdir("./1043") = 0 [pid 6071] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6071] setpgid(0, 0) = 0 [pid 6071] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6071] write(3, "1000", 4) = 4 [pid 6071] close(3) = 0 [pid 6071] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6071] memfd_create("syzkaller", 0) = 3 [pid 6071] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 130.459010][ T6070] loop0: detected capacity change from 0 to 4096 [ 130.467594][ T6070] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6071] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6071] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6071] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6071] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6071] close(3) = 0 [pid 6071] mkdir("./file0", 0777) = 0 [pid 6071] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6071] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6071] chdir("./file0") = 0 [pid 6071] ioctl(4, LOOP_CLR_FD) = 0 [pid 6071] close(4) = 0 [pid 6071] exit_group(0) = ? [pid 6071] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6071, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1043", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1043", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1043/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1043/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1043/binderfs") = 0 umount2("./1043/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1043/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1043/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1043/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1043/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1043/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1043") = 0 mkdir("./1044", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6072 ./strace-static-x86_64: Process 6072 attached [pid 6072] chdir("./1044") = 0 [pid 6072] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6072] setpgid(0, 0) = 0 [pid 6072] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6072] write(3, "1000", 4) = 4 [pid 6072] close(3) = 0 [pid 6072] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6072] memfd_create("syzkaller", 0) = 3 [pid 6072] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 130.534988][ T6071] loop0: detected capacity change from 0 to 4096 [ 130.543402][ T6071] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6072] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6072] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6072] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6072] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6072] close(3) = 0 [pid 6072] mkdir("./file0", 0777) = 0 [pid 6072] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6072] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6072] chdir("./file0") = 0 [pid 6072] ioctl(4, LOOP_CLR_FD) = 0 [pid 6072] close(4) = 0 [pid 6072] exit_group(0) = ? [pid 6072] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6072, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1044", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1044", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1044/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1044/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1044/binderfs") = 0 umount2("./1044/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1044/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1044/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1044/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1044/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1044/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1044") = 0 mkdir("./1045", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6073 ./strace-static-x86_64: Process 6073 attached [pid 6073] chdir("./1045") = 0 [pid 6073] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6073] setpgid(0, 0) = 0 [pid 6073] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6073] write(3, "1000", 4) = 4 [pid 6073] close(3) = 0 [pid 6073] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6073] memfd_create("syzkaller", 0) = 3 [pid 6073] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 130.605266][ T6072] loop0: detected capacity change from 0 to 4096 [ 130.613922][ T6072] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6073] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6073] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6073] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6073] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6073] close(3) = 0 [pid 6073] mkdir("./file0", 0777) = 0 [pid 6073] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6073] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6073] chdir("./file0") = 0 [pid 6073] ioctl(4, LOOP_CLR_FD) = 0 [pid 6073] close(4) = 0 [pid 6073] exit_group(0) = ? [pid 6073] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6073, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1045", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1045", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1045/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1045/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1045/binderfs") = 0 umount2("./1045/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1045/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1045/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1045/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1045/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1045/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1045") = 0 mkdir("./1046", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 130.683554][ T6073] loop0: detected capacity change from 0 to 4096 [ 130.692554][ T6073] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6074 ./strace-static-x86_64: Process 6074 attached [pid 6074] chdir("./1046") = 0 [pid 6074] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6074] setpgid(0, 0) = 0 [pid 6074] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6074] write(3, "1000", 4) = 4 [pid 6074] close(3) = 0 [pid 6074] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6074] memfd_create("syzkaller", 0) = 3 [pid 6074] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6074] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6074] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6074] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6074] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6074] close(3) = 0 [pid 6074] mkdir("./file0", 0777) = 0 [pid 6074] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6074] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6074] chdir("./file0") = 0 [pid 6074] ioctl(4, LOOP_CLR_FD) = 0 [pid 6074] close(4) = 0 [pid 6074] exit_group(0) = ? [pid 6074] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6074, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1046", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1046", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1046/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1046/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1046/binderfs") = 0 umount2("./1046/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1046/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1046/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1046/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1046/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1046/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1046") = 0 mkdir("./1047", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6075 ./strace-static-x86_64: Process 6075 attached [pid 6075] chdir("./1047") = 0 [pid 6075] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6075] setpgid(0, 0) = 0 [ 130.773491][ T6074] loop0: detected capacity change from 0 to 4096 [ 130.781950][ T6074] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6075] write(3, "1000", 4) = 4 [pid 6075] close(3) = 0 [pid 6075] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6075] memfd_create("syzkaller", 0) = 3 [pid 6075] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6075] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6075] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6075] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6075] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6075] close(3) = 0 [pid 6075] mkdir("./file0", 0777) = 0 [pid 6075] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6075] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6075] chdir("./file0") = 0 [pid 6075] ioctl(4, LOOP_CLR_FD) = 0 [pid 6075] close(4) = 0 [pid 6075] exit_group(0) = ? [pid 6075] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6075, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1047", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1047", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1047/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1047/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1047/binderfs") = 0 umount2("./1047/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1047/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1047/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1047/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1047/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1047/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1047") = 0 mkdir("./1048", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6076 ./strace-static-x86_64: Process 6076 attached [pid 6076] chdir("./1048") = 0 [pid 6076] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6076] setpgid(0, 0) = 0 [pid 6076] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6076] write(3, "1000", 4) = 4 [pid 6076] close(3) = 0 [pid 6076] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6076] memfd_create("syzkaller", 0) = 3 [pid 6076] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 130.862884][ T6075] loop0: detected capacity change from 0 to 4096 [ 130.871823][ T6075] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6076] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6076] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6076] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6076] close(3) = 0 [pid 6076] mkdir("./file0", 0777) = 0 [pid 6076] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6076] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6076] chdir("./file0") = 0 [pid 6076] ioctl(4, LOOP_CLR_FD) = 0 [pid 6076] close(4) = 0 [pid 6076] exit_group(0) = ? [pid 6076] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6076, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1048", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1048", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1048/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1048/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1048/binderfs") = 0 umount2("./1048/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1048/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1048/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1048/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1048/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1048/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1048") = 0 mkdir("./1049", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6077 ./strace-static-x86_64: Process 6077 attached [pid 6077] chdir("./1049") = 0 [pid 6077] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6077] setpgid(0, 0) = 0 [pid 6077] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6077] write(3, "1000", 4) = 4 [pid 6077] close(3) = 0 [pid 6077] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6077] memfd_create("syzkaller", 0) = 3 [pid 6077] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 130.941958][ T6076] loop0: detected capacity change from 0 to 4096 [ 130.950839][ T6076] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6077] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6077] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6077] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6077] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6077] close(3) = 0 [pid 6077] mkdir("./file0", 0777) = 0 [pid 6077] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6077] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6077] chdir("./file0") = 0 [pid 6077] ioctl(4, LOOP_CLR_FD) = 0 [pid 6077] close(4) = 0 [pid 6077] exit_group(0) = ? [pid 6077] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6077, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1049", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1049", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1049/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1049/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1049/binderfs") = 0 umount2("./1049/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1049/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1049/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1049/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1049/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1049/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1049") = 0 mkdir("./1050", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6078 ./strace-static-x86_64: Process 6078 attached [pid 6078] chdir("./1050") = 0 [pid 6078] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6078] setpgid(0, 0) = 0 [pid 6078] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6078] write(3, "1000", 4) = 4 [pid 6078] close(3) = 0 [pid 6078] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6078] memfd_create("syzkaller", 0) = 3 [pid 6078] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 131.021434][ T6077] loop0: detected capacity change from 0 to 4096 [ 131.029409][ T6077] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6078] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6078] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6078] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6078] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6078] close(3) = 0 [pid 6078] mkdir("./file0", 0777) = 0 [pid 6078] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6078] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6078] chdir("./file0") = 0 [pid 6078] ioctl(4, LOOP_CLR_FD) = 0 [pid 6078] close(4) = 0 [pid 6078] exit_group(0) = ? [pid 6078] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6078, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1050", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1050", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1050/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1050/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1050/binderfs") = 0 umount2("./1050/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1050/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1050/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1050/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1050/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1050/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1050") = 0 mkdir("./1051", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6079 ./strace-static-x86_64: Process 6079 attached [pid 6079] chdir("./1051") = 0 [pid 6079] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6079] setpgid(0, 0) = 0 [pid 6079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6079] write(3, "1000", 4) = 4 [pid 6079] close(3) = 0 [pid 6079] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6079] memfd_create("syzkaller", 0) = 3 [pid 6079] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 131.099318][ T6078] loop0: detected capacity change from 0 to 4096 [ 131.107979][ T6078] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6079] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6079] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6079] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6079] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6079] close(3) = 0 [pid 6079] mkdir("./file0", 0777) = 0 [pid 6079] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6079] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6079] chdir("./file0") = 0 [pid 6079] ioctl(4, LOOP_CLR_FD) = 0 [pid 6079] close(4) = 0 [pid 6079] exit_group(0) = ? [pid 6079] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6079, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1051", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1051", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1051/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1051/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1051/binderfs") = 0 umount2("./1051/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1051/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1051/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1051/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1051/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1051/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1051") = 0 mkdir("./1052", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 131.179772][ T6079] loop0: detected capacity change from 0 to 4096 [ 131.188149][ T6079] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6080 ./strace-static-x86_64: Process 6080 attached [pid 6080] chdir("./1052") = 0 [pid 6080] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6080] setpgid(0, 0) = 0 [pid 6080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6080] write(3, "1000", 4) = 4 [pid 6080] close(3) = 0 [pid 6080] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6080] memfd_create("syzkaller", 0) = 3 [pid 6080] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6080] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6080] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6080] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6080] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6080] close(3) = 0 [pid 6080] mkdir("./file0", 0777) = 0 [pid 6080] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6080] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6080] chdir("./file0") = 0 [pid 6080] ioctl(4, LOOP_CLR_FD) = 0 [pid 6080] close(4) = 0 [pid 6080] exit_group(0) = ? [pid 6080] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6080, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1052", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1052", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1052/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1052/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1052/binderfs") = 0 umount2("./1052/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1052/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1052/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1052/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1052/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1052/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1052") = 0 mkdir("./1053", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6081 ./strace-static-x86_64: Process 6081 attached [pid 6081] chdir("./1053") = 0 [pid 6081] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6081] setpgid(0, 0) = 0 [pid 6081] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6081] write(3, "1000", 4) = 4 [pid 6081] close(3) = 0 [pid 6081] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6081] memfd_create("syzkaller", 0) = 3 [pid 6081] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 131.267662][ T6080] loop0: detected capacity change from 0 to 4096 [ 131.275844][ T6080] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6081] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6081] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6081] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6081] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6081] close(3) = 0 [pid 6081] mkdir("./file0", 0777) = 0 [pid 6081] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6081] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6081] chdir("./file0") = 0 [pid 6081] ioctl(4, LOOP_CLR_FD) = 0 [pid 6081] close(4) = 0 [pid 6081] exit_group(0) = ? [pid 6081] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6081, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1053", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1053", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1053/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1053/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1053/binderfs") = 0 umount2("./1053/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1053/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1053/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1053/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1053/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1053/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1053") = 0 mkdir("./1054", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 131.341112][ T6081] loop0: detected capacity change from 0 to 4096 [ 131.350003][ T6081] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6082 attached , child_tidptr=0x5555568435d0) = 6082 [pid 6082] chdir("./1054") = 0 [pid 6082] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6082] setpgid(0, 0) = 0 [pid 6082] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6082] write(3, "1000", 4) = 4 [pid 6082] close(3) = 0 [pid 6082] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6082] memfd_create("syzkaller", 0) = 3 [pid 6082] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6082] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6082] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6082] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6082] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6082] close(3) = 0 [pid 6082] mkdir("./file0", 0777) = 0 [pid 6082] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6082] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6082] chdir("./file0") = 0 [pid 6082] ioctl(4, LOOP_CLR_FD) = 0 [pid 6082] close(4) = 0 [pid 6082] exit_group(0) = ? [pid 6082] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6082, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1054", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1054", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1054/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1054/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1054/binderfs") = 0 umount2("./1054/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1054/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1054/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1054/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1054/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1054/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1054") = 0 mkdir("./1055", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6083 ./strace-static-x86_64: Process 6083 attached [pid 6083] chdir("./1055") = 0 [pid 6083] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6083] setpgid(0, 0) = 0 [pid 6083] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6083] write(3, "1000", 4) = 4 [pid 6083] close(3) = 0 [pid 6083] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6083] memfd_create("syzkaller", 0) = 3 [pid 6083] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 131.449856][ T6082] loop0: detected capacity change from 0 to 4096 [ 131.458250][ T6082] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6083] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6083] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6083] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6083] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6083] close(3) = 0 [pid 6083] mkdir("./file0", 0777) = 0 [pid 6083] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6083] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6083] chdir("./file0") = 0 [pid 6083] ioctl(4, LOOP_CLR_FD) = 0 [pid 6083] close(4) = 0 [pid 6083] exit_group(0) = ? [pid 6083] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6083, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1055", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1055", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1055/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1055/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1055/binderfs") = 0 umount2("./1055/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1055/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1055/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1055/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1055/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1055/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1055") = 0 mkdir("./1056", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6084 ./strace-static-x86_64: Process 6084 attached [pid 6084] chdir("./1056") = 0 [pid 6084] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6084] setpgid(0, 0) = 0 [pid 6084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6084] write(3, "1000", 4) = 4 [pid 6084] close(3) = 0 [pid 6084] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6084] memfd_create("syzkaller", 0) = 3 [pid 6084] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 131.529115][ T6083] loop0: detected capacity change from 0 to 4096 [ 131.537247][ T6083] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6084] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6084] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6084] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6084] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6084] close(3) = 0 [pid 6084] mkdir("./file0", 0777) = 0 [pid 6084] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6084] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6084] chdir("./file0") = 0 [pid 6084] ioctl(4, LOOP_CLR_FD) = 0 [pid 6084] close(4) = 0 [pid 6084] exit_group(0) = ? [pid 6084] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6084, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1056", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1056", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1056/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1056/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1056/binderfs") = 0 umount2("./1056/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1056/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1056/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1056/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1056/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1056/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1056") = 0 [ 131.610396][ T6084] loop0: detected capacity change from 0 to 4096 [ 131.619186][ T6084] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./1057", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6085 ./strace-static-x86_64: Process 6085 attached [pid 6085] chdir("./1057") = 0 [pid 6085] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6085] setpgid(0, 0) = 0 [pid 6085] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6085] write(3, "1000", 4) = 4 [pid 6085] close(3) = 0 [pid 6085] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6085] memfd_create("syzkaller", 0) = 3 [pid 6085] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6085] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6085] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6085] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6085] close(3) = 0 [pid 6085] mkdir("./file0", 0777) = 0 [pid 6085] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6085] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6085] chdir("./file0") = 0 [pid 6085] ioctl(4, LOOP_CLR_FD) = 0 [pid 6085] close(4) = 0 [pid 6085] exit_group(0) = ? [pid 6085] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6085, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1057", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1057", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1057/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1057/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1057/binderfs") = 0 umount2("./1057/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1057/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1057/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1057/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1057/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1057/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1057") = 0 mkdir("./1058", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6086 ./strace-static-x86_64: Process 6086 attached [pid 6086] chdir("./1058") = 0 [pid 6086] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6086] setpgid(0, 0) = 0 [pid 6086] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6086] write(3, "1000", 4) = 4 [pid 6086] close(3) = 0 [pid 6086] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6086] memfd_create("syzkaller", 0) = 3 [pid 6086] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 131.703606][ T6085] loop0: detected capacity change from 0 to 4096 [ 131.712529][ T6085] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6086] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6086] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6086] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6086] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6086] close(3) = 0 [pid 6086] mkdir("./file0", 0777) = 0 [pid 6086] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6086] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6086] chdir("./file0") = 0 [pid 6086] ioctl(4, LOOP_CLR_FD) = 0 [pid 6086] close(4) = 0 [pid 6086] exit_group(0) = ? [pid 6086] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6086, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1058", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1058", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1058/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1058/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1058/binderfs") = 0 umount2("./1058/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1058/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1058/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1058/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1058/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1058/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1058") = 0 mkdir("./1059", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 131.786267][ T6086] loop0: detected capacity change from 0 to 4096 [ 131.794150][ T6086] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6087 ./strace-static-x86_64: Process 6087 attached [pid 6087] chdir("./1059") = 0 [pid 6087] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6087] setpgid(0, 0) = 0 [pid 6087] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6087] write(3, "1000", 4) = 4 [pid 6087] close(3) = 0 [pid 6087] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6087] memfd_create("syzkaller", 0) = 3 [pid 6087] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6087] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6087] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6087] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6087] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6087] close(3) = 0 [pid 6087] mkdir("./file0", 0777) = 0 [pid 6087] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6087] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6087] chdir("./file0") = 0 [pid 6087] ioctl(4, LOOP_CLR_FD) = 0 [pid 6087] close(4) = 0 [pid 6087] exit_group(0) = ? [pid 6087] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6087, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1059", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1059", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1059/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1059/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1059/binderfs") = 0 umount2("./1059/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1059/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1059/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1059/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1059/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1059/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1059") = 0 mkdir("./1060", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6088 ./strace-static-x86_64: Process 6088 attached [pid 6088] chdir("./1060") = 0 [pid 6088] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6088] setpgid(0, 0) = 0 [pid 6088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6088] write(3, "1000", 4) = 4 [pid 6088] close(3) = 0 [pid 6088] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6088] memfd_create("syzkaller", 0) = 3 [pid 6088] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 131.875497][ T6087] loop0: detected capacity change from 0 to 4096 [ 131.884137][ T6087] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6088] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6088] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6088] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6088] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6088] close(3) = 0 [pid 6088] mkdir("./file0", 0777) = 0 [pid 6088] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6088] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6088] chdir("./file0") = 0 [pid 6088] ioctl(4, LOOP_CLR_FD) = 0 [pid 6088] close(4) = 0 [pid 6088] exit_group(0) = ? [pid 6088] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6088, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1060", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1060", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1060/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1060/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1060/binderfs") = 0 umount2("./1060/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1060/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1060/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1060/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1060/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1060/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1060") = 0 mkdir("./1061", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 131.948683][ T6088] loop0: detected capacity change from 0 to 4096 [ 131.957298][ T6088] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6089 attached , child_tidptr=0x5555568435d0) = 6089 [pid 6089] chdir("./1061") = 0 [pid 6089] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6089] setpgid(0, 0) = 0 [pid 6089] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6089] write(3, "1000", 4) = 4 [pid 6089] close(3) = 0 [pid 6089] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6089] memfd_create("syzkaller", 0) = 3 [pid 6089] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6089] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6089] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6089] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6089] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6089] close(3) = 0 [pid 6089] mkdir("./file0", 0777) = 0 [pid 6089] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6089] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6089] chdir("./file0") = 0 [pid 6089] ioctl(4, LOOP_CLR_FD) = 0 [pid 6089] close(4) = 0 [pid 6089] exit_group(0) = ? [pid 6089] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6089, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1061", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1061", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1061/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1061/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1061/binderfs") = 0 umount2("./1061/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1061/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1061/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1061/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1061/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1061/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1061") = 0 mkdir("./1062", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 132.040522][ T6089] loop0: detected capacity change from 0 to 4096 [ 132.048927][ T6089] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6090 ./strace-static-x86_64: Process 6090 attached [pid 6090] chdir("./1062") = 0 [pid 6090] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6090] setpgid(0, 0) = 0 [pid 6090] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6090] write(3, "1000", 4) = 4 [pid 6090] close(3) = 0 [pid 6090] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6090] memfd_create("syzkaller", 0) = 3 [pid 6090] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6090] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6090] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6090] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6090] close(3) = 0 [pid 6090] mkdir("./file0", 0777) = 0 [pid 6090] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6090] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6090] chdir("./file0") = 0 [pid 6090] ioctl(4, LOOP_CLR_FD) = 0 [pid 6090] close(4) = 0 [pid 6090] exit_group(0) = ? [pid 6090] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6090, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1062", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1062", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1062/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1062/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1062/binderfs") = 0 umount2("./1062/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [ 132.129905][ T6090] loop0: detected capacity change from 0 to 4096 [ 132.138557][ T6090] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). umount2("./1062/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1062/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1062/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1062/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1062/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1062") = 0 mkdir("./1063", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6091 ./strace-static-x86_64: Process 6091 attached [pid 6091] chdir("./1063") = 0 [pid 6091] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6091] setpgid(0, 0) = 0 [pid 6091] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6091] write(3, "1000", 4) = 4 [pid 6091] close(3) = 0 [pid 6091] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6091] memfd_create("syzkaller", 0) = 3 [pid 6091] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6091] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6091] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6091] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6091] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6091] close(3) = 0 [pid 6091] mkdir("./file0", 0777) = 0 [pid 6091] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6091] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6091] chdir("./file0") = 0 [pid 6091] ioctl(4, LOOP_CLR_FD) = 0 [pid 6091] close(4) = 0 [pid 6091] exit_group(0) = ? [pid 6091] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6091, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1063", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1063", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1063/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1063/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1063/binderfs") = 0 [ 132.243170][ T6091] loop0: detected capacity change from 0 to 4096 [ 132.251889][ T6091] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). umount2("./1063/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1063/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1063/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1063/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1063/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1063/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1063") = 0 mkdir("./1064", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6092 ./strace-static-x86_64: Process 6092 attached [pid 6092] chdir("./1064") = 0 [pid 6092] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6092] setpgid(0, 0) = 0 [pid 6092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6092] write(3, "1000", 4) = 4 [pid 6092] close(3) = 0 [pid 6092] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6092] memfd_create("syzkaller", 0) = 3 [pid 6092] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6092] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6092] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6092] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6092] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6092] close(3) = 0 [pid 6092] mkdir("./file0", 0777) = 0 [pid 6092] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6092] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6092] chdir("./file0") = 0 [pid 6092] ioctl(4, LOOP_CLR_FD) = 0 [pid 6092] close(4) = 0 [pid 6092] exit_group(0) = ? [pid 6092] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6092, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1064", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1064", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1064/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1064/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1064/binderfs") = 0 umount2("./1064/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1064/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1064/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1064/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1064/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1064/file0") = 0 [ 132.366333][ T6092] loop0: detected capacity change from 0 to 4096 [ 132.374747][ T6092] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1064") = 0 mkdir("./1065", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6093 ./strace-static-x86_64: Process 6093 attached [pid 6093] chdir("./1065") = 0 [pid 6093] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6093] setpgid(0, 0) = 0 [pid 6093] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6093] write(3, "1000", 4) = 4 [pid 6093] close(3) = 0 [pid 6093] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6093] memfd_create("syzkaller", 0) = 3 [pid 6093] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6093] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6093] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6093] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6093] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6093] close(3) = 0 [pid 6093] mkdir("./file0", 0777) = 0 [pid 6093] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6093] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6093] chdir("./file0") = 0 [pid 6093] ioctl(4, LOOP_CLR_FD) = 0 [pid 6093] close(4) = 0 [pid 6093] exit_group(0) = ? [pid 6093] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6093, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- umount2("./1065", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1065", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1065/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1065/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1065/binderfs") = 0 umount2("./1065/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1065/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1065/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1065/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1065/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1065/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1065") = 0 [ 132.483920][ T6093] loop0: detected capacity change from 0 to 4096 [ 132.492889][ T6093] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./1066", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6094 ./strace-static-x86_64: Process 6094 attached [pid 6094] chdir("./1066") = 0 [pid 6094] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6094] setpgid(0, 0) = 0 [pid 6094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6094] write(3, "1000", 4) = 4 [pid 6094] close(3) = 0 [pid 6094] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6094] memfd_create("syzkaller", 0) = 3 [pid 6094] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6094] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6094] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6094] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6094] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6094] close(3) = 0 [pid 6094] mkdir("./file0", 0777) = 0 [pid 6094] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6094] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6094] chdir("./file0") = 0 [pid 6094] ioctl(4, LOOP_CLR_FD) = 0 [pid 6094] close(4) = 0 [pid 6094] exit_group(0) = ? [pid 6094] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6094, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1066", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1066", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1066/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1066/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1066/binderfs") = 0 umount2("./1066/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1066/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1066/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1066/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1066/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1066/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1066") = 0 mkdir("./1067", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 132.572355][ T6094] loop0: detected capacity change from 0 to 4096 [ 132.580796][ T6094] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6095 ./strace-static-x86_64: Process 6095 attached [pid 6095] chdir("./1067") = 0 [pid 6095] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6095] setpgid(0, 0) = 0 [pid 6095] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6095] write(3, "1000", 4) = 4 [pid 6095] close(3) = 0 [pid 6095] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6095] memfd_create("syzkaller", 0) = 3 [pid 6095] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6095] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6095] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6095] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6095] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6095] close(3) = 0 [pid 6095] mkdir("./file0", 0777) = 0 [pid 6095] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6095] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6095] chdir("./file0") = 0 [pid 6095] ioctl(4, LOOP_CLR_FD) = 0 [pid 6095] close(4) = 0 [pid 6095] exit_group(0) = ? [pid 6095] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6095, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1067", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1067", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1067/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1067/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1067/binderfs") = 0 umount2("./1067/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1067/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1067/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1067/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1067/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1067/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1067") = 0 mkdir("./1068", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 132.661064][ T6095] loop0: detected capacity change from 0 to 4096 [ 132.669667][ T6095] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6096 ./strace-static-x86_64: Process 6096 attached [pid 6096] chdir("./1068") = 0 [pid 6096] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6096] setpgid(0, 0) = 0 [pid 6096] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6096] write(3, "1000", 4) = 4 [pid 6096] close(3) = 0 [pid 6096] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6096] memfd_create("syzkaller", 0) = 3 [pid 6096] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6096] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6096] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6096] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6096] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6096] close(3) = 0 [pid 6096] mkdir("./file0", 0777) = 0 [pid 6096] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6096] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6096] chdir("./file0") = 0 [pid 6096] ioctl(4, LOOP_CLR_FD) = 0 [pid 6096] close(4) = 0 [pid 6096] exit_group(0) = ? [pid 6096] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6096, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1068", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1068", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1068/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1068/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1068/binderfs") = 0 umount2("./1068/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1068/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1068/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1068/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1068/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1068/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1068") = 0 mkdir("./1069", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6097 ./strace-static-x86_64: Process 6097 attached [pid 6097] chdir("./1069") = 0 [pid 6097] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6097] setpgid(0, 0) = 0 [pid 6097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6097] write(3, "1000", 4) = 4 [pid 6097] close(3) = 0 [pid 6097] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6097] memfd_create("syzkaller", 0) = 3 [pid 6097] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 132.752223][ T6096] loop0: detected capacity change from 0 to 4096 [ 132.761363][ T6096] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6097] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6097] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6097] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6097] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6097] close(3) = 0 [pid 6097] mkdir("./file0", 0777) = 0 [pid 6097] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6097] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6097] chdir("./file0") = 0 [pid 6097] ioctl(4, LOOP_CLR_FD) = 0 [pid 6097] close(4) = 0 [pid 6097] exit_group(0) = ? [pid 6097] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6097, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1069", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1069", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1069/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1069/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1069/binderfs") = 0 umount2("./1069/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1069/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1069/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1069/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1069/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1069/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1069") = 0 mkdir("./1070", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6098 ./strace-static-x86_64: Process 6098 attached [ 132.836043][ T6097] loop0: detected capacity change from 0 to 4096 [ 132.844834][ T6097] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6098] chdir("./1070") = 0 [pid 6098] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6098] setpgid(0, 0) = 0 [pid 6098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6098] write(3, "1000", 4) = 4 [pid 6098] close(3) = 0 [pid 6098] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6098] memfd_create("syzkaller", 0) = 3 [pid 6098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6098] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6098] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6098] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6098] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6098] close(3) = 0 [pid 6098] mkdir("./file0", 0777) = 0 [pid 6098] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6098] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6098] chdir("./file0") = 0 [pid 6098] ioctl(4, LOOP_CLR_FD) = 0 [pid 6098] close(4) = 0 [pid 6098] exit_group(0) = ? [pid 6098] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6098, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1070", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1070", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1070/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1070/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1070/binderfs") = 0 umount2("./1070/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1070/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1070/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1070/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1070/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1070/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1070") = 0 mkdir("./1071", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6099 ./strace-static-x86_64: Process 6099 attached [pid 6099] chdir("./1071") = 0 [pid 6099] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6099] setpgid(0, 0) = 0 [pid 6099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6099] write(3, "1000", 4) = 4 [pid 6099] close(3) = 0 [pid 6099] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6099] memfd_create("syzkaller", 0) = 3 [pid 6099] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 132.923646][ T6098] loop0: detected capacity change from 0 to 4096 [ 132.932059][ T6098] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6099] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6099] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6099] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6099] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6099] close(3) = 0 [pid 6099] mkdir("./file0", 0777) = 0 [pid 6099] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6099] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6099] chdir("./file0") = 0 [pid 6099] ioctl(4, LOOP_CLR_FD) = 0 [pid 6099] close(4) = 0 [pid 6099] exit_group(0) = ? [pid 6099] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6099, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1071", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1071", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1071/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1071/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1071/binderfs") = 0 umount2("./1071/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1071/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1071/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1071/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1071/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1071/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1071") = 0 mkdir("./1072", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6100 ./strace-static-x86_64: Process 6100 attached [pid 6100] chdir("./1072") = 0 [pid 6100] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6100] setpgid(0, 0) = 0 [pid 6100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6100] write(3, "1000", 4) = 4 [pid 6100] close(3) = 0 [pid 6100] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6100] memfd_create("syzkaller", 0) = 3 [pid 6100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 132.998943][ T6099] loop0: detected capacity change from 0 to 4096 [ 133.006929][ T6099] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6100] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6100] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6100] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6100] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6100] close(3) = 0 [pid 6100] mkdir("./file0", 0777) = 0 [pid 6100] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6100] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6100] chdir("./file0") = 0 [pid 6100] ioctl(4, LOOP_CLR_FD) = 0 [pid 6100] close(4) = 0 [pid 6100] exit_group(0) = ? [pid 6100] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6100, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1072", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1072", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1072/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1072/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1072/binderfs") = 0 umount2("./1072/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1072/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1072/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1072/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1072/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1072/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1072") = 0 mkdir("./1073", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6101 ./strace-static-x86_64: Process 6101 attached [pid 6101] chdir("./1073") = 0 [pid 6101] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6101] setpgid(0, 0) = 0 [ 133.073088][ T6100] loop0: detected capacity change from 0 to 4096 [ 133.082503][ T6100] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6101] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6101] write(3, "1000", 4) = 4 [pid 6101] close(3) = 0 [pid 6101] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6101] memfd_create("syzkaller", 0) = 3 [pid 6101] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6101] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6101] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6101] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6101] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6101] close(3) = 0 [pid 6101] mkdir("./file0", 0777) = 0 [pid 6101] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6101] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6101] chdir("./file0") = 0 [pid 6101] ioctl(4, LOOP_CLR_FD) = 0 [pid 6101] close(4) = 0 [pid 6101] exit_group(0) = ? [pid 6101] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6101, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1073", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1073", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1073/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1073/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1073/binderfs") = 0 umount2("./1073/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1073/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1073/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1073/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1073/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1073/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1073") = 0 mkdir("./1074", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6102 ./strace-static-x86_64: Process 6102 attached [pid 6102] chdir("./1074") = 0 [pid 6102] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6102] setpgid(0, 0) = 0 [pid 6102] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6102] write(3, "1000", 4) = 4 [pid 6102] close(3) = 0 [pid 6102] symlink("/dev/binderfs", "./binderfs") = 0 [ 133.155322][ T6101] loop0: detected capacity change from 0 to 4096 [ 133.163600][ T6101] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6102] memfd_create("syzkaller", 0) = 3 [pid 6102] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6102] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6102] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6102] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6102] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6102] close(3) = 0 [pid 6102] mkdir("./file0", 0777) = 0 [pid 6102] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6102] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6102] chdir("./file0") = 0 [pid 6102] ioctl(4, LOOP_CLR_FD) = 0 [pid 6102] close(4) = 0 [pid 6102] exit_group(0) = ? [pid 6102] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6102, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1074", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1074", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1074/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1074/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1074/binderfs") = 0 umount2("./1074/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1074/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1074/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1074/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1074/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1074/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1074") = 0 mkdir("./1075", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 133.235547][ T6102] loop0: detected capacity change from 0 to 4096 [ 133.243976][ T6102] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6103 attached , child_tidptr=0x5555568435d0) = 6103 [pid 6103] chdir("./1075") = 0 [pid 6103] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6103] setpgid(0, 0) = 0 [pid 6103] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6103] write(3, "1000", 4) = 4 [pid 6103] close(3) = 0 [pid 6103] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6103] memfd_create("syzkaller", 0) = 3 [pid 6103] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6103] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6103] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6103] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6103] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6103] close(3) = 0 [pid 6103] mkdir("./file0", 0777) = 0 [pid 6103] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6103] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6103] chdir("./file0") = 0 [pid 6103] ioctl(4, LOOP_CLR_FD) = 0 [pid 6103] close(4) = 0 [pid 6103] exit_group(0) = ? [pid 6103] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6103, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1075", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1075", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1075/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1075/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1075/binderfs") = 0 umount2("./1075/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1075/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1075/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1075/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1075/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1075/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1075") = 0 mkdir("./1076", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6104 ./strace-static-x86_64: Process 6104 attached [ 133.323950][ T6103] loop0: detected capacity change from 0 to 4096 [ 133.332548][ T6103] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6104] chdir("./1076") = 0 [pid 6104] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6104] setpgid(0, 0) = 0 [pid 6104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6104] write(3, "1000", 4) = 4 [pid 6104] close(3) = 0 [pid 6104] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6104] memfd_create("syzkaller", 0) = 3 [pid 6104] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6104] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6104] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6104] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6104] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6104] close(3) = 0 [pid 6104] mkdir("./file0", 0777) = 0 [pid 6104] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6104] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6104] chdir("./file0") = 0 [pid 6104] ioctl(4, LOOP_CLR_FD) = 0 [pid 6104] close(4) = 0 [pid 6104] exit_group(0) = ? [pid 6104] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6104, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1076", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1076", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1076/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1076/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1076/binderfs") = 0 umount2("./1076/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1076/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1076/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1076/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1076/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1076/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1076") = 0 mkdir("./1077", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6105 ./strace-static-x86_64: Process 6105 attached [pid 6105] chdir("./1077") = 0 [pid 6105] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6105] setpgid(0, 0) = 0 [pid 6105] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6105] write(3, "1000", 4) = 4 [pid 6105] close(3) = 0 [pid 6105] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6105] memfd_create("syzkaller", 0) = 3 [pid 6105] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 133.411305][ T6104] loop0: detected capacity change from 0 to 4096 [ 133.420079][ T6104] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6105] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6105] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6105] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6105] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6105] close(3) = 0 [pid 6105] mkdir("./file0", 0777) = 0 [pid 6105] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6105] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6105] chdir("./file0") = 0 [pid 6105] ioctl(4, LOOP_CLR_FD) = 0 [pid 6105] close(4) = 0 [pid 6105] exit_group(0) = ? [pid 6105] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6105, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1077", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1077", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1077/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1077/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1077/binderfs") = 0 umount2("./1077/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1077/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1077/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1077/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1077/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1077/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1077") = 0 mkdir("./1078", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6106 ./strace-static-x86_64: Process 6106 attached [pid 6106] chdir("./1078") = 0 [pid 6106] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6106] setpgid(0, 0) = 0 [pid 6106] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6106] write(3, "1000", 4) = 4 [pid 6106] close(3) = 0 [pid 6106] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6106] memfd_create("syzkaller", 0) = 3 [ 133.489688][ T6105] loop0: detected capacity change from 0 to 4096 [ 133.498421][ T6105] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6106] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6106] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6106] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6106] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6106] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6106] close(3) = 0 [pid 6106] mkdir("./file0", 0777) = 0 [pid 6106] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6106] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6106] chdir("./file0") = 0 [pid 6106] ioctl(4, LOOP_CLR_FD) = 0 [pid 6106] close(4) = 0 [pid 6106] exit_group(0) = ? [pid 6106] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6106, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1078", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1078", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1078/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1078/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1078/binderfs") = 0 umount2("./1078/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1078/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1078/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1078/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1078/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1078/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1078") = 0 mkdir("./1079", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6107 ./strace-static-x86_64: Process 6107 attached [pid 6107] chdir("./1079") = 0 [ 133.574874][ T6106] loop0: detected capacity change from 0 to 4096 [ 133.583425][ T6106] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6107] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6107] setpgid(0, 0) = 0 [pid 6107] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6107] write(3, "1000", 4) = 4 [pid 6107] close(3) = 0 [pid 6107] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6107] memfd_create("syzkaller", 0) = 3 [pid 6107] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6107] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6107] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6107] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6107] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6107] close(3) = 0 [pid 6107] mkdir("./file0", 0777) = 0 [pid 6107] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6107] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6107] chdir("./file0") = 0 [pid 6107] ioctl(4, LOOP_CLR_FD) = 0 [pid 6107] close(4) = 0 [pid 6107] exit_group(0) = ? [pid 6107] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6107, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1079", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1079", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1079/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1079/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1079/binderfs") = 0 umount2("./1079/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1079/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1079/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1079/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1079/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1079/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1079") = 0 mkdir("./1080", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6108 ./strace-static-x86_64: Process 6108 attached [pid 6108] chdir("./1080") = 0 [pid 6108] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6108] setpgid(0, 0) = 0 [pid 6108] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6108] write(3, "1000", 4) = 4 [pid 6108] close(3) = 0 [pid 6108] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6108] memfd_create("syzkaller", 0) = 3 [ 133.659127][ T6107] loop0: detected capacity change from 0 to 4096 [ 133.668005][ T6107] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6108] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6108] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6108] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6108] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6108] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6108] close(3) = 0 [pid 6108] mkdir("./file0", 0777) = 0 [pid 6108] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6108] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6108] chdir("./file0") = 0 [pid 6108] ioctl(4, LOOP_CLR_FD) = 0 [pid 6108] close(4) = 0 [pid 6108] exit_group(0) = ? [pid 6108] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6108, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1080", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1080", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1080/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1080/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1080/binderfs") = 0 umount2("./1080/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1080/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1080/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1080/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1080/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1080/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1080") = 0 mkdir("./1081", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 133.737711][ T6108] loop0: detected capacity change from 0 to 4096 [ 133.746261][ T6108] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6109 attached , child_tidptr=0x5555568435d0) = 6109 [pid 6109] chdir("./1081") = 0 [pid 6109] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6109] setpgid(0, 0) = 0 [pid 6109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6109] write(3, "1000", 4) = 4 [pid 6109] close(3) = 0 [pid 6109] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6109] memfd_create("syzkaller", 0) = 3 [pid 6109] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6109] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6109] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6109] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6109] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6109] close(3) = 0 [pid 6109] mkdir("./file0", 0777) = 0 [pid 6109] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6109] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6109] chdir("./file0") = 0 [pid 6109] ioctl(4, LOOP_CLR_FD) = 0 [pid 6109] close(4) = 0 [pid 6109] exit_group(0) = ? [pid 6109] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6109, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1081", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1081", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1081/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1081/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1081/binderfs") = 0 umount2("./1081/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1081/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1081/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1081/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1081/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1081/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1081") = 0 mkdir("./1082", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 133.825152][ T6109] loop0: detected capacity change from 0 to 4096 [ 133.833769][ T6109] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6110 attached , child_tidptr=0x5555568435d0) = 6110 [pid 6110] chdir("./1082") = 0 [pid 6110] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6110] setpgid(0, 0) = 0 [pid 6110] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6110] write(3, "1000", 4) = 4 [pid 6110] close(3) = 0 [pid 6110] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6110] memfd_create("syzkaller", 0) = 3 [pid 6110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6110] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6110] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6110] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6110] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6110] close(3) = 0 [pid 6110] mkdir("./file0", 0777) = 0 [pid 6110] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6110] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6110] chdir("./file0") = 0 [pid 6110] ioctl(4, LOOP_CLR_FD) = 0 [pid 6110] close(4) = 0 [pid 6110] exit_group(0) = ? [pid 6110] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6110, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1082", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1082", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1082/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1082/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1082/binderfs") = 0 umount2("./1082/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1082/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1082/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1082/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1082/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1082/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1082") = 0 mkdir("./1083", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6111 ./strace-static-x86_64: Process 6111 attached [pid 6111] chdir("./1083") = 0 [pid 6111] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6111] setpgid(0, 0) = 0 [pid 6111] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6111] write(3, "1000", 4) = 4 [pid 6111] close(3) = 0 [pid 6111] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6111] memfd_create("syzkaller", 0) = 3 [pid 6111] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 133.912385][ T6110] loop0: detected capacity change from 0 to 4096 [ 133.920878][ T6110] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6111] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6111] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6111] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6111] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6111] close(3) = 0 [pid 6111] mkdir("./file0", 0777) = 0 [pid 6111] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6111] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6111] chdir("./file0") = 0 [pid 6111] ioctl(4, LOOP_CLR_FD) = 0 [pid 6111] close(4) = 0 [pid 6111] exit_group(0) = ? [pid 6111] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6111, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1083", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1083", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1083/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1083/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1083/binderfs") = 0 umount2("./1083/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1083/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1083/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1083/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1083/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1083/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1083") = 0 mkdir("./1084", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6112 ./strace-static-x86_64: Process 6112 attached [pid 6112] chdir("./1084") = 0 [pid 6112] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6112] setpgid(0, 0) = 0 [pid 6112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6112] write(3, "1000", 4) = 4 [pid 6112] close(3) = 0 [pid 6112] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6112] memfd_create("syzkaller", 0) = 3 [pid 6112] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 133.990801][ T6111] loop0: detected capacity change from 0 to 4096 [ 133.999038][ T6111] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6112] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6112] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6112] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6112] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6112] close(3) = 0 [pid 6112] mkdir("./file0", 0777) = 0 [pid 6112] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6112] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6112] chdir("./file0") = 0 [pid 6112] ioctl(4, LOOP_CLR_FD) = 0 [pid 6112] close(4) = 0 [pid 6112] exit_group(0) = ? [pid 6112] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6112, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1084", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1084", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1084/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1084/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1084/binderfs") = 0 umount2("./1084/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1084/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1084/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1084/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1084/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1084/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1084") = 0 mkdir("./1085", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6113 ./strace-static-x86_64: Process 6113 attached [pid 6113] chdir("./1085") = 0 [pid 6113] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6113] setpgid(0, 0) = 0 [pid 6113] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6113] write(3, "1000", 4) = 4 [pid 6113] close(3) = 0 [pid 6113] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6113] memfd_create("syzkaller", 0) = 3 [pid 6113] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 134.070768][ T6112] loop0: detected capacity change from 0 to 4096 [ 134.079405][ T6112] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6113] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6113] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6113] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6113] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6113] close(3) = 0 [pid 6113] mkdir("./file0", 0777) = 0 [pid 6113] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6113] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6113] chdir("./file0") = 0 [pid 6113] ioctl(4, LOOP_CLR_FD) = 0 [pid 6113] close(4) = 0 [pid 6113] exit_group(0) = ? [pid 6113] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6113, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- umount2("./1085", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1085", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1085/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1085/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1085/binderfs") = 0 umount2("./1085/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1085/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1085/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1085/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1085/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1085/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1085") = 0 mkdir("./1086", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6114 attached , child_tidptr=0x5555568435d0) = 6114 [pid 6114] chdir("./1086") = 0 [pid 6114] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6114] setpgid(0, 0) = 0 [pid 6114] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6114] write(3, "1000", 4) = 4 [pid 6114] close(3) = 0 [pid 6114] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6114] memfd_create("syzkaller", 0) = 3 [ 134.151902][ T6113] loop0: detected capacity change from 0 to 4096 [ 134.160595][ T6113] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6114] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6114] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6114] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6114] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6114] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6114] close(3) = 0 [pid 6114] mkdir("./file0", 0777) = 0 [pid 6114] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6114] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6114] chdir("./file0") = 0 [pid 6114] ioctl(4, LOOP_CLR_FD) = 0 [pid 6114] close(4) = 0 [pid 6114] exit_group(0) = ? [pid 6114] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6114, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1086", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1086", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1086/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1086/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1086/binderfs") = 0 umount2("./1086/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1086/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1086/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1086/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1086/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1086/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1086") = 0 mkdir("./1087", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6115 ./strace-static-x86_64: Process 6115 attached [pid 6115] chdir("./1087") = 0 [pid 6115] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6115] setpgid(0, 0) = 0 [pid 6115] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6115] write(3, "1000", 4) = 4 [pid 6115] close(3) = 0 [pid 6115] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6115] memfd_create("syzkaller", 0) = 3 [pid 6115] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 134.232280][ T6114] loop0: detected capacity change from 0 to 4096 [ 134.241250][ T6114] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6115] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6115] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6115] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6115] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6115] close(3) = 0 [pid 6115] mkdir("./file0", 0777) = 0 [pid 6115] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6115] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6115] chdir("./file0") = 0 [pid 6115] ioctl(4, LOOP_CLR_FD) = 0 [pid 6115] close(4) = 0 [pid 6115] exit_group(0) = ? [pid 6115] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6115, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1087", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1087", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1087/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1087/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1087/binderfs") = 0 umount2("./1087/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1087/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1087/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1087/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1087/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1087/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1087") = 0 mkdir("./1088", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6116 ./strace-static-x86_64: Process 6116 attached [pid 6116] chdir("./1088") = 0 [pid 6116] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6116] setpgid(0, 0) = 0 [pid 6116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6116] write(3, "1000", 4) = 4 [pid 6116] close(3) = 0 [pid 6116] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6116] memfd_create("syzkaller", 0) = 3 [pid 6116] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 134.310072][ T6115] loop0: detected capacity change from 0 to 4096 [ 134.318382][ T6115] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6116] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6116] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6116] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6116] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6116] close(3) = 0 [pid 6116] mkdir("./file0", 0777) = 0 [pid 6116] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6116] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6116] chdir("./file0") = 0 [pid 6116] ioctl(4, LOOP_CLR_FD) = 0 [pid 6116] close(4) = 0 [pid 6116] exit_group(0) = ? [pid 6116] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6116, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1088", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1088", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1088/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1088/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1088/binderfs") = 0 umount2("./1088/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1088/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1088/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1088/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1088/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1088/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1088") = 0 mkdir("./1089", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 134.390117][ T6116] loop0: detected capacity change from 0 to 4096 [ 134.398293][ T6116] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6117 ./strace-static-x86_64: Process 6117 attached [pid 6117] chdir("./1089") = 0 [pid 6117] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6117] setpgid(0, 0) = 0 [pid 6117] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6117] write(3, "1000", 4) = 4 [pid 6117] close(3) = 0 [pid 6117] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6117] memfd_create("syzkaller", 0) = 3 [pid 6117] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6117] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6117] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6117] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6117] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6117] close(3) = 0 [pid 6117] mkdir("./file0", 0777) = 0 [pid 6117] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6117] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6117] chdir("./file0") = 0 [pid 6117] ioctl(4, LOOP_CLR_FD) = 0 [pid 6117] close(4) = 0 [pid 6117] exit_group(0) = ? [pid 6117] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6117, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1089", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1089", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1089/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1089/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1089/binderfs") = 0 umount2("./1089/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1089/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1089/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1089/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1089/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1089/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1089") = 0 mkdir("./1090", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6118 attached , child_tidptr=0x5555568435d0) = 6118 [pid 6118] chdir("./1090") = 0 [pid 6118] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6118] setpgid(0, 0) = 0 [pid 6118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6118] write(3, "1000", 4) = 4 [pid 6118] close(3) = 0 [pid 6118] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6118] memfd_create("syzkaller", 0) = 3 [pid 6118] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 134.480797][ T6117] loop0: detected capacity change from 0 to 4096 [ 134.489602][ T6117] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6118] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6118] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6118] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6118] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6118] close(3) = 0 [pid 6118] mkdir("./file0", 0777) = 0 [pid 6118] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6118] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6118] chdir("./file0") = 0 [pid 6118] ioctl(4, LOOP_CLR_FD) = 0 [pid 6118] close(4) = 0 [pid 6118] exit_group(0) = ? [pid 6118] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6118, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1090", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1090", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1090/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1090/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1090/binderfs") = 0 umount2("./1090/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1090/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1090/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1090/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1090/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1090/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1090") = 0 mkdir("./1091", 0777) = 0 [ 134.562120][ T6118] loop0: detected capacity change from 0 to 4096 [ 134.570191][ T6118] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6119 attached , child_tidptr=0x5555568435d0) = 6119 [pid 6119] chdir("./1091") = 0 [pid 6119] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6119] setpgid(0, 0) = 0 [pid 6119] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6119] write(3, "1000", 4) = 4 [pid 6119] close(3) = 0 [pid 6119] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6119] memfd_create("syzkaller", 0) = 3 [pid 6119] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6119] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6119] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6119] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6119] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6119] close(3) = 0 [pid 6119] mkdir("./file0", 0777) = 0 [pid 6119] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6119] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6119] chdir("./file0") = 0 [pid 6119] ioctl(4, LOOP_CLR_FD) = 0 [pid 6119] close(4) = 0 [pid 6119] exit_group(0) = ? [pid 6119] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6119, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1091", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1091", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1091/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1091/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1091/binderfs") = 0 umount2("./1091/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1091/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1091/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1091/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1091/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1091/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1091") = 0 mkdir("./1092", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6120 ./strace-static-x86_64: Process 6120 attached [pid 6120] chdir("./1092") = 0 [pid 6120] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6120] setpgid(0, 0) = 0 [pid 6120] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6120] write(3, "1000", 4) = 4 [pid 6120] close(3) = 0 [pid 6120] symlink("/dev/binderfs", "./binderfs") = 0 [ 134.655371][ T6119] loop0: detected capacity change from 0 to 4096 [ 134.663554][ T6119] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6120] memfd_create("syzkaller", 0) = 3 [pid 6120] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6120] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6120] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6120] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6120] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6120] close(3) = 0 [pid 6120] mkdir("./file0", 0777) = 0 [pid 6120] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6120] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6120] chdir("./file0") = 0 [pid 6120] ioctl(4, LOOP_CLR_FD) = 0 [pid 6120] close(4) = 0 [pid 6120] exit_group(0) = ? [pid 6120] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6120, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1092", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1092", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1092/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1092/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1092/binderfs") = 0 umount2("./1092/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1092/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1092/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1092/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1092/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1092/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1092") = 0 mkdir("./1093", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6121 attached , child_tidptr=0x5555568435d0) = 6121 [pid 6121] chdir("./1093") = 0 [pid 6121] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6121] setpgid(0, 0) = 0 [pid 6121] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6121] write(3, "1000", 4) = 4 [pid 6121] close(3) = 0 [pid 6121] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6121] memfd_create("syzkaller", 0) = 3 [pid 6121] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 134.734784][ T6120] loop0: detected capacity change from 0 to 4096 [ 134.743228][ T6120] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6121] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6121] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6121] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6121] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6121] close(3) = 0 [pid 6121] mkdir("./file0", 0777) = 0 [pid 6121] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6121] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6121] chdir("./file0") = 0 [pid 6121] ioctl(4, LOOP_CLR_FD) = 0 [pid 6121] close(4) = 0 [pid 6121] exit_group(0) = ? [pid 6121] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6121, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1093", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1093", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1093/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1093/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1093/binderfs") = 0 umount2("./1093/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1093/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1093/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1093/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1093/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1093/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1093") = 0 mkdir("./1094", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6122 ./strace-static-x86_64: Process 6122 attached [pid 6122] chdir("./1094") = 0 [pid 6122] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6122] setpgid(0, 0) = 0 [pid 6122] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6122] write(3, "1000", 4) = 4 [pid 6122] close(3) = 0 [ 134.813167][ T6121] loop0: detected capacity change from 0 to 4096 [ 134.821889][ T6121] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6122] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6122] memfd_create("syzkaller", 0) = 3 [pid 6122] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6122] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6122] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6122] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6122] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6122] close(3) = 0 [pid 6122] mkdir("./file0", 0777) = 0 [pid 6122] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6122] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6122] chdir("./file0") = 0 [pid 6122] ioctl(4, LOOP_CLR_FD) = 0 [pid 6122] close(4) = 0 [pid 6122] exit_group(0) = ? [pid 6122] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6122, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1094", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1094", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1094/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1094/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1094/binderfs") = 0 umount2("./1094/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1094/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1094/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1094/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1094/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1094/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1094") = 0 mkdir("./1095", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6123 ./strace-static-x86_64: Process 6123 attached [pid 6123] chdir("./1095") = 0 [pid 6123] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6123] setpgid(0, 0) = 0 [ 134.897622][ T6122] loop0: detected capacity change from 0 to 4096 [ 134.906718][ T6122] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6123] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6123] write(3, "1000", 4) = 4 [pid 6123] close(3) = 0 [pid 6123] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6123] memfd_create("syzkaller", 0) = 3 [pid 6123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6123] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6123] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6123] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6123] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6123] close(3) = 0 [pid 6123] mkdir("./file0", 0777) = 0 [pid 6123] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6123] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6123] chdir("./file0") = 0 [pid 6123] ioctl(4, LOOP_CLR_FD) = 0 [pid 6123] close(4) = 0 [pid 6123] exit_group(0) = ? [pid 6123] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6123, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1095", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1095", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1095/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1095/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1095/binderfs") = 0 umount2("./1095/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1095/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1095/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1095/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1095/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1095/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1095") = 0 mkdir("./1096", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 134.979341][ T6123] loop0: detected capacity change from 0 to 4096 [ 134.987345][ T6123] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6124 ./strace-static-x86_64: Process 6124 attached [pid 6124] chdir("./1096") = 0 [pid 6124] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6124] setpgid(0, 0) = 0 [pid 6124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6124] write(3, "1000", 4) = 4 [pid 6124] close(3) = 0 [pid 6124] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6124] memfd_create("syzkaller", 0) = 3 [pid 6124] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6124] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6124] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6124] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6124] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6124] close(3) = 0 [pid 6124] mkdir("./file0", 0777) = 0 [pid 6124] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6124] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6124] chdir("./file0") = 0 [pid 6124] ioctl(4, LOOP_CLR_FD) = 0 [pid 6124] close(4) = 0 [pid 6124] exit_group(0) = ? [pid 6124] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6124, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- umount2("./1096", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1096", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1096/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1096/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1096/binderfs") = 0 umount2("./1096/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1096/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1096/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1096/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1096/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1096/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1096") = 0 mkdir("./1097", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 135.068989][ T6124] loop0: detected capacity change from 0 to 4096 [ 135.077276][ T6124] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6125 attached [pid 6125] chdir("./1097") = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 6125 [pid 6125] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6125] setpgid(0, 0) = 0 [pid 6125] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6125] write(3, "1000", 4) = 4 [pid 6125] close(3) = 0 [pid 6125] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6125] memfd_create("syzkaller", 0) = 3 [pid 6125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6125] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6125] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6125] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6125] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6125] close(3) = 0 [pid 6125] mkdir("./file0", 0777) = 0 [pid 6125] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6125] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6125] chdir("./file0") = 0 [pid 6125] ioctl(4, LOOP_CLR_FD) = 0 [pid 6125] close(4) = 0 [pid 6125] exit_group(0) = ? [pid 6125] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6125, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1097", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1097", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1097/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1097/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1097/binderfs") = 0 umount2("./1097/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1097/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1097/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1097/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1097/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1097/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1097") = 0 mkdir("./1098", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 135.154314][ T6125] loop0: detected capacity change from 0 to 4096 [ 135.162593][ T6125] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6126 ./strace-static-x86_64: Process 6126 attached [pid 6126] chdir("./1098") = 0 [pid 6126] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6126] setpgid(0, 0) = 0 [pid 6126] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6126] write(3, "1000", 4) = 4 [pid 6126] close(3) = 0 [pid 6126] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6126] memfd_create("syzkaller", 0) = 3 [pid 6126] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6126] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6126] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6126] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6126] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6126] close(3) = 0 [pid 6126] mkdir("./file0", 0777) = 0 [pid 6126] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6126] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6126] chdir("./file0") = 0 [pid 6126] ioctl(4, LOOP_CLR_FD) = 0 [pid 6126] close(4) = 0 [pid 6126] exit_group(0) = ? [pid 6126] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6126, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1098", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1098", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1098/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1098/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1098/binderfs") = 0 umount2("./1098/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1098/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1098/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1098/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1098/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1098/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1098") = 0 mkdir("./1099", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6127 ./strace-static-x86_64: Process 6127 attached [pid 6127] chdir("./1099") = 0 [pid 6127] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6127] setpgid(0, 0) = 0 [pid 6127] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6127] write(3, "1000", 4) = 4 [pid 6127] close(3) = 0 [ 135.243530][ T6126] loop0: detected capacity change from 0 to 4096 [ 135.252122][ T6126] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6127] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6127] memfd_create("syzkaller", 0) = 3 [pid 6127] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6127] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6127] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6127] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6127] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6127] close(3) = 0 [pid 6127] mkdir("./file0", 0777) = 0 [pid 6127] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6127] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6127] chdir("./file0") = 0 [pid 6127] ioctl(4, LOOP_CLR_FD) = 0 [pid 6127] close(4) = 0 [pid 6127] exit_group(0) = ? [pid 6127] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6127, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1099", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1099", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1099/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1099/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1099/binderfs") = 0 umount2("./1099/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1099/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1099/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1099/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1099/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1099/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1099") = 0 mkdir("./1100", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6128 ./strace-static-x86_64: Process 6128 attached [pid 6128] chdir("./1100") = 0 [pid 6128] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6128] setpgid(0, 0) = 0 [pid 6128] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6128] write(3, "1000", 4) = 4 [pid 6128] close(3) = 0 [pid 6128] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6128] memfd_create("syzkaller", 0) = 3 [pid 6128] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 135.324312][ T6127] loop0: detected capacity change from 0 to 4096 [ 135.333338][ T6127] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6128] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6128] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6128] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6128] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6128] close(3) = 0 [pid 6128] mkdir("./file0", 0777) = 0 [pid 6128] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6128] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6128] chdir("./file0") = 0 [pid 6128] ioctl(4, LOOP_CLR_FD) = 0 [pid 6128] close(4) = 0 [pid 6128] exit_group(0) = ? [pid 6128] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6128, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1100", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1100/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1100/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1100/binderfs") = 0 umount2("./1100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1100/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1100/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1100") = 0 mkdir("./1101", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6129 ./strace-static-x86_64: Process 6129 attached [pid 6129] chdir("./1101") = 0 [pid 6129] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6129] setpgid(0, 0) = 0 [pid 6129] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6129] write(3, "1000", 4) = 4 [pid 6129] close(3) = 0 [pid 6129] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6129] memfd_create("syzkaller", 0) = 3 [pid 6129] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 135.402444][ T6128] loop0: detected capacity change from 0 to 4096 [ 135.410734][ T6128] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6129] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6129] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6129] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6129] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6129] close(3) = 0 [pid 6129] mkdir("./file0", 0777) = 0 [pid 6129] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6129] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6129] chdir("./file0") = 0 [pid 6129] ioctl(4, LOOP_CLR_FD) = 0 [pid 6129] close(4) = 0 [pid 6129] exit_group(0) = ? [pid 6129] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6129, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1101", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1101/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1101/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1101/binderfs") = 0 umount2("./1101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1101/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1101/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1101") = 0 mkdir("./1102", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6130 ./strace-static-x86_64: Process 6130 attached [pid 6130] chdir("./1102") = 0 [pid 6130] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6130] setpgid(0, 0) = 0 [pid 6130] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6130] write(3, "1000", 4) = 4 [pid 6130] close(3) = 0 [pid 6130] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6130] memfd_create("syzkaller", 0) = 3 [pid 6130] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 135.478503][ T6129] loop0: detected capacity change from 0 to 4096 [ 135.486817][ T6129] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6130] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6130] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6130] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6130] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6130] close(3) = 0 [pid 6130] mkdir("./file0", 0777) = 0 [pid 6130] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6130] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6130] chdir("./file0") = 0 [pid 6130] ioctl(4, LOOP_CLR_FD) = 0 [pid 6130] close(4) = 0 [pid 6130] exit_group(0) = ? [pid 6130] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6130, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- umount2("./1102", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1102/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1102/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1102/binderfs") = 0 umount2("./1102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1102/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1102/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1102") = 0 mkdir("./1103", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6131 ./strace-static-x86_64: Process 6131 attached [pid 6131] chdir("./1103") = 0 [pid 6131] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6131] setpgid(0, 0) = 0 [pid 6131] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6131] write(3, "1000", 4) = 4 [pid 6131] close(3) = 0 [pid 6131] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6131] memfd_create("syzkaller", 0) = 3 [pid 6131] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 135.555664][ T6130] loop0: detected capacity change from 0 to 4096 [ 135.563741][ T6130] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6131] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6131] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6131] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6131] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6131] close(3) = 0 [pid 6131] mkdir("./file0", 0777) = 0 [pid 6131] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6131] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6131] chdir("./file0") = 0 [pid 6131] ioctl(4, LOOP_CLR_FD) = 0 [pid 6131] close(4) = 0 [pid 6131] exit_group(0) = ? [pid 6131] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6131, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1103", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1103/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1103/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1103/binderfs") = 0 umount2("./1103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1103/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1103/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1103") = 0 mkdir("./1104", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6132 attached , child_tidptr=0x5555568435d0) = 6132 [pid 6132] chdir("./1104") = 0 [pid 6132] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6132] setpgid(0, 0) = 0 [pid 6132] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6132] write(3, "1000", 4) = 4 [pid 6132] close(3) = 0 [pid 6132] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6132] memfd_create("syzkaller", 0) = 3 [pid 6132] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 135.638329][ T6131] loop0: detected capacity change from 0 to 4096 [ 135.646725][ T6131] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6132] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6132] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6132] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6132] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6132] close(3) = 0 [pid 6132] mkdir("./file0", 0777) = 0 [pid 6132] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6132] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6132] chdir("./file0") = 0 [pid 6132] ioctl(4, LOOP_CLR_FD) = 0 [pid 6132] close(4) = 0 [pid 6132] exit_group(0) = ? [pid 6132] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6132, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1104", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1104/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1104/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1104/binderfs") = 0 umount2("./1104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1104/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1104/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1104") = 0 mkdir("./1105", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 135.719811][ T6132] loop0: detected capacity change from 0 to 4096 [ 135.728057][ T6132] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6133 ./strace-static-x86_64: Process 6133 attached [pid 6133] chdir("./1105") = 0 [pid 6133] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6133] setpgid(0, 0) = 0 [pid 6133] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6133] write(3, "1000", 4) = 4 [pid 6133] close(3) = 0 [pid 6133] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6133] memfd_create("syzkaller", 0) = 3 [pid 6133] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6133] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6133] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6133] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6133] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6133] close(3) = 0 [pid 6133] mkdir("./file0", 0777) = 0 [pid 6133] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6133] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6133] chdir("./file0") = 0 [pid 6133] ioctl(4, LOOP_CLR_FD) = 0 [pid 6133] close(4) = 0 [pid 6133] exit_group(0) = ? [pid 6133] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6133, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1105", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1105/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1105/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1105/binderfs") = 0 umount2("./1105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1105/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1105/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1105") = 0 mkdir("./1106", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6134 ./strace-static-x86_64: Process 6134 attached [pid 6134] chdir("./1106") = 0 [pid 6134] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6134] setpgid(0, 0) = 0 [pid 6134] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6134] write(3, "1000", 4) = 4 [ 135.808435][ T6133] loop0: detected capacity change from 0 to 4096 [ 135.816717][ T6133] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6134] close(3) = 0 [pid 6134] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6134] memfd_create("syzkaller", 0) = 3 [pid 6134] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6134] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6134] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6134] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6134] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6134] close(3) = 0 [pid 6134] mkdir("./file0", 0777) = 0 [pid 6134] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6134] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6134] chdir("./file0") = 0 [pid 6134] ioctl(4, LOOP_CLR_FD) = 0 [pid 6134] close(4) = 0 [pid 6134] exit_group(0) = ? [pid 6134] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6134, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1106", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1106/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1106/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1106/binderfs") = 0 umount2("./1106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1106/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1106/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1106") = 0 mkdir("./1107", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6135 ./strace-static-x86_64: Process 6135 attached [pid 6135] chdir("./1107") = 0 [ 135.890870][ T6134] loop0: detected capacity change from 0 to 4096 [ 135.899365][ T6134] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6135] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6135] setpgid(0, 0) = 0 [pid 6135] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6135] write(3, "1000", 4) = 4 [pid 6135] close(3) = 0 [pid 6135] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6135] memfd_create("syzkaller", 0) = 3 [pid 6135] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6135] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6135] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6135] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6135] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6135] close(3) = 0 [pid 6135] mkdir("./file0", 0777) = 0 [pid 6135] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6135] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6135] chdir("./file0") = 0 [pid 6135] ioctl(4, LOOP_CLR_FD) = 0 [pid 6135] close(4) = 0 [pid 6135] exit_group(0) = ? [pid 6135] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6135, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1107", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1107/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1107/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1107/binderfs") = 0 umount2("./1107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1107/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1107/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1107") = 0 mkdir("./1108", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6136 ./strace-static-x86_64: Process 6136 attached [pid 6136] chdir("./1108") = 0 [pid 6136] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 135.990865][ T6135] loop0: detected capacity change from 0 to 4096 [ 135.999218][ T6135] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6136] setpgid(0, 0) = 0 [pid 6136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6136] write(3, "1000", 4) = 4 [pid 6136] close(3) = 0 [pid 6136] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6136] memfd_create("syzkaller", 0) = 3 [pid 6136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6136] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6136] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6136] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6136] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6136] close(3) = 0 [pid 6136] mkdir("./file0", 0777) = 0 [pid 6136] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6136] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6136] chdir("./file0") = 0 [pid 6136] ioctl(4, LOOP_CLR_FD) = 0 [pid 6136] close(4) = 0 [pid 6136] exit_group(0) = ? [pid 6136] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6136, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1108", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1108/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1108/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1108/binderfs") = 0 umount2("./1108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1108/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1108/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1108") = 0 mkdir("./1109", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 136.077644][ T6136] loop0: detected capacity change from 0 to 4096 [ 136.085870][ T6136] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6137 ./strace-static-x86_64: Process 6137 attached [pid 6137] chdir("./1109") = 0 [pid 6137] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6137] setpgid(0, 0) = 0 [pid 6137] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6137] write(3, "1000", 4) = 4 [pid 6137] close(3) = 0 [pid 6137] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6137] memfd_create("syzkaller", 0) = 3 [pid 6137] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6137] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6137] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6137] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6137] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6137] close(3) = 0 [pid 6137] mkdir("./file0", 0777) = 0 [pid 6137] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6137] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6137] chdir("./file0") = 0 [pid 6137] ioctl(4, LOOP_CLR_FD) = 0 [pid 6137] close(4) = 0 [pid 6137] exit_group(0) = ? [pid 6137] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6137, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1109", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1109/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1109/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1109/binderfs") = 0 umount2("./1109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1109/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1109/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1109") = 0 mkdir("./1110", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6138 ./strace-static-x86_64: Process 6138 attached [pid 6138] chdir("./1110") = 0 [pid 6138] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6138] setpgid(0, 0) = 0 [pid 6138] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6138] write(3, "1000", 4) = 4 [pid 6138] close(3) = 0 [pid 6138] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6138] memfd_create("syzkaller", 0) = 3 [pid 6138] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 136.167170][ T6137] loop0: detected capacity change from 0 to 4096 [ 136.175825][ T6137] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6138] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6138] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6138] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6138] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6138] close(3) = 0 [pid 6138] mkdir("./file0", 0777) = 0 [pid 6138] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6138] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6138] chdir("./file0") = 0 [pid 6138] ioctl(4, LOOP_CLR_FD) = 0 [pid 6138] close(4) = 0 [pid 6138] exit_group(0) = ? [pid 6138] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6138, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1110", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1110/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1110/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1110/binderfs") = 0 umount2("./1110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1110/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1110/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1110") = 0 mkdir("./1111", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6139 ./strace-static-x86_64: Process 6139 attached [pid 6139] chdir("./1111") = 0 [pid 6139] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 136.240782][ T6138] loop0: detected capacity change from 0 to 4096 [ 136.249165][ T6138] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6139] setpgid(0, 0) = 0 [pid 6139] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6139] write(3, "1000", 4) = 4 [pid 6139] close(3) = 0 [pid 6139] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6139] memfd_create("syzkaller", 0) = 3 [pid 6139] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6139] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6139] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6139] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6139] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6139] close(3) = 0 [pid 6139] mkdir("./file0", 0777) = 0 [pid 6139] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6139] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6139] chdir("./file0") = 0 [pid 6139] ioctl(4, LOOP_CLR_FD) = 0 [pid 6139] close(4) = 0 [pid 6139] exit_group(0) = ? [pid 6139] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6139, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1111", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1111/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1111/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1111/binderfs") = 0 umount2("./1111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1111/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1111/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1111") = 0 mkdir("./1112", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6140 ./strace-static-x86_64: Process 6140 attached [pid 6140] chdir("./1112") = 0 [pid 6140] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6140] setpgid(0, 0) = 0 [pid 6140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6140] write(3, "1000", 4) = 4 [pid 6140] close(3) = 0 [pid 6140] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6140] memfd_create("syzkaller", 0) = 3 [pid 6140] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 136.323075][ T6139] loop0: detected capacity change from 0 to 4096 [ 136.331705][ T6139] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6140] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6140] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6140] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6140] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6140] close(3) = 0 [pid 6140] mkdir("./file0", 0777) = 0 [pid 6140] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6140] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6140] chdir("./file0") = 0 [pid 6140] ioctl(4, LOOP_CLR_FD) = 0 [pid 6140] close(4) = 0 [pid 6140] exit_group(0) = ? [pid 6140] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6140, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1112", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1112/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1112/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1112/binderfs") = 0 umount2("./1112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1112/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1112/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1112") = 0 mkdir("./1113", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6141 ./strace-static-x86_64: Process 6141 attached [pid 6141] chdir("./1113") = 0 [pid 6141] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6141] setpgid(0, 0) = 0 [ 136.398683][ T6140] loop0: detected capacity change from 0 to 4096 [ 136.407405][ T6140] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6141] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6141] write(3, "1000", 4) = 4 [pid 6141] close(3) = 0 [pid 6141] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6141] memfd_create("syzkaller", 0) = 3 [pid 6141] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6141] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6141] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6141] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6141] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6141] close(3) = 0 [pid 6141] mkdir("./file0", 0777) = 0 [pid 6141] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6141] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6141] chdir("./file0") = 0 [pid 6141] ioctl(4, LOOP_CLR_FD) = 0 [pid 6141] close(4) = 0 [pid 6141] exit_group(0) = ? [pid 6141] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6141, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1113", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1113/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1113/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1113/binderfs") = 0 umount2("./1113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1113/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1113/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1113") = 0 mkdir("./1114", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6142 ./strace-static-x86_64: Process 6142 attached [pid 6142] chdir("./1114") = 0 [pid 6142] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6142] setpgid(0, 0) = 0 [pid 6142] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6142] write(3, "1000", 4) = 4 [pid 6142] close(3) = 0 [pid 6142] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6142] memfd_create("syzkaller", 0) = 3 [pid 6142] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 136.481533][ T6141] loop0: detected capacity change from 0 to 4096 [ 136.490162][ T6141] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6142] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6142] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6142] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6142] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6142] close(3) = 0 [pid 6142] mkdir("./file0", 0777) = 0 [pid 6142] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6142] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6142] chdir("./file0") = 0 [pid 6142] ioctl(4, LOOP_CLR_FD) = 0 [pid 6142] close(4) = 0 [pid 6142] exit_group(0) = ? [pid 6142] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6142, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1114", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1114/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1114/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1114/binderfs") = 0 umount2("./1114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1114/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1114/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1114") = 0 mkdir("./1115", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6143 ./strace-static-x86_64: Process 6143 attached [pid 6143] chdir("./1115") = 0 [pid 6143] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6143] setpgid(0, 0) = 0 [pid 6143] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6143] write(3, "1000", 4) = 4 [pid 6143] close(3) = 0 [pid 6143] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6143] memfd_create("syzkaller", 0) = 3 [pid 6143] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 136.562902][ T6142] loop0: detected capacity change from 0 to 4096 [ 136.571757][ T6142] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6143] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6143] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6143] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6143] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6143] close(3) = 0 [pid 6143] mkdir("./file0", 0777) = 0 [pid 6143] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6143] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6143] chdir("./file0") = 0 [pid 6143] ioctl(4, LOOP_CLR_FD) = 0 [pid 6143] close(4) = 0 [pid 6143] exit_group(0) = ? [pid 6143] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6143, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1115", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1115/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1115/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1115/binderfs") = 0 umount2("./1115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1115/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1115/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1115") = 0 mkdir("./1116", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6144 ./strace-static-x86_64: Process 6144 attached [pid 6144] chdir("./1116") = 0 [pid 6144] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6144] setpgid(0, 0) = 0 [pid 6144] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6144] write(3, "1000", 4) = 4 [pid 6144] close(3) = 0 [pid 6144] symlink("/dev/binderfs", "./binderfs") = 0 [ 136.640306][ T6143] loop0: detected capacity change from 0 to 4096 [ 136.648477][ T6143] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6144] memfd_create("syzkaller", 0) = 3 [pid 6144] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6144] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6144] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6144] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6144] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6144] close(3) = 0 [pid 6144] mkdir("./file0", 0777) = 0 [pid 6144] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6144] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6144] chdir("./file0") = 0 [pid 6144] ioctl(4, LOOP_CLR_FD) = 0 [pid 6144] close(4) = 0 [pid 6144] exit_group(0) = ? [pid 6144] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6144, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1116", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1116/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1116/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1116/binderfs") = 0 umount2("./1116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1116/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1116/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1116") = 0 mkdir("./1117", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 136.727482][ T6144] loop0: detected capacity change from 0 to 4096 [ 136.735716][ T6144] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6145 ./strace-static-x86_64: Process 6145 attached [pid 6145] chdir("./1117") = 0 [pid 6145] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6145] setpgid(0, 0) = 0 [pid 6145] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6145] write(3, "1000", 4) = 4 [pid 6145] close(3) = 0 [pid 6145] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6145] memfd_create("syzkaller", 0) = 3 [pid 6145] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6145] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6145] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6145] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6145] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6145] close(3) = 0 [pid 6145] mkdir("./file0", 0777) = 0 [pid 6145] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6145] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6145] chdir("./file0") = 0 [pid 6145] ioctl(4, LOOP_CLR_FD) = 0 [pid 6145] close(4) = 0 [pid 6145] exit_group(0) = ? [pid 6145] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6145, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1117", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1117/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1117/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1117/binderfs") = 0 umount2("./1117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1117/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1117/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1117") = 0 mkdir("./1118", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 136.819354][ T6145] loop0: detected capacity change from 0 to 4096 [ 136.828272][ T6145] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6146 attached , child_tidptr=0x5555568435d0) = 6146 [pid 6146] chdir("./1118") = 0 [pid 6146] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6146] setpgid(0, 0) = 0 [pid 6146] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6146] write(3, "1000", 4) = 4 [pid 6146] close(3) = 0 [pid 6146] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6146] memfd_create("syzkaller", 0) = 3 [pid 6146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6146] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6146] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6146] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6146] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6146] close(3) = 0 [pid 6146] mkdir("./file0", 0777) = 0 [pid 6146] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6146] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6146] chdir("./file0") = 0 [pid 6146] ioctl(4, LOOP_CLR_FD) = 0 [pid 6146] close(4) = 0 [pid 6146] exit_group(0) = ? [pid 6146] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6146, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1118", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1118/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1118/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1118/binderfs") = 0 umount2("./1118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1118/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1118/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1118") = 0 mkdir("./1119", 0777) = 0 [ 136.904293][ T6146] loop0: detected capacity change from 0 to 4096 [ 136.912432][ T6146] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6147 ./strace-static-x86_64: Process 6147 attached [pid 6147] chdir("./1119") = 0 [pid 6147] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6147] setpgid(0, 0) = 0 [pid 6147] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6147] write(3, "1000", 4) = 4 [pid 6147] close(3) = 0 [pid 6147] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6147] memfd_create("syzkaller", 0) = 3 [pid 6147] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6147] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6147] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6147] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6147] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6147] close(3) = 0 [pid 6147] mkdir("./file0", 0777) = 0 [pid 6147] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6147] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6147] chdir("./file0") = 0 [pid 6147] ioctl(4, LOOP_CLR_FD) = 0 [pid 6147] close(4) = 0 [pid 6147] exit_group(0) = ? [pid 6147] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6147, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1119", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1119/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1119/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1119/binderfs") = 0 umount2("./1119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1119/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1119/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1119/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1119") = 0 mkdir("./1120", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6148 ./strace-static-x86_64: Process 6148 attached [pid 6148] chdir("./1120") = 0 [pid 6148] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6148] setpgid(0, 0) = 0 [pid 6148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6148] write(3, "1000", 4) = 4 [pid 6148] close(3) = 0 [pid 6148] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6148] memfd_create("syzkaller", 0) = 3 [ 136.994648][ T6147] loop0: detected capacity change from 0 to 4096 [ 137.004183][ T6147] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6148] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6148] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6148] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6148] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6148] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6148] close(3) = 0 [pid 6148] mkdir("./file0", 0777) = 0 [pid 6148] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6148] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6148] chdir("./file0") = 0 [pid 6148] ioctl(4, LOOP_CLR_FD) = 0 [pid 6148] close(4) = 0 [pid 6148] exit_group(0) = ? [pid 6148] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6148, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1120", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1120/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1120/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1120/binderfs") = 0 umount2("./1120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1120/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1120/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1120/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1120") = 0 mkdir("./1121", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6149 ./strace-static-x86_64: Process 6149 attached [pid 6149] chdir("./1121") = 0 [pid 6149] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6149] setpgid(0, 0) = 0 [ 137.090815][ T6148] loop0: detected capacity change from 0 to 4096 [ 137.099327][ T6148] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6149] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6149] write(3, "1000", 4) = 4 [pid 6149] close(3) = 0 [pid 6149] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6149] memfd_create("syzkaller", 0) = 3 [pid 6149] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6149] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6149] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6149] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6149] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6149] close(3) = 0 [pid 6149] mkdir("./file0", 0777) = 0 [pid 6149] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6149] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6149] chdir("./file0") = 0 [pid 6149] ioctl(4, LOOP_CLR_FD) = 0 [pid 6149] close(4) = 0 [pid 6149] exit_group(0) = ? [pid 6149] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6149, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1121", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1121/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1121/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1121/binderfs") = 0 umount2("./1121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1121/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1121/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1121/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1121") = 0 mkdir("./1122", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6150 ./strace-static-x86_64: Process 6150 attached [pid 6150] chdir("./1122") = 0 [pid 6150] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6150] setpgid(0, 0) = 0 [pid 6150] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6150] write(3, "1000", 4) = 4 [pid 6150] close(3) = 0 [pid 6150] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6150] memfd_create("syzkaller", 0) = 3 [pid 6150] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 137.178318][ T6149] loop0: detected capacity change from 0 to 4096 [ 137.187136][ T6149] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6150] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6150] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6150] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6150] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6150] close(3) = 0 [pid 6150] mkdir("./file0", 0777) = 0 [pid 6150] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6150] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6150] chdir("./file0") = 0 [pid 6150] ioctl(4, LOOP_CLR_FD) = 0 [pid 6150] close(4) = 0 [pid 6150] exit_group(0) = ? [pid 6150] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6150, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1122", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1122/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1122/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1122/binderfs") = 0 umount2("./1122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1122/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1122/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1122/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1122") = 0 mkdir("./1123", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6151 ./strace-static-x86_64: Process 6151 attached [pid 6151] chdir("./1123") = 0 [pid 6151] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6151] setpgid(0, 0) = 0 [pid 6151] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6151] write(3, "1000", 4) = 4 [pid 6151] close(3) = 0 [pid 6151] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6151] memfd_create("syzkaller", 0) = 3 [pid 6151] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 137.259256][ T6150] loop0: detected capacity change from 0 to 4096 [ 137.267867][ T6150] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6151] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6151] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6151] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6151] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6151] close(3) = 0 [pid 6151] mkdir("./file0", 0777) = 0 [pid 6151] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6151] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6151] chdir("./file0") = 0 [pid 6151] ioctl(4, LOOP_CLR_FD) = 0 [pid 6151] close(4) = 0 [pid 6151] exit_group(0) = ? [pid 6151] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6151, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1123", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1123/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1123/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1123/binderfs") = 0 umount2("./1123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1123/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1123/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1123/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1123") = 0 mkdir("./1124", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6152 ./strace-static-x86_64: Process 6152 attached [pid 6152] chdir("./1124") = 0 [pid 6152] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6152] setpgid(0, 0) = 0 [pid 6152] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6152] write(3, "1000", 4) = 4 [pid 6152] close(3) = 0 [pid 6152] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6152] memfd_create("syzkaller", 0) = 3 [pid 6152] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 137.335593][ T6151] loop0: detected capacity change from 0 to 4096 [ 137.343896][ T6151] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6152] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6152] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6152] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6152] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6152] close(3) = 0 [pid 6152] mkdir("./file0", 0777) = 0 [pid 6152] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6152] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6152] chdir("./file0") = 0 [pid 6152] ioctl(4, LOOP_CLR_FD) = 0 [pid 6152] close(4) = 0 [pid 6152] exit_group(0) = ? [pid 6152] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6152, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1124", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1124/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1124/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1124/binderfs") = 0 umount2("./1124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1124/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1124/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1124/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1124") = 0 mkdir("./1125", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6153 attached , child_tidptr=0x5555568435d0) = 6153 [pid 6153] chdir("./1125") = 0 [pid 6153] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6153] setpgid(0, 0) = 0 [pid 6153] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6153] write(3, "1000", 4) = 4 [pid 6153] close(3) = 0 [pid 6153] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6153] memfd_create("syzkaller", 0) = 3 [pid 6153] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 137.421329][ T6152] loop0: detected capacity change from 0 to 4096 [ 137.429819][ T6152] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6153] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6153] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6153] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6153] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6153] close(3) = 0 [pid 6153] mkdir("./file0", 0777) = 0 [pid 6153] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6153] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6153] chdir("./file0") = 0 [pid 6153] ioctl(4, LOOP_CLR_FD) = 0 [pid 6153] close(4) = 0 [pid 6153] exit_group(0) = ? [pid 6153] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6153, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1125", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1125/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1125/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1125/binderfs") = 0 umount2("./1125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1125/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1125/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1125/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1125") = 0 mkdir("./1126", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6154 ./strace-static-x86_64: Process 6154 attached [pid 6154] chdir("./1126") = 0 [pid 6154] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6154] setpgid(0, 0) = 0 [pid 6154] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6154] write(3, "1000", 4) = 4 [pid 6154] close(3) = 0 [pid 6154] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6154] memfd_create("syzkaller", 0) = 3 [pid 6154] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 137.500916][ T6153] loop0: detected capacity change from 0 to 4096 [ 137.509821][ T6153] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6154] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6154] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6154] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6154] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6154] close(3) = 0 [pid 6154] mkdir("./file0", 0777) = 0 [pid 6154] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6154] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6154] chdir("./file0") = 0 [pid 6154] ioctl(4, LOOP_CLR_FD) = 0 [pid 6154] close(4) = 0 [pid 6154] exit_group(0) = ? [pid 6154] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6154, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1126", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1126/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1126/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1126/binderfs") = 0 umount2("./1126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1126/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1126/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1126/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1126") = 0 mkdir("./1127", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6155 ./strace-static-x86_64: Process 6155 attached [pid 6155] chdir("./1127") = 0 [pid 6155] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6155] setpgid(0, 0) = 0 [pid 6155] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6155] write(3, "1000", 4) = 4 [pid 6155] close(3) = 0 [pid 6155] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6155] memfd_create("syzkaller", 0) = 3 [pid 6155] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 137.582219][ T6154] loop0: detected capacity change from 0 to 4096 [ 137.590416][ T6154] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6155] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6155] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6155] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6155] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6155] close(3) = 0 [pid 6155] mkdir("./file0", 0777) = 0 [pid 6155] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6155] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6155] chdir("./file0") = 0 [pid 6155] ioctl(4, LOOP_CLR_FD) = 0 [pid 6155] close(4) = 0 [pid 6155] exit_group(0) = ? [pid 6155] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6155, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1127", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1127/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1127/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1127/binderfs") = 0 umount2("./1127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1127/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1127/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1127/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1127") = 0 mkdir("./1128", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6156 ./strace-static-x86_64: Process 6156 attached [pid 6156] chdir("./1128") = 0 [pid 6156] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 137.660054][ T6155] loop0: detected capacity change from 0 to 4096 [ 137.668163][ T6155] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6156] setpgid(0, 0) = 0 [pid 6156] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6156] write(3, "1000", 4) = 4 [pid 6156] close(3) = 0 [pid 6156] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6156] memfd_create("syzkaller", 0) = 3 [pid 6156] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6156] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6156] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6156] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6156] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6156] close(3) = 0 [pid 6156] mkdir("./file0", 0777) = 0 [pid 6156] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6156] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6156] chdir("./file0") = 0 [pid 6156] ioctl(4, LOOP_CLR_FD) = 0 [pid 6156] close(4) = 0 [pid 6156] exit_group(0) = ? [pid 6156] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6156, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- umount2("./1128", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1128/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1128/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1128/binderfs") = 0 umount2("./1128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1128/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1128/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1128/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1128") = 0 mkdir("./1129", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6157 ./strace-static-x86_64: Process 6157 attached [pid 6157] chdir("./1129") = 0 [pid 6157] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6157] setpgid(0, 0) = 0 [pid 6157] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6157] write(3, "1000", 4) = 4 [pid 6157] close(3) = 0 [pid 6157] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6157] memfd_create("syzkaller", 0) = 3 [pid 6157] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 137.746919][ T6156] loop0: detected capacity change from 0 to 4096 [ 137.755064][ T6156] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6157] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6157] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6157] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6157] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6157] close(3) = 0 [pid 6157] mkdir("./file0", 0777) = 0 [pid 6157] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6157] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6157] chdir("./file0") = 0 [pid 6157] ioctl(4, LOOP_CLR_FD) = 0 [pid 6157] close(4) = 0 [pid 6157] exit_group(0) = ? [pid 6157] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6157, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1129", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1129/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1129/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1129/binderfs") = 0 umount2("./1129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1129/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1129/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1129/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1129") = 0 mkdir("./1130", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6158 ./strace-static-x86_64: Process 6158 attached [pid 6158] chdir("./1130") = 0 [pid 6158] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6158] setpgid(0, 0) = 0 [pid 6158] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6158] write(3, "1000", 4) = 4 [pid 6158] close(3) = 0 [pid 6158] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6158] memfd_create("syzkaller", 0) = 3 [ 137.820351][ T6157] loop0: detected capacity change from 0 to 4096 [ 137.828995][ T6157] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6158] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6158] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6158] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6158] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6158] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6158] close(3) = 0 [pid 6158] mkdir("./file0", 0777) = 0 [pid 6158] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6158] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6158] chdir("./file0") = 0 [pid 6158] ioctl(4, LOOP_CLR_FD) = 0 [pid 6158] close(4) = 0 [pid 6158] exit_group(0) = ? [pid 6158] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6158, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1130", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1130/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1130/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1130/binderfs") = 0 umount2("./1130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1130/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1130/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1130/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1130") = 0 mkdir("./1131", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6159 ./strace-static-x86_64: Process 6159 attached [pid 6159] chdir("./1131") = 0 [pid 6159] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6159] setpgid(0, 0) = 0 [pid 6159] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6159] write(3, "1000", 4) = 4 [pid 6159] close(3) = 0 [pid 6159] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6159] memfd_create("syzkaller", 0) = 3 [pid 6159] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 137.899023][ T6158] loop0: detected capacity change from 0 to 4096 [ 137.907431][ T6158] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6159] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6159] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6159] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6159] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6159] close(3) = 0 [pid 6159] mkdir("./file0", 0777) = 0 [pid 6159] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6159] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6159] chdir("./file0") = 0 [pid 6159] ioctl(4, LOOP_CLR_FD) = 0 [pid 6159] close(4) = 0 [pid 6159] exit_group(0) = ? [pid 6159] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6159, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1131", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1131/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1131/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1131/binderfs") = 0 umount2("./1131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1131/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1131/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1131/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1131") = 0 mkdir("./1132", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6160 ./strace-static-x86_64: Process 6160 attached [pid 6160] chdir("./1132") = 0 [pid 6160] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6160] setpgid(0, 0) = 0 [pid 6160] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6160] write(3, "1000", 4) = 4 [pid 6160] close(3) = 0 [pid 6160] symlink("/dev/binderfs", "./binderfs") = 0 [ 137.978557][ T6159] loop0: detected capacity change from 0 to 4096 [ 137.987928][ T6159] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6160] memfd_create("syzkaller", 0) = 3 [pid 6160] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6160] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6160] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6160] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6160] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6160] close(3) = 0 [pid 6160] mkdir("./file0", 0777) = 0 [pid 6160] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6160] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6160] chdir("./file0") = 0 [pid 6160] ioctl(4, LOOP_CLR_FD) = 0 [pid 6160] close(4) = 0 [pid 6160] exit_group(0) = ? [pid 6160] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6160, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1132", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1132/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1132/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1132/binderfs") = 0 umount2("./1132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1132/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1132/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1132/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1132") = 0 mkdir("./1133", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6161 attached , child_tidptr=0x5555568435d0) = 6161 [pid 6161] chdir("./1133") = 0 [pid 6161] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6161] setpgid(0, 0) = 0 [pid 6161] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6161] write(3, "1000", 4) = 4 [pid 6161] close(3) = 0 [pid 6161] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6161] memfd_create("syzkaller", 0) = 3 [pid 6161] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 138.069834][ T6160] loop0: detected capacity change from 0 to 4096 [ 138.078374][ T6160] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6161] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6161] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6161] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6161] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6161] close(3) = 0 [pid 6161] mkdir("./file0", 0777) = 0 [pid 6161] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6161] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6161] chdir("./file0") = 0 [pid 6161] ioctl(4, LOOP_CLR_FD) = 0 [pid 6161] close(4) = 0 [pid 6161] exit_group(0) = ? [pid 6161] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6161, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1133", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1133/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1133/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1133/binderfs") = 0 umount2("./1133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1133/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1133/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1133/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1133") = 0 mkdir("./1134", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6162 ./strace-static-x86_64: Process 6162 attached [pid 6162] chdir("./1134") = 0 [pid 6162] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6162] setpgid(0, 0) = 0 [pid 6162] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6162] write(3, "1000", 4) = 4 [pid 6162] close(3) = 0 [pid 6162] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6162] memfd_create("syzkaller", 0) = 3 [pid 6162] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 138.150206][ T6161] loop0: detected capacity change from 0 to 4096 [ 138.159003][ T6161] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6162] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6162] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6162] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6162] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6162] close(3) = 0 [pid 6162] mkdir("./file0", 0777) = 0 [pid 6162] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6162] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6162] chdir("./file0") = 0 [pid 6162] ioctl(4, LOOP_CLR_FD) = 0 [pid 6162] close(4) = 0 [pid 6162] exit_group(0) = ? [pid 6162] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6162, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1134", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1134/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1134/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1134/binderfs") = 0 umount2("./1134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1134/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1134/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1134/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1134") = 0 mkdir("./1135", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 138.230132][ T6162] loop0: detected capacity change from 0 to 4096 [ 138.238667][ T6162] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6163 attached [pid 6163] chdir("./1135") = 0 [pid 6163] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6163] setpgid(0, 0) = 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 6163 [pid 6163] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6163] write(3, "1000", 4) = 4 [pid 6163] close(3) = 0 [pid 6163] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6163] memfd_create("syzkaller", 0) = 3 [pid 6163] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6163] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6163] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6163] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6163] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6163] close(3) = 0 [pid 6163] mkdir("./file0", 0777) = 0 [pid 6163] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6163] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6163] chdir("./file0") = 0 [pid 6163] ioctl(4, LOOP_CLR_FD) = 0 [pid 6163] close(4) = 0 [pid 6163] exit_group(0) = ? [pid 6163] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6163, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1135", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1135/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1135/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1135/binderfs") = 0 umount2("./1135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1135/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1135/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1135/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1135") = 0 mkdir("./1136", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6164 ./strace-static-x86_64: Process 6164 attached [pid 6164] chdir("./1136") = 0 [pid 6164] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6164] setpgid(0, 0) = 0 [pid 6164] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6164] write(3, "1000", 4) = 4 [pid 6164] close(3) = 0 [pid 6164] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6164] memfd_create("syzkaller", 0) = 3 [pid 6164] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 138.319588][ T6163] loop0: detected capacity change from 0 to 4096 [ 138.328115][ T6163] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6164] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6164] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6164] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6164] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6164] close(3) = 0 [pid 6164] mkdir("./file0", 0777) = 0 [pid 6164] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6164] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6164] chdir("./file0") = 0 [pid 6164] ioctl(4, LOOP_CLR_FD) = 0 [pid 6164] close(4) = 0 [pid 6164] exit_group(0) = ? [pid 6164] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6164, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1136", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1136/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1136/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1136/binderfs") = 0 umount2("./1136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1136/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1136/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1136/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1136") = 0 mkdir("./1137", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6165 ./strace-static-x86_64: Process 6165 attached [pid 6165] chdir("./1137") = 0 [pid 6165] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6165] setpgid(0, 0) = 0 [pid 6165] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6165] write(3, "1000", 4) = 4 [pid 6165] close(3) = 0 [pid 6165] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6165] memfd_create("syzkaller", 0) = 3 [pid 6165] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 138.391191][ T6164] loop0: detected capacity change from 0 to 4096 [ 138.399708][ T6164] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6165] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6165] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6165] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6165] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6165] close(3) = 0 [pid 6165] mkdir("./file0", 0777) = 0 [pid 6165] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6165] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6165] chdir("./file0") = 0 [pid 6165] ioctl(4, LOOP_CLR_FD) = 0 [pid 6165] close(4) = 0 [pid 6165] exit_group(0) = ? [pid 6165] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6165, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1137", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1137/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1137/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1137/binderfs") = 0 umount2("./1137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1137/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1137/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1137/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1137") = 0 mkdir("./1138", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 138.469991][ T6165] loop0: detected capacity change from 0 to 4096 [ 138.478699][ T6165] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6166 ./strace-static-x86_64: Process 6166 attached [pid 6166] chdir("./1138") = 0 [pid 6166] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6166] setpgid(0, 0) = 0 [pid 6166] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6166] write(3, "1000", 4) = 4 [pid 6166] close(3) = 0 [pid 6166] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6166] memfd_create("syzkaller", 0) = 3 [pid 6166] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6166] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6166] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6166] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6166] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6166] close(3) = 0 [pid 6166] mkdir("./file0", 0777) = 0 [pid 6166] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6166] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6166] chdir("./file0") = 0 [pid 6166] ioctl(4, LOOP_CLR_FD) = 0 [pid 6166] close(4) = 0 [pid 6166] exit_group(0) = ? [pid 6166] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6166, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1138", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1138/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1138/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1138/binderfs") = 0 umount2("./1138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1138/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1138/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1138/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1138") = 0 mkdir("./1139", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6167 ./strace-static-x86_64: Process 6167 attached [pid 6167] chdir("./1139") = 0 [pid 6167] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6167] setpgid(0, 0) = 0 [pid 6167] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6167] write(3, "1000", 4) = 4 [pid 6167] close(3) = 0 [pid 6167] symlink("/dev/binderfs", "./binderfs") = 0 [ 138.557983][ T6166] loop0: detected capacity change from 0 to 4096 [ 138.566879][ T6166] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6167] memfd_create("syzkaller", 0) = 3 [pid 6167] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6167] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6167] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6167] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6167] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6167] close(3) = 0 [pid 6167] mkdir("./file0", 0777) = 0 [pid 6167] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6167] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6167] chdir("./file0") = 0 [pid 6167] ioctl(4, LOOP_CLR_FD) = 0 [pid 6167] close(4) = 0 [pid 6167] exit_group(0) = ? [pid 6167] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6167, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1139", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1139", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1139/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1139/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1139/binderfs") = 0 umount2("./1139/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1139/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1139/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1139/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1139/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1139/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1139") = 0 mkdir("./1140", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 138.643766][ T6167] loop0: detected capacity change from 0 to 4096 [ 138.652463][ T6167] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6168 ./strace-static-x86_64: Process 6168 attached [pid 6168] chdir("./1140") = 0 [pid 6168] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6168] setpgid(0, 0) = 0 [pid 6168] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6168] write(3, "1000", 4) = 4 [pid 6168] close(3) = 0 [pid 6168] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6168] memfd_create("syzkaller", 0) = 3 [pid 6168] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6168] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6168] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6168] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6168] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6168] close(3) = 0 [pid 6168] mkdir("./file0", 0777) = 0 [pid 6168] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6168] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6168] chdir("./file0") = 0 [pid 6168] ioctl(4, LOOP_CLR_FD) = 0 [pid 6168] close(4) = 0 [pid 6168] exit_group(0) = ? [pid 6168] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6168, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1140", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1140", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1140/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1140/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1140/binderfs") = 0 umount2("./1140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1140/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1140/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1140/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1140") = 0 mkdir("./1141", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6169 ./strace-static-x86_64: Process 6169 attached [pid 6169] chdir("./1141") = 0 [pid 6169] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6169] setpgid(0, 0) = 0 [pid 6169] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6169] write(3, "1000", 4) = 4 [pid 6169] close(3) = 0 [ 138.733672][ T6168] loop0: detected capacity change from 0 to 4096 [ 138.742164][ T6168] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6169] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6169] memfd_create("syzkaller", 0) = 3 [pid 6169] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6169] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6169] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6169] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6169] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6169] close(3) = 0 [pid 6169] mkdir("./file0", 0777) = 0 [pid 6169] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6169] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6169] chdir("./file0") = 0 [pid 6169] ioctl(4, LOOP_CLR_FD) = 0 [pid 6169] close(4) = 0 [pid 6169] exit_group(0) = ? [pid 6169] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6169, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1141", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1141", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1141/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1141/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1141/binderfs") = 0 umount2("./1141/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1141/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1141/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1141/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1141/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1141/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1141") = 0 mkdir("./1142", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6170 ./strace-static-x86_64: Process 6170 attached [pid 6170] chdir("./1142") = 0 [pid 6170] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6170] setpgid(0, 0) = 0 [pid 6170] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6170] write(3, "1000", 4) = 4 [pid 6170] close(3) = 0 [pid 6170] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6170] memfd_create("syzkaller", 0) = 3 [pid 6170] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 138.814635][ T6169] loop0: detected capacity change from 0 to 4096 [ 138.823111][ T6169] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6170] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6170] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6170] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6170] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6170] close(3) = 0 [pid 6170] mkdir("./file0", 0777) = 0 [pid 6170] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6170] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6170] chdir("./file0") = 0 [pid 6170] ioctl(4, LOOP_CLR_FD) = 0 [pid 6170] close(4) = 0 [pid 6170] exit_group(0) = ? [pid 6170] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6170, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1142", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1142", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1142/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1142/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1142/binderfs") = 0 umount2("./1142/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1142/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1142/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1142/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1142/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1142/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1142") = 0 mkdir("./1143", 0777) = 0 [ 138.891764][ T6170] loop0: detected capacity change from 0 to 4096 [ 138.900239][ T6170] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6171 ./strace-static-x86_64: Process 6171 attached [pid 6171] chdir("./1143") = 0 [pid 6171] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6171] setpgid(0, 0) = 0 [pid 6171] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6171] write(3, "1000", 4) = 4 [pid 6171] close(3) = 0 [pid 6171] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6171] memfd_create("syzkaller", 0) = 3 [pid 6171] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6171] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6171] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6171] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6171] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6171] close(3) = 0 [pid 6171] mkdir("./file0", 0777) = 0 [pid 6171] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6171] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6171] chdir("./file0") = 0 [pid 6171] ioctl(4, LOOP_CLR_FD) = 0 [pid 6171] close(4) = 0 [pid 6171] exit_group(0) = ? [pid 6171] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6171, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1143", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1143", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1143/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1143/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1143/binderfs") = 0 umount2("./1143/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1143/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1143/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1143/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1143/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1143/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1143") = 0 mkdir("./1144", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6172 ./strace-static-x86_64: Process 6172 attached [pid 6172] chdir("./1144") = 0 [pid 6172] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6172] setpgid(0, 0) = 0 [pid 6172] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6172] write(3, "1000", 4) = 4 [pid 6172] close(3) = 0 [pid 6172] symlink("/dev/binderfs", "./binderfs") = 0 [ 138.982089][ T6171] loop0: detected capacity change from 0 to 4096 [ 138.990581][ T6171] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6172] memfd_create("syzkaller", 0) = 3 [pid 6172] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6172] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6172] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6172] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6172] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6172] close(3) = 0 [pid 6172] mkdir("./file0", 0777) = 0 [pid 6172] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6172] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6172] chdir("./file0") = 0 [pid 6172] ioctl(4, LOOP_CLR_FD) = 0 [pid 6172] close(4) = 0 [pid 6172] exit_group(0) = ? [pid 6172] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6172, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1144", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1144", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1144/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1144/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1144/binderfs") = 0 umount2("./1144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1144/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1144/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1144/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1144") = 0 mkdir("./1145", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 139.063506][ T6172] loop0: detected capacity change from 0 to 4096 [ 139.072244][ T6172] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6173 ./strace-static-x86_64: Process 6173 attached [pid 6173] chdir("./1145") = 0 [pid 6173] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6173] setpgid(0, 0) = 0 [pid 6173] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6173] write(3, "1000", 4) = 4 [pid 6173] close(3) = 0 [pid 6173] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6173] memfd_create("syzkaller", 0) = 3 [pid 6173] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6173] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6173] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6173] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6173] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6173] close(3) = 0 [pid 6173] mkdir("./file0", 0777) = 0 [pid 6173] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6173] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6173] chdir("./file0") = 0 [pid 6173] ioctl(4, LOOP_CLR_FD) = 0 [pid 6173] close(4) = 0 [pid 6173] exit_group(0) = ? [pid 6173] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6173, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1145", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1145", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1145/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1145/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1145/binderfs") = 0 umount2("./1145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1145/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1145/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1145/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1145") = 0 mkdir("./1146", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 139.150018][ T6173] loop0: detected capacity change from 0 to 4096 [ 139.158287][ T6173] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6174 ./strace-static-x86_64: Process 6174 attached [pid 6174] chdir("./1146") = 0 [pid 6174] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6174] setpgid(0, 0) = 0 [pid 6174] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6174] write(3, "1000", 4) = 4 [pid 6174] close(3) = 0 [pid 6174] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6174] memfd_create("syzkaller", 0) = 3 [pid 6174] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6174] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6174] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6174] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6174] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6174] close(3) = 0 [pid 6174] mkdir("./file0", 0777) = 0 [pid 6174] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6174] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6174] chdir("./file0") = 0 [pid 6174] ioctl(4, LOOP_CLR_FD) = 0 [pid 6174] close(4) = 0 [pid 6174] exit_group(0) = ? [pid 6174] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6174, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1146", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1146", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1146/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1146/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1146/binderfs") = 0 umount2("./1146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1146/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1146/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1146/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1146") = 0 mkdir("./1147", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6175 ./strace-static-x86_64: Process 6175 attached [pid 6175] chdir("./1147") = 0 [pid 6175] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6175] setpgid(0, 0) = 0 [pid 6175] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6175] write(3, "1000", 4) = 4 [pid 6175] close(3) = 0 [pid 6175] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6175] memfd_create("syzkaller", 0) = 3 [pid 6175] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 139.241123][ T6174] loop0: detected capacity change from 0 to 4096 [ 139.249384][ T6174] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6175] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6175] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6175] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6175] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6175] close(3) = 0 [pid 6175] mkdir("./file0", 0777) = 0 [pid 6175] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6175] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6175] chdir("./file0") = 0 [pid 6175] ioctl(4, LOOP_CLR_FD) = 0 [pid 6175] close(4) = 0 [pid 6175] exit_group(0) = ? [pid 6175] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6175, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1147", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1147", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1147/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1147/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1147/binderfs") = 0 umount2("./1147/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1147/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1147/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1147/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1147/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1147/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1147") = 0 mkdir("./1148", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 139.316473][ T6175] loop0: detected capacity change from 0 to 4096 [ 139.325299][ T6175] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6176 ./strace-static-x86_64: Process 6176 attached [pid 6176] chdir("./1148") = 0 [pid 6176] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6176] setpgid(0, 0) = 0 [pid 6176] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6176] write(3, "1000", 4) = 4 [pid 6176] close(3) = 0 [pid 6176] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6176] memfd_create("syzkaller", 0) = 3 [pid 6176] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6176] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6176] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6176] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6176] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6176] close(3) = 0 [pid 6176] mkdir("./file0", 0777) = 0 [pid 6176] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6176] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6176] chdir("./file0") = 0 [pid 6176] ioctl(4, LOOP_CLR_FD) = 0 [pid 6176] close(4) = 0 [pid 6176] exit_group(0) = ? [pid 6176] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6176, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1148", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1148", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1148/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1148/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1148/binderfs") = 0 umount2("./1148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1148/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1148/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1148/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1148") = 0 mkdir("./1149", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6177 ./strace-static-x86_64: Process 6177 attached [pid 6177] chdir("./1149") = 0 [pid 6177] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6177] setpgid(0, 0) = 0 [pid 6177] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6177] write(3, "1000", 4) = 4 [pid 6177] close(3) = 0 [pid 6177] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6177] memfd_create("syzkaller", 0) = 3 [pid 6177] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 139.401087][ T6176] loop0: detected capacity change from 0 to 4096 [ 139.409688][ T6176] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6177] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6177] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6177] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6177] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6177] close(3) = 0 [pid 6177] mkdir("./file0", 0777) = 0 [pid 6177] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6177] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6177] chdir("./file0") = 0 [pid 6177] ioctl(4, LOOP_CLR_FD) = 0 [pid 6177] close(4) = 0 [pid 6177] exit_group(0) = ? [pid 6177] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6177, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1149", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1149", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1149/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1149/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1149/binderfs") = 0 umount2("./1149/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1149/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1149/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1149/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1149/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1149/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1149") = 0 mkdir("./1150", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6178 ./strace-static-x86_64: Process 6178 attached [pid 6178] chdir("./1150") = 0 [pid 6178] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6178] setpgid(0, 0) = 0 [pid 6178] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6178] write(3, "1000", 4) = 4 [pid 6178] close(3) = 0 [pid 6178] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6178] memfd_create("syzkaller", 0) = 3 [pid 6178] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 139.485601][ T6177] loop0: detected capacity change from 0 to 4096 [ 139.494733][ T6177] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6178] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6178] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6178] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6178] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6178] close(3) = 0 [pid 6178] mkdir("./file0", 0777) = 0 [pid 6178] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6178] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6178] chdir("./file0") = 0 [pid 6178] ioctl(4, LOOP_CLR_FD) = 0 [pid 6178] close(4) = 0 [pid 6178] exit_group(0) = ? [pid 6178] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6178, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1150", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1150", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1150/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1150/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1150/binderfs") = 0 umount2("./1150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1150/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1150/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1150/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1150") = 0 mkdir("./1151", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6179 ./strace-static-x86_64: Process 6179 attached [pid 6179] chdir("./1151") = 0 [pid 6179] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6179] setpgid(0, 0) = 0 [pid 6179] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6179] write(3, "1000", 4) = 4 [pid 6179] close(3) = 0 [pid 6179] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6179] memfd_create("syzkaller", 0) = 3 [pid 6179] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 139.568155][ T6178] loop0: detected capacity change from 0 to 4096 [ 139.576330][ T6178] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6179] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6179] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6179] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6179] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6179] close(3) = 0 [pid 6179] mkdir("./file0", 0777) = 0 [pid 6179] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6179] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6179] chdir("./file0") = 0 [pid 6179] ioctl(4, LOOP_CLR_FD) = 0 [pid 6179] close(4) = 0 [pid 6179] exit_group(0) = ? [pid 6179] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6179, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1151", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1151", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1151/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1151/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1151/binderfs") = 0 umount2("./1151/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1151/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1151/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1151/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1151/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1151/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1151") = 0 mkdir("./1152", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6180 attached , child_tidptr=0x5555568435d0) = 6180 [pid 6180] chdir("./1152") = 0 [pid 6180] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6180] setpgid(0, 0) = 0 [pid 6180] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6180] write(3, "1000", 4) = 4 [pid 6180] close(3) = 0 [pid 6180] symlink("/dev/binderfs", "./binderfs") = 0 [ 139.647676][ T6179] loop0: detected capacity change from 0 to 4096 [ 139.655938][ T6179] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6180] memfd_create("syzkaller", 0) = 3 [pid 6180] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6180] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6180] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6180] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6180] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6180] close(3) = 0 [pid 6180] mkdir("./file0", 0777) = 0 [pid 6180] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6180] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6180] chdir("./file0") = 0 [pid 6180] ioctl(4, LOOP_CLR_FD) = 0 [pid 6180] close(4) = 0 [pid 6180] exit_group(0) = ? [pid 6180] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6180, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1152", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1152", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1152/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1152/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1152/binderfs") = 0 umount2("./1152/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1152/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1152/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1152/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1152/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1152/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1152") = 0 mkdir("./1153", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6181 attached , child_tidptr=0x5555568435d0) = 6181 [pid 6181] chdir("./1153") = 0 [pid 6181] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6181] setpgid(0, 0) = 0 [pid 6181] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6181] write(3, "1000", 4) = 4 [pid 6181] close(3) = 0 [pid 6181] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6181] memfd_create("syzkaller", 0) = 3 [ 139.729122][ T6180] loop0: detected capacity change from 0 to 4096 [ 139.737248][ T6180] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6181] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6181] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6181] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6181] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6181] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6181] close(3) = 0 [pid 6181] mkdir("./file0", 0777) = 0 [pid 6181] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6181] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6181] chdir("./file0") = 0 [pid 6181] ioctl(4, LOOP_CLR_FD) = 0 [pid 6181] close(4) = 0 [pid 6181] exit_group(0) = ? [pid 6181] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6181, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1153", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1153", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1153/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1153/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1153/binderfs") = 0 umount2("./1153/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1153/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1153/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1153/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1153/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1153/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1153") = 0 mkdir("./1154", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6182 ./strace-static-x86_64: Process 6182 attached [pid 6182] chdir("./1154") = 0 [pid 6182] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6182] setpgid(0, 0) = 0 [pid 6182] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6182] write(3, "1000", 4) = 4 [pid 6182] close(3) = 0 [pid 6182] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6182] memfd_create("syzkaller", 0) = 3 [pid 6182] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 139.817715][ T6181] loop0: detected capacity change from 0 to 4096 [ 139.825941][ T6181] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6182] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6182] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6182] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6182] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6182] close(3) = 0 [pid 6182] mkdir("./file0", 0777) = 0 [pid 6182] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6182] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6182] chdir("./file0") = 0 [pid 6182] ioctl(4, LOOP_CLR_FD) = 0 [pid 6182] close(4) = 0 [pid 6182] exit_group(0) = ? [pid 6182] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6182, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1154", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1154", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1154/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1154/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1154/binderfs") = 0 umount2("./1154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1154/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1154/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1154/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1154") = 0 mkdir("./1155", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6183 ./strace-static-x86_64: Process 6183 attached [pid 6183] chdir("./1155") = 0 [pid 6183] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6183] setpgid(0, 0) = 0 [pid 6183] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6183] write(3, "1000", 4) = 4 [pid 6183] close(3) = 0 [pid 6183] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6183] memfd_create("syzkaller", 0) = 3 [pid 6183] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 139.900935][ T6182] loop0: detected capacity change from 0 to 4096 [ 139.909496][ T6182] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6183] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6183] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6183] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6183] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6183] close(3) = 0 [pid 6183] mkdir("./file0", 0777) = 0 [pid 6183] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6183] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6183] chdir("./file0") = 0 [pid 6183] ioctl(4, LOOP_CLR_FD) = 0 [pid 6183] close(4) = 0 [pid 6183] exit_group(0) = ? [pid 6183] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6183, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1155", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1155", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1155/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1155/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1155/binderfs") = 0 umount2("./1155/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1155/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1155/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1155/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1155/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1155/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1155") = 0 mkdir("./1156", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 139.983564][ T6183] loop0: detected capacity change from 0 to 4096 [ 139.992111][ T6183] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6184 ./strace-static-x86_64: Process 6184 attached [pid 6184] chdir("./1156") = 0 [pid 6184] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6184] setpgid(0, 0) = 0 [pid 6184] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6184] write(3, "1000", 4) = 4 [pid 6184] close(3) = 0 [pid 6184] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6184] memfd_create("syzkaller", 0) = 3 [pid 6184] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6184] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6184] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6184] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6184] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6184] close(3) = 0 [pid 6184] mkdir("./file0", 0777) = 0 [pid 6184] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6184] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6184] chdir("./file0") = 0 [pid 6184] ioctl(4, LOOP_CLR_FD) = 0 [pid 6184] close(4) = 0 [pid 6184] exit_group(0) = ? [pid 6184] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6184, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1156", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1156", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1156/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1156/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1156/binderfs") = 0 umount2("./1156/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1156/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1156/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1156/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1156/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1156/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1156") = 0 mkdir("./1157", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6185 ./strace-static-x86_64: Process 6185 attached [pid 6185] chdir("./1157") = 0 [pid 6185] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6185] setpgid(0, 0) = 0 [pid 6185] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6185] write(3, "1000", 4) = 4 [pid 6185] close(3) = 0 [pid 6185] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6185] memfd_create("syzkaller", 0) = 3 [pid 6185] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 140.071598][ T6184] loop0: detected capacity change from 0 to 4096 [ 140.080208][ T6184] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6185] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6185] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6185] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6185] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6185] close(3) = 0 [pid 6185] mkdir("./file0", 0777) = 0 [pid 6185] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6185] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6185] chdir("./file0") = 0 [pid 6185] ioctl(4, LOOP_CLR_FD) = 0 [pid 6185] close(4) = 0 [pid 6185] exit_group(0) = ? [pid 6185] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6185, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1157", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1157", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1157/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1157/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1157/binderfs") = 0 umount2("./1157/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1157/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1157/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1157/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1157/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1157/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1157") = 0 mkdir("./1158", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 140.148371][ T6185] loop0: detected capacity change from 0 to 4096 [ 140.157244][ T6185] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6186 attached , child_tidptr=0x5555568435d0) = 6186 [pid 6186] chdir("./1158") = 0 [pid 6186] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6186] setpgid(0, 0) = 0 [pid 6186] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6186] write(3, "1000", 4) = 4 [pid 6186] close(3) = 0 [pid 6186] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6186] memfd_create("syzkaller", 0) = 3 [pid 6186] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6186] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6186] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6186] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6186] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6186] close(3) = 0 [pid 6186] mkdir("./file0", 0777) = 0 [pid 6186] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6186] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6186] chdir("./file0") = 0 [pid 6186] ioctl(4, LOOP_CLR_FD) = 0 [pid 6186] close(4) = 0 [pid 6186] exit_group(0) = ? [pid 6186] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6186, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1158", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1158", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1158/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1158/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1158/binderfs") = 0 umount2("./1158/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1158/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1158/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1158/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1158/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1158/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1158") = 0 mkdir("./1159", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6187 ./strace-static-x86_64: Process 6187 attached [pid 6187] chdir("./1159") = 0 [pid 6187] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6187] setpgid(0, 0) = 0 [pid 6187] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6187] write(3, "1000", 4) = 4 [pid 6187] close(3) = 0 [pid 6187] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6187] memfd_create("syzkaller", 0) = 3 [pid 6187] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 140.240649][ T6186] loop0: detected capacity change from 0 to 4096 [ 140.249088][ T6186] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6187] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6187] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6187] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6187] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6187] close(3) = 0 [pid 6187] mkdir("./file0", 0777) = 0 [pid 6187] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6187] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6187] chdir("./file0") = 0 [pid 6187] ioctl(4, LOOP_CLR_FD) = 0 [pid 6187] close(4) = 0 [pid 6187] exit_group(0) = ? [pid 6187] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6187, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1159", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1159", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1159/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1159/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1159/binderfs") = 0 umount2("./1159/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1159/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1159/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1159/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1159/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1159/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1159") = 0 mkdir("./1160", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6188 ./strace-static-x86_64: Process 6188 attached [pid 6188] chdir("./1160") = 0 [pid 6188] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6188] setpgid(0, 0) = 0 [pid 6188] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6188] write(3, "1000", 4) = 4 [pid 6188] close(3) = 0 [pid 6188] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6188] memfd_create("syzkaller", 0) = 3 [ 140.319570][ T6187] loop0: detected capacity change from 0 to 4096 [ 140.328082][ T6187] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6188] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6188] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6188] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6188] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6188] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6188] close(3) = 0 [pid 6188] mkdir("./file0", 0777) = 0 [pid 6188] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6188] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6188] chdir("./file0") = 0 [pid 6188] ioctl(4, LOOP_CLR_FD) = 0 [pid 6188] close(4) = 0 [pid 6188] exit_group(0) = ? [pid 6188] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6188, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1160", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1160", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1160/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1160/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1160/binderfs") = 0 umount2("./1160/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1160/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1160/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1160/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1160/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1160/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1160") = 0 mkdir("./1161", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 140.402935][ T6188] loop0: detected capacity change from 0 to 4096 [ 140.411429][ T6188] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6189 ./strace-static-x86_64: Process 6189 attached [pid 6189] chdir("./1161") = 0 [pid 6189] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6189] setpgid(0, 0) = 0 [pid 6189] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6189] write(3, "1000", 4) = 4 [pid 6189] close(3) = 0 [pid 6189] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6189] memfd_create("syzkaller", 0) = 3 [pid 6189] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6189] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6189] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6189] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6189] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6189] close(3) = 0 [pid 6189] mkdir("./file0", 0777) = 0 [pid 6189] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6189] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6189] chdir("./file0") = 0 [pid 6189] ioctl(4, LOOP_CLR_FD) = 0 [pid 6189] close(4) = 0 [pid 6189] exit_group(0) = ? [pid 6189] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6189, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1161", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1161", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1161/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1161/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 140.493136][ T6189] loop0: detected capacity change from 0 to 4096 [ 140.501707][ T6189] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). unlink("./1161/binderfs") = 0 umount2("./1161/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1161/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1161/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1161/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1161/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1161/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1161") = 0 mkdir("./1162", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6190 ./strace-static-x86_64: Process 6190 attached [pid 6190] chdir("./1162") = 0 [pid 6190] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6190] setpgid(0, 0) = 0 [pid 6190] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6190] write(3, "1000", 4) = 4 [pid 6190] close(3) = 0 [pid 6190] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6190] memfd_create("syzkaller", 0) = 3 [pid 6190] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6190] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6190] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6190] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6190] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6190] close(3) = 0 [pid 6190] mkdir("./file0", 0777) = 0 [pid 6190] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6190] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6190] chdir("./file0") = 0 [pid 6190] ioctl(4, LOOP_CLR_FD) = 0 [pid 6190] close(4) = 0 [pid 6190] exit_group(0) = ? [pid 6190] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6190, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1162", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1162", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1162/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1162/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1162/binderfs") = 0 umount2("./1162/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1162/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1162/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1162/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1162/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1162/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1162") = 0 mkdir("./1163", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6191 ./strace-static-x86_64: Process 6191 attached [pid 6191] chdir("./1163") = 0 [ 140.604618][ T6190] loop0: detected capacity change from 0 to 4096 [ 140.613315][ T6190] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6191] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6191] setpgid(0, 0) = 0 [pid 6191] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6191] write(3, "1000", 4) = 4 [pid 6191] close(3) = 0 [pid 6191] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6191] memfd_create("syzkaller", 0) = 3 [pid 6191] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6191] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6191] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6191] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6191] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6191] close(3) = 0 [pid 6191] mkdir("./file0", 0777) = 0 [pid 6191] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6191] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6191] chdir("./file0") = 0 [pid 6191] ioctl(4, LOOP_CLR_FD) = 0 [pid 6191] close(4) = 0 [pid 6191] exit_group(0) = ? [pid 6191] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6191, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1163", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1163", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1163/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1163/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1163/binderfs") = 0 umount2("./1163/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1163/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1163/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1163/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1163/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1163/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1163") = 0 mkdir("./1164", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6192 attached , child_tidptr=0x5555568435d0) = 6192 [pid 6192] chdir("./1164") = 0 [pid 6192] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6192] setpgid(0, 0) = 0 [pid 6192] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6192] write(3, "1000", 4) = 4 [ 140.690845][ T6191] loop0: detected capacity change from 0 to 4096 [ 140.699230][ T6191] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6192] close(3) = 0 [pid 6192] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6192] memfd_create("syzkaller", 0) = 3 [pid 6192] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6192] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6192] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6192] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6192] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6192] close(3) = 0 [pid 6192] mkdir("./file0", 0777) = 0 [pid 6192] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6192] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6192] chdir("./file0") = 0 [pid 6192] ioctl(4, LOOP_CLR_FD) = 0 [pid 6192] close(4) = 0 [pid 6192] exit_group(0) = ? [pid 6192] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6192, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1164", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1164", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1164/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1164/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1164/binderfs") = 0 umount2("./1164/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1164/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1164/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1164/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1164/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1164/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1164") = 0 mkdir("./1165", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6193 ./strace-static-x86_64: Process 6193 attached [pid 6193] chdir("./1165") = 0 [pid 6193] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6193] setpgid(0, 0) = 0 [pid 6193] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6193] write(3, "1000", 4) = 4 [pid 6193] close(3) = 0 [pid 6193] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6193] memfd_create("syzkaller", 0) = 3 [pid 6193] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 140.774637][ T6192] loop0: detected capacity change from 0 to 4096 [ 140.782803][ T6192] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6193] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6193] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6193] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6193] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6193] close(3) = 0 [pid 6193] mkdir("./file0", 0777) = 0 [pid 6193] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6193] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6193] chdir("./file0") = 0 [pid 6193] ioctl(4, LOOP_CLR_FD) = 0 [pid 6193] close(4) = 0 [pid 6193] exit_group(0) = ? [pid 6193] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6193, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1165", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1165", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1165/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1165/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1165/binderfs") = 0 umount2("./1165/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1165/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1165/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1165/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1165/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1165/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1165") = 0 mkdir("./1166", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6194 ./strace-static-x86_64: Process 6194 attached [pid 6194] chdir("./1166") = 0 [pid 6194] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6194] setpgid(0, 0) = 0 [ 140.851387][ T6193] loop0: detected capacity change from 0 to 4096 [ 140.859768][ T6193] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6194] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6194] write(3, "1000", 4) = 4 [pid 6194] close(3) = 0 [pid 6194] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6194] memfd_create("syzkaller", 0) = 3 [pid 6194] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6194] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6194] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6194] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6194] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6194] close(3) = 0 [pid 6194] mkdir("./file0", 0777) = 0 [pid 6194] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6194] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6194] chdir("./file0") = 0 [pid 6194] ioctl(4, LOOP_CLR_FD) = 0 [pid 6194] close(4) = 0 [pid 6194] exit_group(0) = ? [pid 6194] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6194, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1166", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1166", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1166/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1166/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1166/binderfs") = 0 umount2("./1166/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1166/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1166/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1166/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1166/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1166/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1166") = 0 mkdir("./1167", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6195 ./strace-static-x86_64: Process 6195 attached [pid 6195] chdir("./1167") = 0 [pid 6195] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6195] setpgid(0, 0) = 0 [pid 6195] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6195] write(3, "1000", 4) = 4 [pid 6195] close(3) = 0 [pid 6195] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6195] memfd_create("syzkaller", 0) = 3 [pid 6195] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 140.933224][ T6194] loop0: detected capacity change from 0 to 4096 [ 140.941830][ T6194] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6195] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6195] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6195] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6195] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6195] close(3) = 0 [pid 6195] mkdir("./file0", 0777) = 0 [pid 6195] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6195] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6195] chdir("./file0") = 0 [pid 6195] ioctl(4, LOOP_CLR_FD) = 0 [pid 6195] close(4) = 0 [pid 6195] exit_group(0) = ? [pid 6195] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6195, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1167", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1167", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1167/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1167/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1167/binderfs") = 0 umount2("./1167/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1167/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1167/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1167/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1167/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1167/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1167") = 0 mkdir("./1168", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6196 ./strace-static-x86_64: Process 6196 attached [pid 6196] chdir("./1168") = 0 [pid 6196] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6196] setpgid(0, 0) = 0 [pid 6196] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6196] write(3, "1000", 4) = 4 [pid 6196] close(3) = 0 [pid 6196] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6196] memfd_create("syzkaller", 0) = 3 [pid 6196] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 141.008768][ T6195] loop0: detected capacity change from 0 to 4096 [ 141.017088][ T6195] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6196] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6196] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6196] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6196] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6196] close(3) = 0 [pid 6196] mkdir("./file0", 0777) = 0 [pid 6196] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6196] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6196] chdir("./file0") = 0 [pid 6196] ioctl(4, LOOP_CLR_FD) = 0 [pid 6196] close(4) = 0 [pid 6196] exit_group(0) = ? [pid 6196] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6196, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1168", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1168", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1168/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1168/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1168/binderfs") = 0 umount2("./1168/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1168/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1168/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1168/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1168/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1168/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1168") = 0 mkdir("./1169", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6197 ./strace-static-x86_64: Process 6197 attached [pid 6197] chdir("./1169") = 0 [pid 6197] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6197] setpgid(0, 0) = 0 [pid 6197] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6197] write(3, "1000", 4) = 4 [ 141.085605][ T6196] loop0: detected capacity change from 0 to 4096 [ 141.094296][ T6196] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6197] close(3) = 0 [pid 6197] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6197] memfd_create("syzkaller", 0) = 3 [pid 6197] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6197] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6197] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6197] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6197] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6197] close(3) = 0 [pid 6197] mkdir("./file0", 0777) = 0 [pid 6197] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6197] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6197] chdir("./file0") = 0 [pid 6197] ioctl(4, LOOP_CLR_FD) = 0 [pid 6197] close(4) = 0 [pid 6197] exit_group(0) = ? [pid 6197] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6197, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1169", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1169", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1169/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1169/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1169/binderfs") = 0 umount2("./1169/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1169/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1169/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1169/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1169/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1169/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1169") = 0 mkdir("./1170", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6198 ./strace-static-x86_64: Process 6198 attached [pid 6198] chdir("./1170") = 0 [pid 6198] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6198] setpgid(0, 0) = 0 [pid 6198] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6198] write(3, "1000", 4) = 4 [pid 6198] close(3) = 0 [pid 6198] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6198] memfd_create("syzkaller", 0) = 3 [pid 6198] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 141.169989][ T6197] loop0: detected capacity change from 0 to 4096 [ 141.178425][ T6197] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6198] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6198] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6198] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6198] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6198] close(3) = 0 [pid 6198] mkdir("./file0", 0777) = 0 [pid 6198] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6198] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6198] chdir("./file0") = 0 [pid 6198] ioctl(4, LOOP_CLR_FD) = 0 [pid 6198] close(4) = 0 [pid 6198] exit_group(0) = ? [pid 6198] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6198, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1170", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1170", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1170/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1170/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1170/binderfs") = 0 umount2("./1170/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1170/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1170/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1170/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1170/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1170/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1170") = 0 mkdir("./1171", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6199 ./strace-static-x86_64: Process 6199 attached [pid 6199] chdir("./1171") = 0 [pid 6199] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6199] setpgid(0, 0) = 0 [pid 6199] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6199] write(3, "1000", 4) = 4 [pid 6199] close(3) = 0 [pid 6199] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6199] memfd_create("syzkaller", 0) = 3 [ 141.254735][ T6198] loop0: detected capacity change from 0 to 4096 [ 141.263312][ T6198] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6199] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6199] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6199] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6199] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6199] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6199] close(3) = 0 [pid 6199] mkdir("./file0", 0777) = 0 [pid 6199] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6199] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6199] chdir("./file0") = 0 [pid 6199] ioctl(4, LOOP_CLR_FD) = 0 [pid 6199] close(4) = 0 [pid 6199] exit_group(0) = ? [pid 6199] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6199, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1171", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1171", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1171/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1171/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1171/binderfs") = 0 umount2("./1171/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1171/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1171/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1171/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1171/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1171/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1171") = 0 mkdir("./1172", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 141.337984][ T6199] loop0: detected capacity change from 0 to 4096 [ 141.346577][ T6199] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6200 ./strace-static-x86_64: Process 6200 attached [pid 6200] chdir("./1172") = 0 [pid 6200] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6200] setpgid(0, 0) = 0 [pid 6200] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6200] write(3, "1000", 4) = 4 [pid 6200] close(3) = 0 [pid 6200] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6200] memfd_create("syzkaller", 0) = 3 [pid 6200] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6200] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6200] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6200] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6200] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6200] close(3) = 0 [pid 6200] mkdir("./file0", 0777) = 0 [pid 6200] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6200] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6200] chdir("./file0") = 0 [pid 6200] ioctl(4, LOOP_CLR_FD) = 0 [pid 6200] close(4) = 0 [pid 6200] exit_group(0) = ? [pid 6200] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6200, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1172", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1172", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1172/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1172/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1172/binderfs") = 0 umount2("./1172/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1172/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1172/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1172/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1172/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1172/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1172") = 0 mkdir("./1173", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6201 ./strace-static-x86_64: Process 6201 attached [pid 6201] chdir("./1173") = 0 [pid 6201] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6201] setpgid(0, 0) = 0 [pid 6201] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6201] write(3, "1000", 4) = 4 [pid 6201] close(3) = 0 [pid 6201] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6201] memfd_create("syzkaller", 0) = 3 [pid 6201] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 141.426657][ T6200] loop0: detected capacity change from 0 to 4096 [ 141.434930][ T6200] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6201] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6201] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6201] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6201] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6201] close(3) = 0 [pid 6201] mkdir("./file0", 0777) = 0 [pid 6201] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6201] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6201] chdir("./file0") = 0 [pid 6201] ioctl(4, LOOP_CLR_FD) = 0 [pid 6201] close(4) = 0 [pid 6201] exit_group(0) = ? [pid 6201] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6201, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1173", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1173", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1173/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1173/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1173/binderfs") = 0 umount2("./1173/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1173/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1173/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1173/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1173/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1173/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1173") = 0 mkdir("./1174", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6202 ./strace-static-x86_64: Process 6202 attached [pid 6202] chdir("./1174") = 0 [pid 6202] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6202] setpgid(0, 0) = 0 [pid 6202] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6202] write(3, "1000", 4) = 4 [pid 6202] close(3) = 0 [pid 6202] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6202] memfd_create("syzkaller", 0) = 3 [pid 6202] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 141.511198][ T6201] loop0: detected capacity change from 0 to 4096 [ 141.519399][ T6201] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6202] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6202] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6202] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6202] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6202] close(3) = 0 [pid 6202] mkdir("./file0", 0777) = 0 [pid 6202] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6202] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6202] chdir("./file0") = 0 [pid 6202] ioctl(4, LOOP_CLR_FD) = 0 [pid 6202] close(4) = 0 [pid 6202] exit_group(0) = ? [pid 6202] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6202, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1174", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1174", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1174/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1174/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1174/binderfs") = 0 umount2("./1174/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1174/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1174/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1174/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1174/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1174/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1174") = 0 mkdir("./1175", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 141.590297][ T6202] loop0: detected capacity change from 0 to 4096 [ 141.598895][ T6202] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6203 attached [pid 6203] chdir("./1175") = 0 [pid 6203] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6203] setpgid(0, 0) = 0 [pid 6203] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6203] write(3, "1000", 4) = 4 [pid 6203] close(3) = 0 [pid 6203] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6203] memfd_create("syzkaller", 0) = 3 [pid 6203] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 6203 [pid 6203] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6203] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6203] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6203] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6203] close(3) = 0 [pid 6203] mkdir("./file0", 0777) = 0 [pid 6203] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6203] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6203] chdir("./file0") = 0 [pid 6203] ioctl(4, LOOP_CLR_FD) = 0 [pid 6203] close(4) = 0 [pid 6203] exit_group(0) = ? [pid 6203] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6203, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1175", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1175", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1175/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1175/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1175/binderfs") = 0 umount2("./1175/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1175/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1175/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1175/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1175/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1175/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1175") = 0 mkdir("./1176", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6204 ./strace-static-x86_64: Process 6204 attached [pid 6204] chdir("./1176") = 0 [pid 6204] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6204] setpgid(0, 0) = 0 [pid 6204] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6204] write(3, "1000", 4) = 4 [pid 6204] close(3) = 0 [pid 6204] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6204] memfd_create("syzkaller", 0) = 3 [pid 6204] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 141.674799][ T6203] loop0: detected capacity change from 0 to 4096 [ 141.683086][ T6203] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6204] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6204] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6204] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6204] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6204] close(3) = 0 [pid 6204] mkdir("./file0", 0777) = 0 [pid 6204] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6204] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6204] chdir("./file0") = 0 [pid 6204] ioctl(4, LOOP_CLR_FD) = 0 [pid 6204] close(4) = 0 [pid 6204] exit_group(0) = ? [pid 6204] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6204, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1176", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1176", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1176/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1176/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1176/binderfs") = 0 umount2("./1176/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1176/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1176/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1176/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1176/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1176/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1176") = 0 mkdir("./1177", 0777) = 0 [ 141.750431][ T6204] loop0: detected capacity change from 0 to 4096 [ 141.759495][ T6204] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6205 ./strace-static-x86_64: Process 6205 attached [pid 6205] chdir("./1177") = 0 [pid 6205] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6205] setpgid(0, 0) = 0 [pid 6205] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6205] write(3, "1000", 4) = 4 [pid 6205] close(3) = 0 [pid 6205] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6205] memfd_create("syzkaller", 0) = 3 [pid 6205] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6205] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6205] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6205] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6205] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6205] close(3) = 0 [pid 6205] mkdir("./file0", 0777) = 0 [pid 6205] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6205] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6205] chdir("./file0") = 0 [pid 6205] ioctl(4, LOOP_CLR_FD) = 0 [pid 6205] close(4) = 0 [pid 6205] exit_group(0) = ? [pid 6205] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6205, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1177", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1177", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1177/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1177/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1177/binderfs") = 0 umount2("./1177/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1177/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1177/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1177/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1177/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1177/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1177") = 0 mkdir("./1178", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6206 ./strace-static-x86_64: Process 6206 attached [pid 6206] chdir("./1178") = 0 [pid 6206] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6206] setpgid(0, 0) = 0 [pid 6206] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6206] write(3, "1000", 4) = 4 [pid 6206] close(3) = 0 [pid 6206] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6206] memfd_create("syzkaller", 0) = 3 [pid 6206] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 141.851265][ T6205] loop0: detected capacity change from 0 to 4096 [ 141.859910][ T6205] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6206] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6206] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6206] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6206] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6206] close(3) = 0 [pid 6206] mkdir("./file0", 0777) = 0 [pid 6206] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6206] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6206] chdir("./file0") = 0 [pid 6206] ioctl(4, LOOP_CLR_FD) = 0 [pid 6206] close(4) = 0 [pid 6206] exit_group(0) = ? [pid 6206] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6206, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1178", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1178", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1178/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1178/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1178/binderfs") = 0 umount2("./1178/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1178/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1178/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1178/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1178/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1178/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1178") = 0 mkdir("./1179", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6207 ./strace-static-x86_64: Process 6207 attached [pid 6207] chdir("./1179") = 0 [pid 6207] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6207] setpgid(0, 0) = 0 [pid 6207] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6207] write(3, "1000", 4) = 4 [pid 6207] close(3) = 0 [pid 6207] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6207] memfd_create("syzkaller", 0) = 3 [pid 6207] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 141.934301][ T6206] loop0: detected capacity change from 0 to 4096 [ 141.942466][ T6206] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6207] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6207] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6207] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6207] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6207] close(3) = 0 [pid 6207] mkdir("./file0", 0777) = 0 [pid 6207] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6207] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6207] chdir("./file0") = 0 [pid 6207] ioctl(4, LOOP_CLR_FD) = 0 [pid 6207] close(4) = 0 [pid 6207] exit_group(0) = ? [pid 6207] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6207, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1179", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1179", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1179/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1179/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1179/binderfs") = 0 umount2("./1179/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1179/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1179/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1179/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1179/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1179/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1179") = 0 mkdir("./1180", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6208 ./strace-static-x86_64: Process 6208 attached [pid 6208] chdir("./1180") = 0 [pid 6208] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6208] setpgid(0, 0) = 0 [pid 6208] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6208] write(3, "1000", 4) = 4 [pid 6208] close(3) = 0 [pid 6208] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6208] memfd_create("syzkaller", 0) = 3 [pid 6208] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 142.012433][ T6207] loop0: detected capacity change from 0 to 4096 [ 142.020636][ T6207] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6208] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6208] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6208] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6208] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6208] close(3) = 0 [pid 6208] mkdir("./file0", 0777) = 0 [pid 6208] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6208] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6208] chdir("./file0") = 0 [pid 6208] ioctl(4, LOOP_CLR_FD) = 0 [pid 6208] close(4) = 0 [pid 6208] exit_group(0) = ? [pid 6208] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6208, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1180", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1180", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1180/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1180/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1180/binderfs") = 0 umount2("./1180/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1180/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1180/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1180/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1180/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1180/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1180") = 0 mkdir("./1181", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6209 ./strace-static-x86_64: Process 6209 attached [ 142.088044][ T6208] loop0: detected capacity change from 0 to 4096 [ 142.096134][ T6208] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6209] chdir("./1181") = 0 [pid 6209] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6209] setpgid(0, 0) = 0 [pid 6209] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6209] write(3, "1000", 4) = 4 [pid 6209] close(3) = 0 [pid 6209] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6209] memfd_create("syzkaller", 0) = 3 [pid 6209] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6209] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6209] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6209] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6209] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6209] close(3) = 0 [pid 6209] mkdir("./file0", 0777) = 0 [pid 6209] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6209] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6209] chdir("./file0") = 0 [pid 6209] ioctl(4, LOOP_CLR_FD) = 0 [pid 6209] close(4) = 0 [pid 6209] exit_group(0) = ? [pid 6209] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6209, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1181", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1181", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1181/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1181/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1181/binderfs") = 0 umount2("./1181/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1181/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1181/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1181/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1181/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1181/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1181") = 0 mkdir("./1182", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6210 ./strace-static-x86_64: Process 6210 attached [pid 6210] chdir("./1182") = 0 [pid 6210] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6210] setpgid(0, 0) = 0 [pid 6210] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6210] write(3, "1000", 4) = 4 [pid 6210] close(3) = 0 [pid 6210] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6210] memfd_create("syzkaller", 0) = 3 [pid 6210] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 142.174631][ T6209] loop0: detected capacity change from 0 to 4096 [ 142.183028][ T6209] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6210] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6210] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6210] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6210] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6210] close(3) = 0 [pid 6210] mkdir("./file0", 0777) = 0 [pid 6210] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6210] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6210] chdir("./file0") = 0 [pid 6210] ioctl(4, LOOP_CLR_FD) = 0 [pid 6210] close(4) = 0 [pid 6210] exit_group(0) = ? [pid 6210] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6210, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1182", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1182", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1182/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1182/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1182/binderfs") = 0 umount2("./1182/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1182/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1182/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1182/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1182/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1182/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1182") = 0 mkdir("./1183", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6211 ./strace-static-x86_64: Process 6211 attached [pid 6211] chdir("./1183") = 0 [pid 6211] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6211] setpgid(0, 0) = 0 [pid 6211] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6211] write(3, "1000", 4) = 4 [pid 6211] close(3) = 0 [pid 6211] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6211] memfd_create("syzkaller", 0) = 3 [pid 6211] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 142.251865][ T6210] loop0: detected capacity change from 0 to 4096 [ 142.260533][ T6210] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6211] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6211] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6211] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6211] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6211] close(3) = 0 [pid 6211] mkdir("./file0", 0777) = 0 [pid 6211] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6211] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6211] chdir("./file0") = 0 [pid 6211] ioctl(4, LOOP_CLR_FD) = 0 [pid 6211] close(4) = 0 [pid 6211] exit_group(0) = ? [pid 6211] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6211, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1183", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1183", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1183/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1183/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1183/binderfs") = 0 umount2("./1183/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1183/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1183/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1183/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1183/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1183/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1183") = 0 mkdir("./1184", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6212 ./strace-static-x86_64: Process 6212 attached [pid 6212] chdir("./1184") = 0 [pid 6212] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6212] setpgid(0, 0) = 0 [pid 6212] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6212] write(3, "1000", 4) = 4 [pid 6212] close(3) = 0 [pid 6212] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6212] memfd_create("syzkaller", 0) = 3 [pid 6212] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 142.325755][ T6211] loop0: detected capacity change from 0 to 4096 [ 142.334401][ T6211] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6212] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6212] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6212] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6212] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6212] close(3) = 0 [pid 6212] mkdir("./file0", 0777) = 0 [pid 6212] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6212] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6212] chdir("./file0") = 0 [pid 6212] ioctl(4, LOOP_CLR_FD) = 0 [pid 6212] close(4) = 0 [pid 6212] exit_group(0) = ? [pid 6212] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6212, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1184", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1184", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1184/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1184/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1184/binderfs") = 0 umount2("./1184/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1184/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1184/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1184/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1184/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1184/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1184") = 0 mkdir("./1185", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6213 ./strace-static-x86_64: Process 6213 attached [pid 6213] chdir("./1185") = 0 [pid 6213] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6213] setpgid(0, 0) = 0 [pid 6213] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 142.407156][ T6212] loop0: detected capacity change from 0 to 4096 [ 142.415341][ T6212] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6213] write(3, "1000", 4) = 4 [pid 6213] close(3) = 0 [pid 6213] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6213] memfd_create("syzkaller", 0) = 3 [pid 6213] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6213] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6213] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6213] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6213] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6213] close(3) = 0 [pid 6213] mkdir("./file0", 0777) = 0 [pid 6213] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6213] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6213] chdir("./file0") = 0 [pid 6213] ioctl(4, LOOP_CLR_FD) = 0 [pid 6213] close(4) = 0 [pid 6213] exit_group(0) = ? [pid 6213] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6213, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1185", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1185", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1185/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1185/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1185/binderfs") = 0 umount2("./1185/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1185/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1185/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1185/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1185/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1185/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1185") = 0 mkdir("./1186", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6214 ./strace-static-x86_64: Process 6214 attached [pid 6214] chdir("./1186") = 0 [pid 6214] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6214] setpgid(0, 0) = 0 [pid 6214] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6214] write(3, "1000", 4) = 4 [ 142.492692][ T6213] loop0: detected capacity change from 0 to 4096 [ 142.501089][ T6213] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6214] close(3) = 0 [pid 6214] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6214] memfd_create("syzkaller", 0) = 3 [pid 6214] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6214] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6214] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6214] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6214] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6214] close(3) = 0 [pid 6214] mkdir("./file0", 0777) = 0 [pid 6214] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6214] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6214] chdir("./file0") = 0 [pid 6214] ioctl(4, LOOP_CLR_FD) = 0 [pid 6214] close(4) = 0 [pid 6214] exit_group(0) = ? [pid 6214] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6214, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1186", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1186", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1186/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1186/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1186/binderfs") = 0 umount2("./1186/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1186/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1186/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1186/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1186/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1186/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1186") = 0 mkdir("./1187", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6215 ./strace-static-x86_64: Process 6215 attached [pid 6215] chdir("./1187") = 0 [ 142.581452][ T6214] loop0: detected capacity change from 0 to 4096 [ 142.589915][ T6214] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6215] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6215] setpgid(0, 0) = 0 [pid 6215] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6215] write(3, "1000", 4) = 4 [pid 6215] close(3) = 0 [pid 6215] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6215] memfd_create("syzkaller", 0) = 3 [pid 6215] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6215] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6215] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6215] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6215] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6215] close(3) = 0 [pid 6215] mkdir("./file0", 0777) = 0 [pid 6215] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6215] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6215] chdir("./file0") = 0 [pid 6215] ioctl(4, LOOP_CLR_FD) = 0 [pid 6215] close(4) = 0 [pid 6215] exit_group(0) = ? [pid 6215] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6215, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1187", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1187", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1187/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1187/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1187/binderfs") = 0 umount2("./1187/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1187/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1187/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1187/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1187/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1187/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1187") = 0 mkdir("./1188", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 142.672629][ T6215] loop0: detected capacity change from 0 to 4096 [ 142.681144][ T6215] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6216 ./strace-static-x86_64: Process 6216 attached [pid 6216] chdir("./1188") = 0 [pid 6216] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6216] setpgid(0, 0) = 0 [pid 6216] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6216] write(3, "1000", 4) = 4 [pid 6216] close(3) = 0 [pid 6216] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6216] memfd_create("syzkaller", 0) = 3 [pid 6216] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6216] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6216] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6216] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6216] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6216] close(3) = 0 [pid 6216] mkdir("./file0", 0777) = 0 [pid 6216] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6216] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6216] chdir("./file0") = 0 [pid 6216] ioctl(4, LOOP_CLR_FD) = 0 [pid 6216] close(4) = 0 [pid 6216] exit_group(0) = ? [pid 6216] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6216, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1188", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1188", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1188/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1188/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1188/binderfs") = 0 umount2("./1188/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1188/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1188/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1188/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1188/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1188/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1188") = 0 mkdir("./1189", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6217 ./strace-static-x86_64: Process 6217 attached [pid 6217] chdir("./1189") = 0 [pid 6217] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6217] setpgid(0, 0) = 0 [pid 6217] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6217] write(3, "1000", 4) = 4 [ 142.757627][ T6216] loop0: detected capacity change from 0 to 4096 [ 142.765902][ T6216] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6217] close(3) = 0 [pid 6217] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6217] memfd_create("syzkaller", 0) = 3 [pid 6217] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6217] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6217] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6217] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6217] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6217] close(3) = 0 [pid 6217] mkdir("./file0", 0777) = 0 [pid 6217] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6217] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6217] chdir("./file0") = 0 [pid 6217] ioctl(4, LOOP_CLR_FD) = 0 [pid 6217] close(4) = 0 [pid 6217] exit_group(0) = ? [pid 6217] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6217, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1189", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1189", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1189/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1189/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1189/binderfs") = 0 umount2("./1189/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1189/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1189/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1189/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1189/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1189/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1189") = 0 mkdir("./1190", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 142.839735][ T6217] loop0: detected capacity change from 0 to 4096 [ 142.847960][ T6217] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6218 ./strace-static-x86_64: Process 6218 attached [pid 6218] chdir("./1190") = 0 [pid 6218] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6218] setpgid(0, 0) = 0 [pid 6218] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6218] write(3, "1000", 4) = 4 [pid 6218] close(3) = 0 [pid 6218] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6218] memfd_create("syzkaller", 0) = 3 [pid 6218] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6218] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6218] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6218] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6218] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6218] close(3) = 0 [pid 6218] mkdir("./file0", 0777) = 0 [pid 6218] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6218] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6218] chdir("./file0") = 0 [pid 6218] ioctl(4, LOOP_CLR_FD) = 0 [pid 6218] close(4) = 0 [pid 6218] exit_group(0) = ? [pid 6218] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6218, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1190", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1190", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1190/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1190/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1190/binderfs") = 0 umount2("./1190/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1190/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1190/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1190/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1190/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1190/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1190") = 0 mkdir("./1191", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 142.932488][ T6218] loop0: detected capacity change from 0 to 4096 [ 142.940849][ T6218] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6219 ./strace-static-x86_64: Process 6219 attached [pid 6219] chdir("./1191") = 0 [pid 6219] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6219] setpgid(0, 0) = 0 [pid 6219] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6219] write(3, "1000", 4) = 4 [pid 6219] close(3) = 0 [pid 6219] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6219] memfd_create("syzkaller", 0) = 3 [pid 6219] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6219] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6219] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6219] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6219] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6219] close(3) = 0 [pid 6219] mkdir("./file0", 0777) = 0 [pid 6219] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6219] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6219] chdir("./file0") = 0 [pid 6219] ioctl(4, LOOP_CLR_FD) = 0 [pid 6219] close(4) = 0 [pid 6219] exit_group(0) = ? [pid 6219] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6219, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1191", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1191", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1191/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1191/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1191/binderfs") = 0 umount2("./1191/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1191/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1191/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1191/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1191/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1191/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1191") = 0 mkdir("./1192", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6220 ./strace-static-x86_64: Process 6220 attached [pid 6220] chdir("./1192") = 0 [ 143.024973][ T6219] loop0: detected capacity change from 0 to 4096 [ 143.033591][ T6219] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6220] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6220] setpgid(0, 0) = 0 [pid 6220] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6220] write(3, "1000", 4) = 4 [pid 6220] close(3) = 0 [pid 6220] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6220] memfd_create("syzkaller", 0) = 3 [pid 6220] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6220] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6220] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6220] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6220] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6220] close(3) = 0 [pid 6220] mkdir("./file0", 0777) = 0 [pid 6220] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6220] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6220] chdir("./file0") = 0 [pid 6220] ioctl(4, LOOP_CLR_FD) = 0 [pid 6220] close(4) = 0 [pid 6220] exit_group(0) = ? [pid 6220] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6220, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1192", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1192", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1192/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1192/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1192/binderfs") = 0 umount2("./1192/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1192/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1192/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1192/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1192/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1192/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1192") = 0 mkdir("./1193", 0777) = 0 [ 143.111858][ T6220] loop0: detected capacity change from 0 to 4096 [ 143.120333][ T6220] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6221 ./strace-static-x86_64: Process 6221 attached [pid 6221] chdir("./1193") = 0 [pid 6221] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6221] setpgid(0, 0) = 0 [pid 6221] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6221] write(3, "1000", 4) = 4 [pid 6221] close(3) = 0 [pid 6221] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6221] memfd_create("syzkaller", 0) = 3 [pid 6221] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6221] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6221] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6221] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6221] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6221] close(3) = 0 [pid 6221] mkdir("./file0", 0777) = 0 [pid 6221] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6221] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6221] chdir("./file0") = 0 [pid 6221] ioctl(4, LOOP_CLR_FD) = 0 [pid 6221] close(4) = 0 [pid 6221] exit_group(0) = ? [pid 6221] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6221, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1193", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1193", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1193/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1193/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1193/binderfs") = 0 umount2("./1193/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1193/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1193/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1193/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1193/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1193/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1193") = 0 mkdir("./1194", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 143.201795][ T6221] loop0: detected capacity change from 0 to 4096 [ 143.210969][ T6221] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6222 ./strace-static-x86_64: Process 6222 attached [pid 6222] chdir("./1194") = 0 [pid 6222] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6222] setpgid(0, 0) = 0 [pid 6222] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6222] write(3, "1000", 4) = 4 [pid 6222] close(3) = 0 [pid 6222] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6222] memfd_create("syzkaller", 0) = 3 [pid 6222] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6222] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6222] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6222] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6222] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6222] close(3) = 0 [pid 6222] mkdir("./file0", 0777) = 0 [pid 6222] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6222] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6222] chdir("./file0") = 0 [pid 6222] ioctl(4, LOOP_CLR_FD) = 0 [pid 6222] close(4) = 0 [pid 6222] exit_group(0) = ? [pid 6222] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6222, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1194", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1194", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1194/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1194/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1194/binderfs") = 0 umount2("./1194/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1194/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1194/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1194/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1194/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1194/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1194") = 0 mkdir("./1195", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6223 ./strace-static-x86_64: Process 6223 attached [pid 6223] chdir("./1195") = 0 [pid 6223] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6223] setpgid(0, 0) = 0 [pid 6223] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6223] write(3, "1000", 4) = 4 [pid 6223] close(3) = 0 [pid 6223] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6223] memfd_create("syzkaller", 0) = 3 [pid 6223] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 143.290502][ T6222] loop0: detected capacity change from 0 to 4096 [ 143.299620][ T6222] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6223] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6223] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6223] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6223] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6223] close(3) = 0 [pid 6223] mkdir("./file0", 0777) = 0 [pid 6223] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6223] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6223] chdir("./file0") = 0 [pid 6223] ioctl(4, LOOP_CLR_FD) = 0 [pid 6223] close(4) = 0 [pid 6223] exit_group(0) = ? [pid 6223] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6223, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1195", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1195", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1195/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1195/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1195/binderfs") = 0 umount2("./1195/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1195/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1195/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1195/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1195/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1195/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1195") = 0 mkdir("./1196", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6224 ./strace-static-x86_64: Process 6224 attached [pid 6224] chdir("./1196") = 0 [pid 6224] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6224] setpgid(0, 0) = 0 [pid 6224] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6224] write(3, "1000", 4) = 4 [pid 6224] close(3) = 0 [pid 6224] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6224] memfd_create("syzkaller", 0) = 3 [pid 6224] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 143.374516][ T6223] loop0: detected capacity change from 0 to 4096 [ 143.383860][ T6223] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6224] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6224] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6224] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6224] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6224] close(3) = 0 [pid 6224] mkdir("./file0", 0777) = 0 [pid 6224] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6224] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6224] chdir("./file0") = 0 [pid 6224] ioctl(4, LOOP_CLR_FD) = 0 [pid 6224] close(4) = 0 [pid 6224] exit_group(0) = ? [pid 6224] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6224, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1196", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1196", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1196/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1196/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1196/binderfs") = 0 umount2("./1196/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1196/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1196/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1196/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1196/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1196/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1196") = 0 mkdir("./1197", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6225 ./strace-static-x86_64: Process 6225 attached [pid 6225] chdir("./1197") = 0 [pid 6225] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6225] setpgid(0, 0) = 0 [pid 6225] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6225] write(3, "1000", 4) = 4 [pid 6225] close(3) = 0 [pid 6225] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6225] memfd_create("syzkaller", 0) = 3 [pid 6225] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 143.456749][ T6224] loop0: detected capacity change from 0 to 4096 [ 143.464997][ T6224] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6225] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6225] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6225] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6225] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6225] close(3) = 0 [pid 6225] mkdir("./file0", 0777) = 0 [pid 6225] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6225] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6225] chdir("./file0") = 0 [pid 6225] ioctl(4, LOOP_CLR_FD) = 0 [pid 6225] close(4) = 0 [pid 6225] exit_group(0) = ? [pid 6225] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6225, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1197", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1197", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1197/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1197/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1197/binderfs") = 0 umount2("./1197/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1197/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1197/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1197/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1197/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1197/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1197") = 0 mkdir("./1198", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6226 attached , child_tidptr=0x5555568435d0) = 6226 [pid 6226] chdir("./1198") = 0 [pid 6226] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6226] setpgid(0, 0) = 0 [pid 6226] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6226] write(3, "1000", 4) = 4 [pid 6226] close(3) = 0 [pid 6226] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6226] memfd_create("syzkaller", 0) = 3 [pid 6226] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 143.537161][ T6225] loop0: detected capacity change from 0 to 4096 [ 143.545679][ T6225] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6226] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6226] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6226] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6226] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6226] close(3) = 0 [pid 6226] mkdir("./file0", 0777) = 0 [pid 6226] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6226] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6226] chdir("./file0") = 0 [pid 6226] ioctl(4, LOOP_CLR_FD) = 0 [pid 6226] close(4) = 0 [pid 6226] exit_group(0) = ? [pid 6226] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6226, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1198", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1198", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1198/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1198/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1198/binderfs") = 0 umount2("./1198/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1198/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1198/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1198/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1198/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1198/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1198") = 0 mkdir("./1199", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6227 ./strace-static-x86_64: Process 6227 attached [pid 6227] chdir("./1199") = 0 [pid 6227] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6227] setpgid(0, 0) = 0 [pid 6227] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6227] write(3, "1000", 4) = 4 [pid 6227] close(3) = 0 [pid 6227] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6227] memfd_create("syzkaller", 0) = 3 [pid 6227] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 143.617055][ T6226] loop0: detected capacity change from 0 to 4096 [ 143.624991][ T6226] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6227] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6227] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6227] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6227] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6227] close(3) = 0 [pid 6227] mkdir("./file0", 0777) = 0 [pid 6227] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6227] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6227] chdir("./file0") = 0 [pid 6227] ioctl(4, LOOP_CLR_FD) = 0 [pid 6227] close(4) = 0 [pid 6227] exit_group(0) = ? [pid 6227] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6227, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1199", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1199", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1199/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1199/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1199/binderfs") = 0 umount2("./1199/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1199/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1199/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1199/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1199/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1199/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1199") = 0 mkdir("./1200", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6228 ./strace-static-x86_64: Process 6228 attached [pid 6228] chdir("./1200") = 0 [pid 6228] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6228] setpgid(0, 0) = 0 [pid 6228] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6228] write(3, "1000", 4) = 4 [pid 6228] close(3) = 0 [pid 6228] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6228] memfd_create("syzkaller", 0) = 3 [pid 6228] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 143.700754][ T6227] loop0: detected capacity change from 0 to 4096 [ 143.709237][ T6227] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6228] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6228] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6228] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6228] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6228] close(3) = 0 [pid 6228] mkdir("./file0", 0777) = 0 [pid 6228] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6228] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6228] chdir("./file0") = 0 [pid 6228] ioctl(4, LOOP_CLR_FD) = 0 [pid 6228] close(4) = 0 [pid 6228] exit_group(0) = ? [pid 6228] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6228, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1200", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1200", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1200/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1200/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1200/binderfs") = 0 umount2("./1200/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1200/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1200/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1200/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1200/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1200/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1200") = 0 mkdir("./1201", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6229 ./strace-static-x86_64: Process 6229 attached [pid 6229] chdir("./1201") = 0 [pid 6229] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6229] setpgid(0, 0) = 0 [pid 6229] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6229] write(3, "1000", 4) = 4 [pid 6229] close(3) = 0 [ 143.783901][ T6228] loop0: detected capacity change from 0 to 4096 [ 143.792766][ T6228] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6229] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6229] memfd_create("syzkaller", 0) = 3 [pid 6229] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6229] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6229] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6229] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6229] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6229] close(3) = 0 [pid 6229] mkdir("./file0", 0777) = 0 [pid 6229] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6229] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6229] chdir("./file0") = 0 [pid 6229] ioctl(4, LOOP_CLR_FD) = 0 [pid 6229] close(4) = 0 [pid 6229] exit_group(0) = ? [pid 6229] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6229, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1201", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1201", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1201/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1201/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1201/binderfs") = 0 umount2("./1201/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1201/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1201/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1201/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1201/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1201/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1201") = 0 mkdir("./1202", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 143.865686][ T6229] loop0: detected capacity change from 0 to 4096 [ 143.874720][ T6229] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6230 ./strace-static-x86_64: Process 6230 attached [pid 6230] chdir("./1202") = 0 [pid 6230] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6230] setpgid(0, 0) = 0 [pid 6230] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6230] write(3, "1000", 4) = 4 [pid 6230] close(3) = 0 [pid 6230] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6230] memfd_create("syzkaller", 0) = 3 [pid 6230] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6230] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6230] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6230] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6230] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6230] close(3) = 0 [pid 6230] mkdir("./file0", 0777) = 0 [pid 6230] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6230] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6230] chdir("./file0") = 0 [pid 6230] ioctl(4, LOOP_CLR_FD) = 0 [pid 6230] close(4) = 0 [pid 6230] exit_group(0) = ? [pid 6230] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6230, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1202", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1202", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1202/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1202/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1202/binderfs") = 0 umount2("./1202/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1202/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1202/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1202/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1202/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1202/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1202") = 0 mkdir("./1203", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6231 ./strace-static-x86_64: Process 6231 attached [pid 6231] chdir("./1203") = 0 [pid 6231] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6231] setpgid(0, 0) = 0 [pid 6231] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6231] write(3, "1000", 4) = 4 [pid 6231] close(3) = 0 [pid 6231] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6231] memfd_create("syzkaller", 0) = 3 [pid 6231] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 143.955095][ T6230] loop0: detected capacity change from 0 to 4096 [ 143.963928][ T6230] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6231] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6231] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6231] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6231] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6231] close(3) = 0 [pid 6231] mkdir("./file0", 0777) = 0 [pid 6231] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6231] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6231] chdir("./file0") = 0 [pid 6231] ioctl(4, LOOP_CLR_FD) = 0 [pid 6231] close(4) = 0 [pid 6231] exit_group(0) = ? [pid 6231] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6231, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1203", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1203", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1203/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1203/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1203/binderfs") = 0 umount2("./1203/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1203/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1203/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1203/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1203/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1203/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1203") = 0 mkdir("./1204", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6232 ./strace-static-x86_64: Process 6232 attached [pid 6232] chdir("./1204") = 0 [pid 6232] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6232] setpgid(0, 0) = 0 [pid 6232] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6232] write(3, "1000", 4) = 4 [pid 6232] close(3) = 0 [pid 6232] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6232] memfd_create("syzkaller", 0) = 3 [pid 6232] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 144.028739][ T6231] loop0: detected capacity change from 0 to 4096 [ 144.037608][ T6231] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6232] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6232] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6232] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6232] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6232] close(3) = 0 [pid 6232] mkdir("./file0", 0777) = 0 [pid 6232] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6232] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6232] chdir("./file0") = 0 [pid 6232] ioctl(4, LOOP_CLR_FD) = 0 [pid 6232] close(4) = 0 [pid 6232] exit_group(0) = ? [pid 6232] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6232, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1204", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1204", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1204/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1204/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1204/binderfs") = 0 umount2("./1204/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1204/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1204/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1204/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1204/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1204/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1204") = 0 mkdir("./1205", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6233 ./strace-static-x86_64: Process 6233 attached [pid 6233] chdir("./1205") = 0 [pid 6233] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6233] setpgid(0, 0) = 0 [pid 6233] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6233] write(3, "1000", 4) = 4 [pid 6233] close(3) = 0 [pid 6233] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6233] memfd_create("syzkaller", 0) = 3 [pid 6233] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 144.106869][ T6232] loop0: detected capacity change from 0 to 4096 [ 144.115150][ T6232] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6233] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6233] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6233] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6233] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6233] close(3) = 0 [pid 6233] mkdir("./file0", 0777) = 0 [pid 6233] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6233] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6233] chdir("./file0") = 0 [pid 6233] ioctl(4, LOOP_CLR_FD) = 0 [pid 6233] close(4) = 0 [pid 6233] exit_group(0) = ? [pid 6233] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6233, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1205", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1205", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1205/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1205/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1205/binderfs") = 0 umount2("./1205/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1205/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1205/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1205/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1205/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1205/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1205") = 0 mkdir("./1206", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6234 ./strace-static-x86_64: Process 6234 attached [pid 6234] chdir("./1206") = 0 [pid 6234] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6234] setpgid(0, 0) = 0 [pid 6234] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6234] write(3, "1000", 4) = 4 [pid 6234] close(3) = 0 [pid 6234] symlink("/dev/binderfs", "./binderfs") = 0 [ 144.195196][ T6233] loop0: detected capacity change from 0 to 4096 [ 144.204314][ T6233] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6234] memfd_create("syzkaller", 0) = 3 [pid 6234] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6234] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6234] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6234] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6234] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6234] close(3) = 0 [pid 6234] mkdir("./file0", 0777) = 0 [pid 6234] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6234] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6234] chdir("./file0") = 0 [pid 6234] ioctl(4, LOOP_CLR_FD) = 0 [pid 6234] close(4) = 0 [pid 6234] exit_group(0) = ? [pid 6234] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6234, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1206", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1206", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1206/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1206/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1206/binderfs") = 0 umount2("./1206/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1206/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1206/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1206/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1206/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1206/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1206") = 0 mkdir("./1207", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6235 ./strace-static-x86_64: Process 6235 attached [pid 6235] chdir("./1207") = 0 [pid 6235] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6235] setpgid(0, 0) = 0 [pid 6235] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6235] write(3, "1000", 4) = 4 [pid 6235] close(3) = 0 [ 144.279493][ T6234] loop0: detected capacity change from 0 to 4096 [ 144.288273][ T6234] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6235] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6235] memfd_create("syzkaller", 0) = 3 [pid 6235] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6235] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6235] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6235] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6235] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6235] close(3) = 0 [pid 6235] mkdir("./file0", 0777) = 0 [pid 6235] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6235] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6235] chdir("./file0") = 0 [pid 6235] ioctl(4, LOOP_CLR_FD) = 0 [pid 6235] close(4) = 0 [pid 6235] exit_group(0) = ? [pid 6235] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6235, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1207", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1207", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1207/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1207/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1207/binderfs") = 0 umount2("./1207/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1207/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1207/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1207/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1207/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1207/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1207") = 0 mkdir("./1208", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6236 attached , child_tidptr=0x5555568435d0) = 6236 [pid 6236] chdir("./1208") = 0 [pid 6236] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 144.359864][ T6235] loop0: detected capacity change from 0 to 4096 [ 144.369166][ T6235] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6236] setpgid(0, 0) = 0 [pid 6236] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6236] write(3, "1000", 4) = 4 [pid 6236] close(3) = 0 [pid 6236] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6236] memfd_create("syzkaller", 0) = 3 [pid 6236] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6236] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6236] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6236] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6236] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6236] close(3) = 0 [pid 6236] mkdir("./file0", 0777) = 0 [pid 6236] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6236] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6236] chdir("./file0") = 0 [pid 6236] ioctl(4, LOOP_CLR_FD) = 0 [pid 6236] close(4) = 0 [pid 6236] exit_group(0) = ? [pid 6236] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6236, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1208", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1208", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1208/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1208/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1208/binderfs") = 0 umount2("./1208/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1208/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1208/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1208/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1208/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1208/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1208") = 0 mkdir("./1209", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6237 attached , child_tidptr=0x5555568435d0) = 6237 [pid 6237] chdir("./1209") = 0 [pid 6237] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6237] setpgid(0, 0) = 0 [pid 6237] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6237] write(3, "1000", 4) = 4 [pid 6237] close(3) = 0 [pid 6237] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6237] memfd_create("syzkaller", 0) = 3 [pid 6237] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 144.445258][ T6236] loop0: detected capacity change from 0 to 4096 [ 144.453830][ T6236] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6237] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6237] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6237] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6237] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6237] close(3) = 0 [pid 6237] mkdir("./file0", 0777) = 0 [pid 6237] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6237] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6237] chdir("./file0") = 0 [pid 6237] ioctl(4, LOOP_CLR_FD) = 0 [pid 6237] close(4) = 0 [pid 6237] exit_group(0) = ? [pid 6237] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6237, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1209", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1209", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1209/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1209/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1209/binderfs") = 0 umount2("./1209/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1209/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1209/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1209/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1209/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1209/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1209") = 0 mkdir("./1210", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 144.527937][ T6237] loop0: detected capacity change from 0 to 4096 [ 144.536728][ T6237] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6238 ./strace-static-x86_64: Process 6238 attached [pid 6238] chdir("./1210") = 0 [pid 6238] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6238] setpgid(0, 0) = 0 [pid 6238] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6238] write(3, "1000", 4) = 4 [pid 6238] close(3) = 0 [pid 6238] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6238] memfd_create("syzkaller", 0) = 3 [pid 6238] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6238] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6238] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6238] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6238] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6238] close(3) = 0 [pid 6238] mkdir("./file0", 0777) = 0 [pid 6238] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6238] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6238] chdir("./file0") = 0 [pid 6238] ioctl(4, LOOP_CLR_FD) = 0 [pid 6238] close(4) = 0 [pid 6238] exit_group(0) = ? [pid 6238] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6238, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1210", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1210", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1210/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1210/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1210/binderfs") = 0 umount2("./1210/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1210/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1210/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1210/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1210/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1210/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1210") = 0 mkdir("./1211", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6239 ./strace-static-x86_64: Process 6239 attached [pid 6239] chdir("./1211") = 0 [pid 6239] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6239] setpgid(0, 0) = 0 [pid 6239] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6239] write(3, "1000", 4) = 4 [pid 6239] close(3) = 0 [pid 6239] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6239] memfd_create("syzkaller", 0) = 3 [pid 6239] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 144.614512][ T6238] loop0: detected capacity change from 0 to 4096 [ 144.623572][ T6238] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6239] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6239] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6239] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6239] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6239] close(3) = 0 [pid 6239] mkdir("./file0", 0777) = 0 [pid 6239] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6239] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6239] chdir("./file0") = 0 [pid 6239] ioctl(4, LOOP_CLR_FD) = 0 [pid 6239] close(4) = 0 [pid 6239] exit_group(0) = ? [pid 6239] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6239, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1211", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1211", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1211/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1211/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1211/binderfs") = 0 umount2("./1211/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1211/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1211/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1211/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1211/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1211/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1211") = 0 mkdir("./1212", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6240 ./strace-static-x86_64: Process 6240 attached [pid 6240] chdir("./1212") = 0 [pid 6240] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6240] setpgid(0, 0) = 0 [pid 6240] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6240] write(3, "1000", 4) = 4 [pid 6240] close(3) = 0 [pid 6240] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6240] memfd_create("syzkaller", 0) = 3 [pid 6240] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 144.699974][ T6239] loop0: detected capacity change from 0 to 4096 [ 144.708854][ T6239] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6240] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6240] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6240] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6240] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6240] close(3) = 0 [pid 6240] mkdir("./file0", 0777) = 0 [pid 6240] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6240] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6240] chdir("./file0") = 0 [pid 6240] ioctl(4, LOOP_CLR_FD) = 0 [pid 6240] close(4) = 0 [pid 6240] exit_group(0) = ? [pid 6240] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6240, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1212", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1212", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1212/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1212/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1212/binderfs") = 0 umount2("./1212/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1212/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1212/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1212/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1212/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1212/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1212") = 0 mkdir("./1213", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 144.783725][ T6240] loop0: detected capacity change from 0 to 4096 [ 144.792719][ T6240] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6241 ./strace-static-x86_64: Process 6241 attached [pid 6241] chdir("./1213") = 0 [pid 6241] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6241] setpgid(0, 0) = 0 [pid 6241] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6241] write(3, "1000", 4) = 4 [pid 6241] close(3) = 0 [pid 6241] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6241] memfd_create("syzkaller", 0) = 3 [pid 6241] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6241] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6241] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6241] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6241] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6241] close(3) = 0 [pid 6241] mkdir("./file0", 0777) = 0 [pid 6241] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6241] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6241] chdir("./file0") = 0 [pid 6241] ioctl(4, LOOP_CLR_FD) = 0 [pid 6241] close(4) = 0 [pid 6241] exit_group(0) = ? [pid 6241] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6241, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1213", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1213", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1213/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1213/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1213/binderfs") = 0 umount2("./1213/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1213/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1213/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1213/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1213/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1213/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1213") = 0 mkdir("./1214", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 144.931341][ T6241] loop0: detected capacity change from 0 to 4096 [ 144.940544][ T6241] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6242 ./strace-static-x86_64: Process 6242 attached [pid 6242] chdir("./1214") = 0 [pid 6242] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6242] setpgid(0, 0) = 0 [pid 6242] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6242] write(3, "1000", 4) = 4 [pid 6242] close(3) = 0 [pid 6242] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6242] memfd_create("syzkaller", 0) = 3 [pid 6242] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6242] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6242] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6242] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6242] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6242] close(3) = 0 [pid 6242] mkdir("./file0", 0777) = 0 [pid 6242] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6242] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6242] chdir("./file0") = 0 [pid 6242] ioctl(4, LOOP_CLR_FD) = 0 [pid 6242] close(4) = 0 [pid 6242] exit_group(0) = ? [pid 6242] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6242, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1214", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1214", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1214/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1214/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1214/binderfs") = 0 umount2("./1214/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1214/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1214/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1214/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1214/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1214/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1214") = 0 mkdir("./1215", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6243 ./strace-static-x86_64: Process 6243 attached [pid 6243] chdir("./1215") = 0 [pid 6243] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6243] setpgid(0, 0) = 0 [pid 6243] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6243] write(3, "1000", 4) = 4 [pid 6243] close(3) = 0 [pid 6243] symlink("/dev/binderfs", "./binderfs") = 0 [ 145.020983][ T6242] loop0: detected capacity change from 0 to 4096 [ 145.029850][ T6242] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6243] memfd_create("syzkaller", 0) = 3 [pid 6243] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6243] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6243] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6243] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6243] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6243] close(3) = 0 [pid 6243] mkdir("./file0", 0777) = 0 [pid 6243] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6243] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6243] chdir("./file0") = 0 [pid 6243] ioctl(4, LOOP_CLR_FD) = 0 [pid 6243] close(4) = 0 [pid 6243] exit_group(0) = ? [pid 6243] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6243, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1215", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1215", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1215/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1215/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1215/binderfs") = 0 umount2("./1215/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1215/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1215/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1215/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1215/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1215/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1215") = 0 mkdir("./1216", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 145.100992][ T6243] loop0: detected capacity change from 0 to 4096 [ 145.109693][ T6243] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6244 ./strace-static-x86_64: Process 6244 attached [pid 6244] chdir("./1216") = 0 [pid 6244] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6244] setpgid(0, 0) = 0 [pid 6244] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6244] write(3, "1000", 4) = 4 [pid 6244] close(3) = 0 [pid 6244] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6244] memfd_create("syzkaller", 0) = 3 [pid 6244] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6244] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6244] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6244] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6244] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6244] close(3) = 0 [pid 6244] mkdir("./file0", 0777) = 0 [pid 6244] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6244] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6244] chdir("./file0") = 0 [pid 6244] ioctl(4, LOOP_CLR_FD) = 0 [pid 6244] close(4) = 0 [pid 6244] exit_group(0) = ? [pid 6244] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6244, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1216", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1216", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1216/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1216/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1216/binderfs") = 0 umount2("./1216/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1216/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1216/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1216/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1216/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1216/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1216") = 0 mkdir("./1217", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6245 ./strace-static-x86_64: Process 6245 attached [pid 6245] chdir("./1217") = 0 [pid 6245] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6245] setpgid(0, 0) = 0 [pid 6245] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6245] write(3, "1000", 4) = 4 [pid 6245] close(3) = 0 [pid 6245] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6245] memfd_create("syzkaller", 0) = 3 [pid 6245] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 145.190684][ T6244] loop0: detected capacity change from 0 to 4096 [ 145.199041][ T6244] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6245] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6245] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6245] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6245] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6245] close(3) = 0 [pid 6245] mkdir("./file0", 0777) = 0 [pid 6245] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6245] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6245] chdir("./file0") = 0 [pid 6245] ioctl(4, LOOP_CLR_FD) = 0 [pid 6245] close(4) = 0 [pid 6245] exit_group(0) = ? [pid 6245] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6245, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1217", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1217", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1217/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1217/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1217/binderfs") = 0 umount2("./1217/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1217/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1217/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1217/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1217/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1217/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1217") = 0 mkdir("./1218", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6246 attached , child_tidptr=0x5555568435d0) = 6246 [pid 6246] chdir("./1218") = 0 [ 145.273432][ T6245] loop0: detected capacity change from 0 to 4096 [ 145.282288][ T6245] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6246] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6246] setpgid(0, 0) = 0 [pid 6246] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6246] write(3, "1000", 4) = 4 [pid 6246] close(3) = 0 [pid 6246] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6246] memfd_create("syzkaller", 0) = 3 [pid 6246] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6246] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6246] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6246] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6246] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6246] close(3) = 0 [pid 6246] mkdir("./file0", 0777) = 0 [pid 6246] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6246] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6246] chdir("./file0") = 0 [pid 6246] ioctl(4, LOOP_CLR_FD) = 0 [pid 6246] close(4) = 0 [pid 6246] exit_group(0) = ? [pid 6246] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6246, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1218", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1218", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1218/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1218/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1218/binderfs") = 0 umount2("./1218/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1218/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1218/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1218/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1218/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1218/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1218") = 0 mkdir("./1219", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 145.359114][ T6246] loop0: detected capacity change from 0 to 4096 [ 145.367695][ T6246] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6247 ./strace-static-x86_64: Process 6247 attached [pid 6247] chdir("./1219") = 0 [pid 6247] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6247] setpgid(0, 0) = 0 [pid 6247] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6247] write(3, "1000", 4) = 4 [pid 6247] close(3) = 0 [pid 6247] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6247] memfd_create("syzkaller", 0) = 3 [pid 6247] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6247] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6247] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6247] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6247] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6247] close(3) = 0 [pid 6247] mkdir("./file0", 0777) = 0 [pid 6247] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6247] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6247] chdir("./file0") = 0 [pid 6247] ioctl(4, LOOP_CLR_FD) = 0 [pid 6247] close(4) = 0 [pid 6247] exit_group(0) = ? [pid 6247] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6247, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1219", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1219", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1219/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1219/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1219/binderfs") = 0 umount2("./1219/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1219/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1219/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1219/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1219/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1219/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1219") = 0 mkdir("./1220", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6248 ./strace-static-x86_64: Process 6248 attached [pid 6248] chdir("./1220") = 0 [pid 6248] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6248] setpgid(0, 0) = 0 [pid 6248] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6248] write(3, "1000", 4) = 4 [pid 6248] close(3) = 0 [pid 6248] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6248] memfd_create("syzkaller", 0) = 3 [ 145.442664][ T6247] loop0: detected capacity change from 0 to 4096 [ 145.450855][ T6247] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6248] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6248] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6248] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6248] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6248] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6248] close(3) = 0 [pid 6248] mkdir("./file0", 0777) = 0 [pid 6248] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6248] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6248] chdir("./file0") = 0 [pid 6248] ioctl(4, LOOP_CLR_FD) = 0 [pid 6248] close(4) = 0 [pid 6248] exit_group(0) = ? [pid 6248] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6248, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1220", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1220", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1220/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1220/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1220/binderfs") = 0 umount2("./1220/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1220/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1220/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1220/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1220/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1220/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1220") = 0 mkdir("./1221", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6249 ./strace-static-x86_64: Process 6249 attached [pid 6249] chdir("./1221") = 0 [pid 6249] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6249] setpgid(0, 0) = 0 [pid 6249] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6249] write(3, "1000", 4) = 4 [pid 6249] close(3) = 0 [pid 6249] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6249] memfd_create("syzkaller", 0) = 3 [pid 6249] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 145.527420][ T6248] loop0: detected capacity change from 0 to 4096 [ 145.535508][ T6248] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6249] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6249] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6249] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6249] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6249] close(3) = 0 [pid 6249] mkdir("./file0", 0777) = 0 [pid 6249] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6249] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6249] chdir("./file0") = 0 [pid 6249] ioctl(4, LOOP_CLR_FD) = 0 [pid 6249] close(4) = 0 [pid 6249] exit_group(0) = ? [pid 6249] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6249, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1221", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1221", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1221/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1221/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1221/binderfs") = 0 umount2("./1221/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1221/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1221/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1221/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1221/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1221/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1221") = 0 mkdir("./1222", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6250 ./strace-static-x86_64: Process 6250 attached [pid 6250] chdir("./1222") = 0 [pid 6250] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6250] setpgid(0, 0) = 0 [pid 6250] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6250] write(3, "1000", 4) = 4 [pid 6250] close(3) = 0 [pid 6250] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6250] memfd_create("syzkaller", 0) = 3 [pid 6250] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 145.614668][ T6249] loop0: detected capacity change from 0 to 4096 [ 145.623199][ T6249] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6250] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6250] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6250] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6250] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6250] close(3) = 0 [pid 6250] mkdir("./file0", 0777) = 0 [pid 6250] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6250] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6250] chdir("./file0") = 0 [pid 6250] ioctl(4, LOOP_CLR_FD) = 0 [pid 6250] close(4) = 0 [pid 6250] exit_group(0) = ? [pid 6250] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6250, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1222", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1222", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1222/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1222/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1222/binderfs") = 0 umount2("./1222/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1222/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1222/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1222/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1222/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1222/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1222") = 0 mkdir("./1223", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 145.691668][ T6250] loop0: detected capacity change from 0 to 4096 [ 145.700049][ T6250] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6251 attached , child_tidptr=0x5555568435d0) = 6251 [pid 6251] chdir("./1223") = 0 [pid 6251] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6251] setpgid(0, 0) = 0 [pid 6251] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6251] write(3, "1000", 4) = 4 [pid 6251] close(3) = 0 [pid 6251] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6251] memfd_create("syzkaller", 0) = 3 [pid 6251] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6251] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6251] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6251] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6251] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6251] close(3) = 0 [pid 6251] mkdir("./file0", 0777) = 0 [pid 6251] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6251] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6251] chdir("./file0") = 0 [pid 6251] ioctl(4, LOOP_CLR_FD) = 0 [pid 6251] close(4) = 0 [pid 6251] exit_group(0) = ? [pid 6251] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6251, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1223", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1223", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1223/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1223/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1223/binderfs") = 0 umount2("./1223/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1223/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1223/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1223/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1223/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1223/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1223") = 0 mkdir("./1224", 0777) = 0 [ 145.779447][ T6251] loop0: detected capacity change from 0 to 4096 [ 145.788101][ T6251] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6252 attached , child_tidptr=0x5555568435d0) = 6252 [pid 6252] chdir("./1224") = 0 [pid 6252] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6252] setpgid(0, 0) = 0 [pid 6252] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6252] write(3, "1000", 4) = 4 [pid 6252] close(3) = 0 [pid 6252] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6252] memfd_create("syzkaller", 0) = 3 [pid 6252] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6252] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6252] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6252] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6252] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6252] close(3) = 0 [pid 6252] mkdir("./file0", 0777) = 0 [pid 6252] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6252] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6252] chdir("./file0") = 0 [pid 6252] ioctl(4, LOOP_CLR_FD) = 0 [pid 6252] close(4) = 0 [pid 6252] exit_group(0) = ? [pid 6252] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6252, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1224", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1224", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1224/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1224/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1224/binderfs") = 0 umount2("./1224/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1224/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1224/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1224/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1224/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1224/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1224") = 0 mkdir("./1225", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 145.873047][ T6252] loop0: detected capacity change from 0 to 4096 [ 145.881428][ T6252] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6253 ./strace-static-x86_64: Process 6253 attached [pid 6253] chdir("./1225") = 0 [pid 6253] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6253] setpgid(0, 0) = 0 [pid 6253] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6253] write(3, "1000", 4) = 4 [pid 6253] close(3) = 0 [pid 6253] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6253] memfd_create("syzkaller", 0) = 3 [pid 6253] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6253] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6253] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6253] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6253] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6253] close(3) = 0 [pid 6253] mkdir("./file0", 0777) = 0 [pid 6253] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6253] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6253] chdir("./file0") = 0 [pid 6253] ioctl(4, LOOP_CLR_FD) = 0 [pid 6253] close(4) = 0 [pid 6253] exit_group(0) = ? [pid 6253] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6253, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1225", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1225", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1225/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1225/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1225/binderfs") = 0 umount2("./1225/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1225/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1225/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1225/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1225/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1225/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1225") = 0 mkdir("./1226", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6254 ./strace-static-x86_64: Process 6254 attached [pid 6254] chdir("./1226") = 0 [pid 6254] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6254] setpgid(0, 0) = 0 [pid 6254] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6254] write(3, "1000", 4) = 4 [pid 6254] close(3) = 0 [pid 6254] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6254] memfd_create("syzkaller", 0) = 3 [pid 6254] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 145.959352][ T6253] loop0: detected capacity change from 0 to 4096 [ 145.967673][ T6253] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6254] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6254] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6254] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6254] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6254] close(3) = 0 [pid 6254] mkdir("./file0", 0777) = 0 [pid 6254] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6254] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6254] chdir("./file0") = 0 [pid 6254] ioctl(4, LOOP_CLR_FD) = 0 [pid 6254] close(4) = 0 [pid 6254] exit_group(0) = ? [pid 6254] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6254, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1226", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1226", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1226/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1226/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1226/binderfs") = 0 umount2("./1226/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1226/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1226/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1226/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1226/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1226/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1226") = 0 mkdir("./1227", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 146.040163][ T6254] loop0: detected capacity change from 0 to 4096 [ 146.048756][ T6254] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6255 ./strace-static-x86_64: Process 6255 attached [pid 6255] chdir("./1227") = 0 [pid 6255] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6255] setpgid(0, 0) = 0 [pid 6255] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6255] write(3, "1000", 4) = 4 [pid 6255] close(3) = 0 [pid 6255] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6255] memfd_create("syzkaller", 0) = 3 [pid 6255] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6255] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6255] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6255] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6255] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6255] close(3) = 0 [pid 6255] mkdir("./file0", 0777) = 0 [pid 6255] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6255] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6255] chdir("./file0") = 0 [pid 6255] ioctl(4, LOOP_CLR_FD) = 0 [pid 6255] close(4) = 0 [pid 6255] exit_group(0) = ? [pid 6255] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6255, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1227", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1227", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1227/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1227/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1227/binderfs") = 0 umount2("./1227/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1227/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1227/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1227/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1227/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1227/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1227") = 0 mkdir("./1228", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6256 ./strace-static-x86_64: Process 6256 attached [pid 6256] chdir("./1228") = 0 [pid 6256] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6256] setpgid(0, 0) = 0 [pid 6256] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6256] write(3, "1000", 4) = 4 [pid 6256] close(3) = 0 [pid 6256] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6256] memfd_create("syzkaller", 0) = 3 [pid 6256] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 146.126028][ T6255] loop0: detected capacity change from 0 to 4096 [ 146.134895][ T6255] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6256] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6256] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6256] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6256] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6256] close(3) = 0 [pid 6256] mkdir("./file0", 0777) = 0 [pid 6256] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6256] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6256] chdir("./file0") = 0 [pid 6256] ioctl(4, LOOP_CLR_FD) = 0 [pid 6256] close(4) = 0 [pid 6256] exit_group(0) = ? [pid 6256] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6256, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1228", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1228", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1228/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1228/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1228/binderfs") = 0 umount2("./1228/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1228/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1228/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1228/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1228/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1228/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1228") = 0 mkdir("./1229", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6257 ./strace-static-x86_64: Process 6257 attached [pid 6257] chdir("./1229") = 0 [pid 6257] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6257] setpgid(0, 0) = 0 [pid 6257] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6257] write(3, "1000", 4) = 4 [pid 6257] close(3) = 0 [pid 6257] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6257] memfd_create("syzkaller", 0) = 3 [pid 6257] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 146.209702][ T6256] loop0: detected capacity change from 0 to 4096 [ 146.218279][ T6256] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6257] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6257] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6257] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6257] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6257] close(3) = 0 [pid 6257] mkdir("./file0", 0777) = 0 [pid 6257] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6257] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6257] chdir("./file0") = 0 [pid 6257] ioctl(4, LOOP_CLR_FD) = 0 [pid 6257] close(4) = 0 [pid 6257] exit_group(0) = ? [pid 6257] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6257, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1229", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1229", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1229/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1229/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1229/binderfs") = 0 umount2("./1229/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1229/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1229/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1229/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1229/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1229/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1229") = 0 mkdir("./1230", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 146.291027][ T6257] loop0: detected capacity change from 0 to 4096 [ 146.300336][ T6257] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6258 ./strace-static-x86_64: Process 6258 attached [pid 6258] chdir("./1230") = 0 [pid 6258] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6258] setpgid(0, 0) = 0 [pid 6258] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6258] write(3, "1000", 4) = 4 [pid 6258] close(3) = 0 [pid 6258] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6258] memfd_create("syzkaller", 0) = 3 [pid 6258] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6258] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6258] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6258] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6258] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6258] close(3) = 0 [pid 6258] mkdir("./file0", 0777) = 0 [pid 6258] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6258] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6258] chdir("./file0") = 0 [pid 6258] ioctl(4, LOOP_CLR_FD) = 0 [pid 6258] close(4) = 0 [pid 6258] exit_group(0) = ? [pid 6258] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6258, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1230", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1230", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1230/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1230/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1230/binderfs") = 0 umount2("./1230/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1230/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1230/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1230/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1230/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1230/file0") = 0 [ 146.375671][ T6258] loop0: detected capacity change from 0 to 4096 [ 146.384588][ T6258] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1230") = 0 mkdir("./1231", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6259 ./strace-static-x86_64: Process 6259 attached [pid 6259] chdir("./1231") = 0 [pid 6259] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6259] setpgid(0, 0) = 0 [pid 6259] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6259] write(3, "1000", 4) = 4 [pid 6259] close(3) = 0 [pid 6259] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6259] memfd_create("syzkaller", 0) = 3 [pid 6259] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6259] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6259] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6259] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6259] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6259] close(3) = 0 [pid 6259] mkdir("./file0", 0777) = 0 [pid 6259] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6259] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6259] chdir("./file0") = 0 [pid 6259] ioctl(4, LOOP_CLR_FD) = 0 [pid 6259] close(4) = 0 [pid 6259] exit_group(0) = ? [pid 6259] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6259, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1231", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1231", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1231/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1231/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1231/binderfs") = 0 umount2("./1231/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1231/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1231/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1231/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1231/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1231/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1231") = 0 mkdir("./1232", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6260 ./strace-static-x86_64: Process 6260 attached [pid 6260] chdir("./1232") = 0 [pid 6260] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6260] setpgid(0, 0) = 0 [pid 6260] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6260] write(3, "1000", 4) = 4 [pid 6260] close(3) = 0 [pid 6260] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6260] memfd_create("syzkaller", 0) = 3 [pid 6260] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 146.469332][ T6259] loop0: detected capacity change from 0 to 4096 [ 146.477955][ T6259] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6260] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6260] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6260] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6260] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6260] close(3) = 0 [pid 6260] mkdir("./file0", 0777) = 0 [pid 6260] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6260] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6260] chdir("./file0") = 0 [pid 6260] ioctl(4, LOOP_CLR_FD) = 0 [pid 6260] close(4) = 0 [pid 6260] exit_group(0) = ? [pid 6260] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6260, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1232", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1232", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1232/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1232/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1232/binderfs") = 0 umount2("./1232/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1232/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1232/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1232/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1232/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1232/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1232") = 0 mkdir("./1233", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6261 ./strace-static-x86_64: Process 6261 attached [pid 6261] chdir("./1233") = 0 [pid 6261] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6261] setpgid(0, 0) = 0 [pid 6261] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6261] write(3, "1000", 4) = 4 [pid 6261] close(3) = 0 [pid 6261] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6261] memfd_create("syzkaller", 0) = 3 [pid 6261] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 146.548187][ T6260] loop0: detected capacity change from 0 to 4096 [ 146.556880][ T6260] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6261] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6261] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6261] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6261] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6261] close(3) = 0 [pid 6261] mkdir("./file0", 0777) = 0 [pid 6261] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6261] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6261] chdir("./file0") = 0 [pid 6261] ioctl(4, LOOP_CLR_FD) = 0 [pid 6261] close(4) = 0 [pid 6261] exit_group(0) = ? [pid 6261] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6261, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1233", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1233", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1233/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1233/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1233/binderfs") = 0 umount2("./1233/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1233/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1233/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1233/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1233/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1233/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1233") = 0 mkdir("./1234", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6262 ./strace-static-x86_64: Process 6262 attached [pid 6262] chdir("./1234") = 0 [pid 6262] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6262] setpgid(0, 0) = 0 [pid 6262] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6262] write(3, "1000", 4) = 4 [pid 6262] close(3) = 0 [pid 6262] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6262] memfd_create("syzkaller", 0) = 3 [pid 6262] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 146.627317][ T6261] loop0: detected capacity change from 0 to 4096 [ 146.635492][ T6261] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6262] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6262] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6262] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6262] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6262] close(3) = 0 [pid 6262] mkdir("./file0", 0777) = 0 [pid 6262] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6262] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6262] chdir("./file0") = 0 [pid 6262] ioctl(4, LOOP_CLR_FD) = 0 [pid 6262] close(4) = 0 [pid 6262] exit_group(0) = ? [pid 6262] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6262, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1234", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1234", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1234/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1234/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1234/binderfs") = 0 umount2("./1234/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1234/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1234/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1234/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1234/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1234/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1234") = 0 mkdir("./1235", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 146.711529][ T6262] loop0: detected capacity change from 0 to 4096 [ 146.719856][ T6262] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6263 ./strace-static-x86_64: Process 6263 attached [pid 6263] chdir("./1235") = 0 [pid 6263] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6263] setpgid(0, 0) = 0 [pid 6263] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6263] write(3, "1000", 4) = 4 [pid 6263] close(3) = 0 [pid 6263] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6263] memfd_create("syzkaller", 0) = 3 [pid 6263] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6263] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6263] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6263] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6263] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6263] close(3) = 0 [pid 6263] mkdir("./file0", 0777) = 0 [pid 6263] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6263] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6263] chdir("./file0") = 0 [pid 6263] ioctl(4, LOOP_CLR_FD) = 0 [pid 6263] close(4) = 0 [pid 6263] exit_group(0) = ? [pid 6263] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6263, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1235", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1235", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1235/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1235/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1235/binderfs") = 0 umount2("./1235/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1235/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1235/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1235/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1235/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1235/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1235") = 0 mkdir("./1236", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6264 ./strace-static-x86_64: Process 6264 attached [pid 6264] chdir("./1236") = 0 [pid 6264] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6264] setpgid(0, 0) = 0 [pid 6264] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6264] write(3, "1000", 4) = 4 [pid 6264] close(3) = 0 [pid 6264] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6264] memfd_create("syzkaller", 0) = 3 [pid 6264] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 146.799071][ T6263] loop0: detected capacity change from 0 to 4096 [ 146.807888][ T6263] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6264] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6264] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6264] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6264] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6264] close(3) = 0 [pid 6264] mkdir("./file0", 0777) = 0 [pid 6264] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6264] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6264] chdir("./file0") = 0 [pid 6264] ioctl(4, LOOP_CLR_FD) = 0 [pid 6264] close(4) = 0 [pid 6264] exit_group(0) = ? [pid 6264] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6264, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1236", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1236", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1236/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1236/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1236/binderfs") = 0 umount2("./1236/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1236/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1236/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1236/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1236/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1236/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1236") = 0 mkdir("./1237", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6265 ./strace-static-x86_64: Process 6265 attached [pid 6265] chdir("./1237") = 0 [pid 6265] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6265] setpgid(0, 0) = 0 [pid 6265] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6265] write(3, "1000", 4) = 4 [pid 6265] close(3) = 0 [ 146.873660][ T6264] loop0: detected capacity change from 0 to 4096 [ 146.882590][ T6264] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6265] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6265] memfd_create("syzkaller", 0) = 3 [pid 6265] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6265] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6265] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6265] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6265] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6265] close(3) = 0 [pid 6265] mkdir("./file0", 0777) = 0 [pid 6265] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6265] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6265] chdir("./file0") = 0 [pid 6265] ioctl(4, LOOP_CLR_FD) = 0 [pid 6265] close(4) = 0 [pid 6265] exit_group(0) = ? [pid 6265] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6265, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1237", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1237", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1237/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1237/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1237/binderfs") = 0 umount2("./1237/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1237/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1237/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1237/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1237/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1237/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1237") = 0 mkdir("./1238", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6266 ./strace-static-x86_64: Process 6266 attached [pid 6266] chdir("./1238") = 0 [pid 6266] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6266] setpgid(0, 0) = 0 [pid 6266] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6266] write(3, "1000", 4) = 4 [pid 6266] close(3) = 0 [ 146.956067][ T6265] loop0: detected capacity change from 0 to 4096 [ 146.964267][ T6265] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6266] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6266] memfd_create("syzkaller", 0) = 3 [pid 6266] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6266] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6266] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6266] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6266] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6266] close(3) = 0 [pid 6266] mkdir("./file0", 0777) = 0 [pid 6266] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6266] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6266] chdir("./file0") = 0 [pid 6266] ioctl(4, LOOP_CLR_FD) = 0 [pid 6266] close(4) = 0 [pid 6266] exit_group(0) = ? [pid 6266] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6266, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1238", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1238", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1238/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1238/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1238/binderfs") = 0 umount2("./1238/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1238/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1238/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1238/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1238/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1238/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1238") = 0 mkdir("./1239", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6267 ./strace-static-x86_64: Process 6267 attached [pid 6267] chdir("./1239") = 0 [pid 6267] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6267] setpgid(0, 0) = 0 [pid 6267] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6267] write(3, "1000", 4) = 4 [pid 6267] close(3) = 0 [pid 6267] symlink("/dev/binderfs", "./binderfs") = 0 [ 147.037282][ T6266] loop0: detected capacity change from 0 to 4096 [ 147.045814][ T6266] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6267] memfd_create("syzkaller", 0) = 3 [pid 6267] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6267] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6267] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6267] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6267] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6267] close(3) = 0 [pid 6267] mkdir("./file0", 0777) = 0 [pid 6267] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6267] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6267] chdir("./file0") = 0 [pid 6267] ioctl(4, LOOP_CLR_FD) = 0 [pid 6267] close(4) = 0 [pid 6267] exit_group(0) = ? [pid 6267] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6267, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1239", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1239", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1239/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1239/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1239/binderfs") = 0 umount2("./1239/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1239/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1239/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1239/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1239/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1239/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1239") = 0 mkdir("./1240", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6268 ./strace-static-x86_64: Process 6268 attached [pid 6268] chdir("./1240") = 0 [pid 6268] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6268] setpgid(0, 0) = 0 [pid 6268] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6268] write(3, "1000", 4) = 4 [pid 6268] close(3) = 0 [pid 6268] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6268] memfd_create("syzkaller", 0) = 3 [pid 6268] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 147.131663][ T6267] loop0: detected capacity change from 0 to 4096 [ 147.139924][ T6267] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6268] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6268] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6268] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6268] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6268] close(3) = 0 [pid 6268] mkdir("./file0", 0777) = 0 [pid 6268] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6268] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6268] chdir("./file0") = 0 [pid 6268] ioctl(4, LOOP_CLR_FD) = 0 [pid 6268] close(4) = 0 [pid 6268] exit_group(0) = ? [pid 6268] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6268, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1240", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1240", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1240/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1240/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1240/binderfs") = 0 umount2("./1240/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1240/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1240/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1240/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1240/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1240/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1240") = 0 mkdir("./1241", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 147.209389][ T6268] loop0: detected capacity change from 0 to 4096 [ 147.217819][ T6268] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6269 ./strace-static-x86_64: Process 6269 attached [pid 6269] chdir("./1241") = 0 [pid 6269] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6269] setpgid(0, 0) = 0 [pid 6269] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6269] write(3, "1000", 4) = 4 [pid 6269] close(3) = 0 [pid 6269] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6269] memfd_create("syzkaller", 0) = 3 [pid 6269] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6269] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6269] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6269] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6269] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6269] close(3) = 0 [pid 6269] mkdir("./file0", 0777) = 0 [pid 6269] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6269] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6269] chdir("./file0") = 0 [pid 6269] ioctl(4, LOOP_CLR_FD) = 0 [pid 6269] close(4) = 0 [pid 6269] exit_group(0) = ? [pid 6269] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6269, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1241", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1241", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1241/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1241/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1241/binderfs") = 0 umount2("./1241/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1241/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1241/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1241/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1241/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1241/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1241") = 0 mkdir("./1242", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6270 ./strace-static-x86_64: Process 6270 attached [pid 6270] chdir("./1242") = 0 [ 147.293701][ T6269] loop0: detected capacity change from 0 to 4096 [ 147.302014][ T6269] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6270] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6270] setpgid(0, 0) = 0 [pid 6270] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6270] write(3, "1000", 4) = 4 [pid 6270] close(3) = 0 [pid 6270] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6270] memfd_create("syzkaller", 0) = 3 [pid 6270] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6270] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6270] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6270] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6270] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6270] close(3) = 0 [pid 6270] mkdir("./file0", 0777) = 0 [pid 6270] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6270] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6270] chdir("./file0") = 0 [pid 6270] ioctl(4, LOOP_CLR_FD) = 0 [pid 6270] close(4) = 0 [pid 6270] exit_group(0) = ? [pid 6270] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6270, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1242", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1242", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1242/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1242/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1242/binderfs") = 0 umount2("./1242/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1242/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1242/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1242/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1242/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1242/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1242") = 0 mkdir("./1243", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6271 ./strace-static-x86_64: Process 6271 attached [pid 6271] chdir("./1243") = 0 [pid 6271] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6271] setpgid(0, 0) = 0 [pid 6271] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6271] write(3, "1000", 4) = 4 [pid 6271] close(3) = 0 [pid 6271] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6271] memfd_create("syzkaller", 0) = 3 [pid 6271] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 147.377254][ T6270] loop0: detected capacity change from 0 to 4096 [ 147.385456][ T6270] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6271] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6271] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6271] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6271] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6271] close(3) = 0 [pid 6271] mkdir("./file0", 0777) = 0 [pid 6271] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6271] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6271] chdir("./file0") = 0 [pid 6271] ioctl(4, LOOP_CLR_FD) = 0 [pid 6271] close(4) = 0 [pid 6271] exit_group(0) = ? [pid 6271] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6271, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1243", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1243", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1243/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1243/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1243/binderfs") = 0 umount2("./1243/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1243/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1243/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1243/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1243/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1243/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1243") = 0 mkdir("./1244", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 147.461175][ T6271] loop0: detected capacity change from 0 to 4096 [ 147.470077][ T6271] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6272 ./strace-static-x86_64: Process 6272 attached [pid 6272] chdir("./1244") = 0 [pid 6272] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6272] setpgid(0, 0) = 0 [pid 6272] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6272] write(3, "1000", 4) = 4 [pid 6272] close(3) = 0 [pid 6272] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6272] memfd_create("syzkaller", 0) = 3 [pid 6272] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6272] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6272] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6272] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6272] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6272] close(3) = 0 [pid 6272] mkdir("./file0", 0777) = 0 [pid 6272] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6272] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6272] chdir("./file0") = 0 [pid 6272] ioctl(4, LOOP_CLR_FD) = 0 [pid 6272] close(4) = 0 [pid 6272] exit_group(0) = ? [pid 6272] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6272, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1244", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1244", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1244/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1244/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1244/binderfs") = 0 umount2("./1244/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1244/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1244/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1244/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1244/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1244/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1244") = 0 mkdir("./1245", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6273 ./strace-static-x86_64: Process 6273 attached [pid 6273] chdir("./1245") = 0 [pid 6273] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6273] setpgid(0, 0) = 0 [pid 6273] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6273] write(3, "1000", 4) = 4 [pid 6273] close(3) = 0 [pid 6273] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6273] memfd_create("syzkaller", 0) = 3 [pid 6273] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 147.551701][ T6272] loop0: detected capacity change from 0 to 4096 [ 147.559928][ T6272] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6273] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6273] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6273] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6273] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6273] close(3) = 0 [pid 6273] mkdir("./file0", 0777) = 0 [pid 6273] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6273] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6273] chdir("./file0") = 0 [pid 6273] ioctl(4, LOOP_CLR_FD) = 0 [pid 6273] close(4) = 0 [pid 6273] exit_group(0) = ? [pid 6273] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6273, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- umount2("./1245", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1245", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1245/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1245/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1245/binderfs") = 0 umount2("./1245/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1245/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1245/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1245/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1245/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1245/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1245") = 0 mkdir("./1246", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6274 ./strace-static-x86_64: Process 6274 attached [pid 6274] chdir("./1246") = 0 [pid 6274] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6274] setpgid(0, 0) = 0 [pid 6274] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6274] write(3, "1000", 4) = 4 [pid 6274] close(3) = 0 [pid 6274] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6274] memfd_create("syzkaller", 0) = 3 [pid 6274] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 147.630917][ T6273] loop0: detected capacity change from 0 to 4096 [ 147.639923][ T6273] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6274] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6274] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6274] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6274] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6274] close(3) = 0 [pid 6274] mkdir("./file0", 0777) = 0 [pid 6274] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6274] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6274] chdir("./file0") = 0 [pid 6274] ioctl(4, LOOP_CLR_FD) = 0 [pid 6274] close(4) = 0 [pid 6274] exit_group(0) = ? [pid 6274] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6274, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1246", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1246", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1246/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1246/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1246/binderfs") = 0 umount2("./1246/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1246/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1246/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1246/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1246/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1246/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1246") = 0 mkdir("./1247", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6275 ./strace-static-x86_64: Process 6275 attached [pid 6275] chdir("./1247") = 0 [pid 6275] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6275] setpgid(0, 0) = 0 [pid 6275] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6275] write(3, "1000", 4) = 4 [pid 6275] close(3) = 0 [pid 6275] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6275] memfd_create("syzkaller", 0) = 3 [pid 6275] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 147.710015][ T6274] loop0: detected capacity change from 0 to 4096 [ 147.718364][ T6274] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6275] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6275] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6275] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6275] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6275] close(3) = 0 [pid 6275] mkdir("./file0", 0777) = 0 [pid 6275] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6275] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6275] chdir("./file0") = 0 [pid 6275] ioctl(4, LOOP_CLR_FD) = 0 [pid 6275] close(4) = 0 [pid 6275] exit_group(0) = ? [pid 6275] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6275, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1247", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1247", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1247/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1247/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1247/binderfs") = 0 umount2("./1247/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1247/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1247/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1247/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1247/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1247/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1247") = 0 mkdir("./1248", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 147.791132][ T6275] loop0: detected capacity change from 0 to 4096 [ 147.799293][ T6275] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6276 ./strace-static-x86_64: Process 6276 attached [pid 6276] chdir("./1248") = 0 [pid 6276] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6276] setpgid(0, 0) = 0 [pid 6276] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6276] write(3, "1000", 4) = 4 [pid 6276] close(3) = 0 [pid 6276] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6276] memfd_create("syzkaller", 0) = 3 [pid 6276] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6276] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6276] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6276] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6276] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6276] close(3) = 0 [pid 6276] mkdir("./file0", 0777) = 0 [pid 6276] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6276] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6276] chdir("./file0") = 0 [pid 6276] ioctl(4, LOOP_CLR_FD) = 0 [pid 6276] close(4) = 0 [pid 6276] exit_group(0) = ? [pid 6276] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6276, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1248", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1248", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1248/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1248/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1248/binderfs") = 0 umount2("./1248/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1248/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1248/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1248/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1248/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1248/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1248") = 0 mkdir("./1249", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6277 ./strace-static-x86_64: Process 6277 attached [ 147.877241][ T6276] loop0: detected capacity change from 0 to 4096 [ 147.886014][ T6276] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6277] chdir("./1249") = 0 [pid 6277] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6277] setpgid(0, 0) = 0 [pid 6277] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6277] write(3, "1000", 4) = 4 [pid 6277] close(3) = 0 [pid 6277] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6277] memfd_create("syzkaller", 0) = 3 [pid 6277] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6277] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6277] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6277] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6277] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6277] close(3) = 0 [pid 6277] mkdir("./file0", 0777) = 0 [pid 6277] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6277] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6277] chdir("./file0") = 0 [pid 6277] ioctl(4, LOOP_CLR_FD) = 0 [pid 6277] close(4) = 0 [pid 6277] exit_group(0) = ? [pid 6277] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6277, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1249", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1249", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1249/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1249/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1249/binderfs") = 0 umount2("./1249/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1249/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1249/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1249/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1249/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1249/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1249") = 0 mkdir("./1250", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 147.963254][ T6277] loop0: detected capacity change from 0 to 4096 [ 147.971463][ T6277] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6278 ./strace-static-x86_64: Process 6278 attached [pid 6278] chdir("./1250") = 0 [pid 6278] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6278] setpgid(0, 0) = 0 [pid 6278] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6278] write(3, "1000", 4) = 4 [pid 6278] close(3) = 0 [pid 6278] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6278] memfd_create("syzkaller", 0) = 3 [pid 6278] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6278] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6278] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6278] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6278] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6278] close(3) = 0 [pid 6278] mkdir("./file0", 0777) = 0 [pid 6278] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6278] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6278] chdir("./file0") = 0 [pid 6278] ioctl(4, LOOP_CLR_FD) = 0 [pid 6278] close(4) = 0 [pid 6278] exit_group(0) = ? [pid 6278] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6278, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1250", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1250", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1250/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1250/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1250/binderfs") = 0 umount2("./1250/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1250/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1250/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1250/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1250/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1250/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1250") = 0 mkdir("./1251", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6279 ./strace-static-x86_64: Process 6279 attached [pid 6279] chdir("./1251") = 0 [pid 6279] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6279] setpgid(0, 0) = 0 [pid 6279] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6279] write(3, "1000", 4) = 4 [pid 6279] close(3) = 0 [pid 6279] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6279] memfd_create("syzkaller", 0) = 3 [pid 6279] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 148.051014][ T6278] loop0: detected capacity change from 0 to 4096 [ 148.059327][ T6278] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6279] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6279] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6279] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6279] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6279] close(3) = 0 [pid 6279] mkdir("./file0", 0777) = 0 [pid 6279] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6279] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6279] chdir("./file0") = 0 [pid 6279] ioctl(4, LOOP_CLR_FD) = 0 [pid 6279] close(4) = 0 [pid 6279] exit_group(0) = ? [pid 6279] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6279, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1251", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1251", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1251/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1251/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1251/binderfs") = 0 umount2("./1251/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1251/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1251/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1251/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1251/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1251/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1251") = 0 mkdir("./1252", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6280 ./strace-static-x86_64: Process 6280 attached [pid 6280] chdir("./1252") = 0 [pid 6280] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6280] setpgid(0, 0) = 0 [pid 6280] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6280] write(3, "1000", 4) = 4 [pid 6280] close(3) = 0 [pid 6280] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6280] memfd_create("syzkaller", 0) = 3 [pid 6280] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 148.129160][ T6279] loop0: detected capacity change from 0 to 4096 [ 148.138345][ T6279] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6280] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6280] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6280] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6280] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6280] close(3) = 0 [pid 6280] mkdir("./file0", 0777) = 0 [pid 6280] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6280] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6280] chdir("./file0") = 0 [pid 6280] ioctl(4, LOOP_CLR_FD) = 0 [pid 6280] close(4) = 0 [pid 6280] exit_group(0) = ? [pid 6280] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6280, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1252", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1252", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1252/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1252/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1252/binderfs") = 0 umount2("./1252/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1252/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1252/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1252/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1252/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1252/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1252") = 0 mkdir("./1253", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6281 ./strace-static-x86_64: Process 6281 attached [pid 6281] chdir("./1253") = 0 [pid 6281] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6281] setpgid(0, 0) = 0 [pid 6281] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6281] write(3, "1000", 4) = 4 [pid 6281] close(3) = 0 [pid 6281] symlink("/dev/binderfs", "./binderfs") = 0 [ 148.211205][ T6280] loop0: detected capacity change from 0 to 4096 [ 148.220334][ T6280] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6281] memfd_create("syzkaller", 0) = 3 [pid 6281] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6281] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6281] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6281] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6281] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6281] close(3) = 0 [pid 6281] mkdir("./file0", 0777) = 0 [pid 6281] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6281] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6281] chdir("./file0") = 0 [pid 6281] ioctl(4, LOOP_CLR_FD) = 0 [pid 6281] close(4) = 0 [pid 6281] exit_group(0) = ? [pid 6281] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6281, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1253", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1253", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1253/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1253/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1253/binderfs") = 0 umount2("./1253/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1253/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1253/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1253/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1253/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1253/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1253") = 0 mkdir("./1254", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 148.294673][ T6281] loop0: detected capacity change from 0 to 4096 [ 148.303653][ T6281] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6282 ./strace-static-x86_64: Process 6282 attached [pid 6282] chdir("./1254") = 0 [pid 6282] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6282] setpgid(0, 0) = 0 [pid 6282] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6282] write(3, "1000", 4) = 4 [pid 6282] close(3) = 0 [pid 6282] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6282] memfd_create("syzkaller", 0) = 3 [pid 6282] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6282] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6282] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6282] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6282] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6282] close(3) = 0 [pid 6282] mkdir("./file0", 0777) = 0 [pid 6282] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6282] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6282] chdir("./file0") = 0 [pid 6282] ioctl(4, LOOP_CLR_FD) = 0 [pid 6282] close(4) = 0 [pid 6282] exit_group(0) = ? [pid 6282] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6282, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1254", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1254", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1254/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1254/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1254/binderfs") = 0 umount2("./1254/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1254/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1254/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1254/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1254/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1254/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1254") = 0 mkdir("./1255", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6283 ./strace-static-x86_64: Process 6283 attached [pid 6283] chdir("./1255") = 0 [pid 6283] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6283] setpgid(0, 0) = 0 [pid 6283] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6283] write(3, "1000", 4) = 4 [pid 6283] close(3) = 0 [pid 6283] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6283] memfd_create("syzkaller", 0) = 3 [ 148.392091][ T6282] loop0: detected capacity change from 0 to 4096 [ 148.400208][ T6282] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6283] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6283] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6283] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6283] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6283] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6283] close(3) = 0 [pid 6283] mkdir("./file0", 0777) = 0 [pid 6283] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6283] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6283] chdir("./file0") = 0 [pid 6283] ioctl(4, LOOP_CLR_FD) = 0 [pid 6283] close(4) = 0 [pid 6283] exit_group(0) = ? [pid 6283] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6283, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1255", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1255", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1255/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1255/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1255/binderfs") = 0 umount2("./1255/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1255/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1255/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1255/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1255/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1255/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1255") = 0 mkdir("./1256", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6284 ./strace-static-x86_64: Process 6284 attached [pid 6284] chdir("./1256") = 0 [pid 6284] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6284] setpgid(0, 0) = 0 [pid 6284] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6284] write(3, "1000", 4) = 4 [pid 6284] close(3) = 0 [pid 6284] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6284] memfd_create("syzkaller", 0) = 3 [pid 6284] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 148.473726][ T6283] loop0: detected capacity change from 0 to 4096 [ 148.481650][ T6283] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6284] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6284] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6284] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6284] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6284] close(3) = 0 [pid 6284] mkdir("./file0", 0777) = 0 [pid 6284] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6284] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6284] chdir("./file0") = 0 [pid 6284] ioctl(4, LOOP_CLR_FD) = 0 [pid 6284] close(4) = 0 [pid 6284] exit_group(0) = ? [pid 6284] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6284, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1256", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1256", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1256/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1256/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1256/binderfs") = 0 umount2("./1256/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1256/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1256/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1256/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1256/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1256/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1256") = 0 [ 148.547853][ T6284] loop0: detected capacity change from 0 to 4096 [ 148.556330][ T6284] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./1257", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6285 ./strace-static-x86_64: Process 6285 attached [pid 6285] chdir("./1257") = 0 [pid 6285] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6285] setpgid(0, 0) = 0 [pid 6285] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6285] write(3, "1000", 4) = 4 [pid 6285] close(3) = 0 [pid 6285] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6285] memfd_create("syzkaller", 0) = 3 [pid 6285] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6285] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6285] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6285] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6285] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6285] close(3) = 0 [pid 6285] mkdir("./file0", 0777) = 0 [pid 6285] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6285] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6285] chdir("./file0") = 0 [pid 6285] ioctl(4, LOOP_CLR_FD) = 0 [pid 6285] close(4) = 0 [pid 6285] exit_group(0) = ? [pid 6285] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6285, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1257", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1257", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1257/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1257/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1257/binderfs") = 0 umount2("./1257/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1257/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1257/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1257/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1257/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1257/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1257") = 0 mkdir("./1258", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 148.631887][ T6285] loop0: detected capacity change from 0 to 4096 [ 148.640737][ T6285] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6286 ./strace-static-x86_64: Process 6286 attached [pid 6286] chdir("./1258") = 0 [pid 6286] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6286] setpgid(0, 0) = 0 [pid 6286] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6286] write(3, "1000", 4) = 4 [pid 6286] close(3) = 0 [pid 6286] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6286] memfd_create("syzkaller", 0) = 3 [pid 6286] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6286] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6286] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6286] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6286] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6286] close(3) = 0 [pid 6286] mkdir("./file0", 0777) = 0 [pid 6286] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6286] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6286] chdir("./file0") = 0 [pid 6286] ioctl(4, LOOP_CLR_FD) = 0 [pid 6286] close(4) = 0 [pid 6286] exit_group(0) = ? [pid 6286] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6286, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1258", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1258", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1258/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1258/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1258/binderfs") = 0 umount2("./1258/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1258/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1258/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1258/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1258/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1258/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1258") = 0 mkdir("./1259", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6287 ./strace-static-x86_64: Process 6287 attached [pid 6287] chdir("./1259") = 0 [pid 6287] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6287] setpgid(0, 0) = 0 [pid 6287] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 148.715408][ T6286] loop0: detected capacity change from 0 to 4096 [ 148.724056][ T6286] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6287] write(3, "1000", 4) = 4 [pid 6287] close(3) = 0 [pid 6287] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6287] memfd_create("syzkaller", 0) = 3 [pid 6287] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6287] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6287] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6287] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6287] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6287] close(3) = 0 [pid 6287] mkdir("./file0", 0777) = 0 [pid 6287] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6287] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6287] chdir("./file0") = 0 [pid 6287] ioctl(4, LOOP_CLR_FD) = 0 [pid 6287] close(4) = 0 [pid 6287] exit_group(0) = ? [pid 6287] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6287, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1259", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1259", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1259/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1259/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1259/binderfs") = 0 umount2("./1259/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1259/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1259/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1259/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1259/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1259/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1259") = 0 mkdir("./1260", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6288 ./strace-static-x86_64: Process 6288 attached [pid 6288] chdir("./1260") = 0 [pid 6288] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6288] setpgid(0, 0) = 0 [pid 6288] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6288] write(3, "1000", 4) = 4 [pid 6288] close(3) = 0 [pid 6288] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6288] memfd_create("syzkaller", 0) = 3 [pid 6288] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 148.799629][ T6287] loop0: detected capacity change from 0 to 4096 [ 148.808938][ T6287] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6288] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6288] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6288] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6288] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6288] close(3) = 0 [pid 6288] mkdir("./file0", 0777) = 0 [pid 6288] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6288] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6288] chdir("./file0") = 0 [pid 6288] ioctl(4, LOOP_CLR_FD) = 0 [pid 6288] close(4) = 0 [pid 6288] exit_group(0) = ? [pid 6288] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6288, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1260", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1260", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1260/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1260/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1260/binderfs") = 0 umount2("./1260/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1260/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1260/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1260/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1260/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1260/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1260") = 0 mkdir("./1261", 0777) = 0 [ 148.880669][ T6288] loop0: detected capacity change from 0 to 4096 [ 148.889550][ T6288] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6289 ./strace-static-x86_64: Process 6289 attached [pid 6289] chdir("./1261") = 0 [pid 6289] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6289] setpgid(0, 0) = 0 [pid 6289] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6289] write(3, "1000", 4) = 4 [pid 6289] close(3) = 0 [pid 6289] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6289] memfd_create("syzkaller", 0) = 3 [pid 6289] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6289] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6289] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6289] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6289] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6289] close(3) = 0 [pid 6289] mkdir("./file0", 0777) = 0 [pid 6289] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6289] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6289] chdir("./file0") = 0 [pid 6289] ioctl(4, LOOP_CLR_FD) = 0 [pid 6289] close(4) = 0 [pid 6289] exit_group(0) = ? [pid 6289] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6289, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1261", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1261", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1261/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1261/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1261/binderfs") = 0 umount2("./1261/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1261/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1261/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1261/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1261/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1261/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1261") = 0 mkdir("./1262", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6290 attached , child_tidptr=0x5555568435d0) = 6290 [pid 6290] chdir("./1262") = 0 [pid 6290] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6290] setpgid(0, 0) = 0 [pid 6290] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6290] write(3, "1000", 4) = 4 [pid 6290] close(3) = 0 [pid 6290] symlink("/dev/binderfs", "./binderfs") = 0 [ 148.973714][ T6289] loop0: detected capacity change from 0 to 4096 [ 148.982311][ T6289] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6290] memfd_create("syzkaller", 0) = 3 [pid 6290] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6290] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6290] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6290] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6290] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6290] close(3) = 0 [pid 6290] mkdir("./file0", 0777) = 0 [pid 6290] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6290] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6290] chdir("./file0") = 0 [pid 6290] ioctl(4, LOOP_CLR_FD) = 0 [pid 6290] close(4) = 0 [pid 6290] exit_group(0) = ? [pid 6290] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6290, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1262", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1262", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1262/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1262/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1262/binderfs") = 0 umount2("./1262/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1262/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1262/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1262/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1262/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1262/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1262") = 0 mkdir("./1263", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 149.055588][ T6290] loop0: detected capacity change from 0 to 4096 [ 149.063691][ T6290] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6291 ./strace-static-x86_64: Process 6291 attached [pid 6291] chdir("./1263") = 0 [pid 6291] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6291] setpgid(0, 0) = 0 [pid 6291] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6291] write(3, "1000", 4) = 4 [pid 6291] close(3) = 0 [pid 6291] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6291] memfd_create("syzkaller", 0) = 3 [pid 6291] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6291] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6291] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6291] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6291] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6291] close(3) = 0 [pid 6291] mkdir("./file0", 0777) = 0 [pid 6291] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6291] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6291] chdir("./file0") = 0 [pid 6291] ioctl(4, LOOP_CLR_FD) = 0 [pid 6291] close(4) = 0 [pid 6291] exit_group(0) = ? [pid 6291] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6291, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1263", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1263", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1263/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1263/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1263/binderfs") = 0 umount2("./1263/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1263/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1263/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1263/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1263/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1263/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1263") = 0 mkdir("./1264", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 149.138899][ T6291] loop0: detected capacity change from 0 to 4096 [ 149.147305][ T6291] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6292 attached , child_tidptr=0x5555568435d0) = 6292 [pid 6292] chdir("./1264") = 0 [pid 6292] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6292] setpgid(0, 0) = 0 [pid 6292] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6292] write(3, "1000", 4) = 4 [pid 6292] close(3) = 0 [pid 6292] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6292] memfd_create("syzkaller", 0) = 3 [pid 6292] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6292] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6292] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6292] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6292] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6292] close(3) = 0 [pid 6292] mkdir("./file0", 0777) = 0 [pid 6292] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6292] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6292] chdir("./file0") = 0 [pid 6292] ioctl(4, LOOP_CLR_FD) = 0 [pid 6292] close(4) = 0 [pid 6292] exit_group(0) = ? [pid 6292] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6292, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1264", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1264", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1264/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1264/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1264/binderfs") = 0 umount2("./1264/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1264/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1264/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1264/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1264/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1264/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1264") = 0 mkdir("./1265", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6293 ./strace-static-x86_64: Process 6293 attached [pid 6293] chdir("./1265") = 0 [pid 6293] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6293] setpgid(0, 0) = 0 [pid 6293] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6293] write(3, "1000", 4) = 4 [pid 6293] close(3) = 0 [pid 6293] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6293] memfd_create("syzkaller", 0) = 3 [pid 6293] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 149.227328][ T6292] loop0: detected capacity change from 0 to 4096 [ 149.235449][ T6292] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6293] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6293] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6293] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6293] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6293] close(3) = 0 [pid 6293] mkdir("./file0", 0777) = 0 [pid 6293] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6293] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6293] chdir("./file0") = 0 [pid 6293] ioctl(4, LOOP_CLR_FD) = 0 [pid 6293] close(4) = 0 [pid 6293] exit_group(0) = ? [pid 6293] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6293, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1265", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1265", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1265/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1265/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1265/binderfs") = 0 umount2("./1265/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1265/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1265/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1265/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1265/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1265/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1265") = 0 mkdir("./1266", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6294 attached , child_tidptr=0x5555568435d0) = 6294 [pid 6294] chdir("./1266") = 0 [pid 6294] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6294] setpgid(0, 0) = 0 [pid 6294] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6294] write(3, "1000", 4) = 4 [pid 6294] close(3) = 0 [pid 6294] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6294] memfd_create("syzkaller", 0) = 3 [pid 6294] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 149.306914][ T6293] loop0: detected capacity change from 0 to 4096 [ 149.315154][ T6293] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6294] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6294] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6294] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6294] close(3) = 0 [pid 6294] mkdir("./file0", 0777) = 0 [pid 6294] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6294] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6294] chdir("./file0") = 0 [pid 6294] ioctl(4, LOOP_CLR_FD) = 0 [pid 6294] close(4) = 0 [pid 6294] exit_group(0) = ? [pid 6294] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6294, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=0} --- umount2("./1266", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1266", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1266/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1266/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1266/binderfs") = 0 umount2("./1266/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1266/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1266/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1266/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1266/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1266/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1266") = 0 mkdir("./1267", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6295 ./strace-static-x86_64: Process 6295 attached [pid 6295] chdir("./1267") = 0 [pid 6295] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6295] setpgid(0, 0) = 0 [pid 6295] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6295] write(3, "1000", 4) = 4 [pid 6295] close(3) = 0 [pid 6295] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6295] memfd_create("syzkaller", 0) = 3 [pid 6295] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 149.388112][ T6294] loop0: detected capacity change from 0 to 4096 [ 149.396908][ T6294] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6295] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6295] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6295] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6295] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6295] close(3) = 0 [pid 6295] mkdir("./file0", 0777) = 0 [pid 6295] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6295] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6295] chdir("./file0") = 0 [pid 6295] ioctl(4, LOOP_CLR_FD) = 0 [pid 6295] close(4) = 0 [pid 6295] exit_group(0) = ? [pid 6295] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6295, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1267", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1267", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1267/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1267/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1267/binderfs") = 0 umount2("./1267/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1267/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1267/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1267/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1267/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1267/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1267") = 0 mkdir("./1268", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6296 ./strace-static-x86_64: Process 6296 attached [pid 6296] chdir("./1268") = 0 [pid 6296] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6296] setpgid(0, 0) = 0 [pid 6296] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6296] write(3, "1000", 4) = 4 [pid 6296] close(3) = 0 [pid 6296] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6296] memfd_create("syzkaller", 0) = 3 [pid 6296] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 149.471570][ T6295] loop0: detected capacity change from 0 to 4096 [ 149.479602][ T6295] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6296] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6296] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6296] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6296] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6296] close(3) = 0 [pid 6296] mkdir("./file0", 0777) = 0 [pid 6296] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6296] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6296] chdir("./file0") = 0 [pid 6296] ioctl(4, LOOP_CLR_FD) = 0 [pid 6296] close(4) = 0 [pid 6296] exit_group(0) = ? [pid 6296] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6296, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1268", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1268", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1268/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1268/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1268/binderfs") = 0 umount2("./1268/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1268/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1268/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1268/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1268/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1268/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1268") = 0 mkdir("./1269", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6297 ./strace-static-x86_64: Process 6297 attached [pid 6297] chdir("./1269") = 0 [pid 6297] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6297] setpgid(0, 0) = 0 [pid 6297] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6297] write(3, "1000", 4) = 4 [pid 6297] close(3) = 0 [pid 6297] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6297] memfd_create("syzkaller", 0) = 3 [pid 6297] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 149.548596][ T6296] loop0: detected capacity change from 0 to 4096 [ 149.556888][ T6296] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6297] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6297] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6297] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6297] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6297] close(3) = 0 [pid 6297] mkdir("./file0", 0777) = 0 [pid 6297] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6297] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6297] chdir("./file0") = 0 [pid 6297] ioctl(4, LOOP_CLR_FD) = 0 [pid 6297] close(4) = 0 [pid 6297] exit_group(0) = ? [pid 6297] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6297, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=0} --- umount2("./1269", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1269", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1269/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1269/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1269/binderfs") = 0 umount2("./1269/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1269/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1269/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1269/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1269/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1269/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1269") = 0 mkdir("./1270", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 149.627122][ T6297] loop0: detected capacity change from 0 to 4096 [ 149.635486][ T6297] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6298 ./strace-static-x86_64: Process 6298 attached [pid 6298] chdir("./1270") = 0 [pid 6298] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6298] setpgid(0, 0) = 0 [pid 6298] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6298] write(3, "1000", 4) = 4 [pid 6298] close(3) = 0 [pid 6298] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6298] memfd_create("syzkaller", 0) = 3 [pid 6298] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6298] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6298] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6298] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6298] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6298] close(3) = 0 [pid 6298] mkdir("./file0", 0777) = 0 [pid 6298] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6298] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6298] chdir("./file0") = 0 [pid 6298] ioctl(4, LOOP_CLR_FD) = 0 [pid 6298] close(4) = 0 [pid 6298] exit_group(0) = ? [pid 6298] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6298, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1270", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1270", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1270/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1270/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1270/binderfs") = 0 umount2("./1270/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1270/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1270/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1270/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1270/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1270/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1270") = 0 mkdir("./1271", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6299 ./strace-static-x86_64: Process 6299 attached [pid 6299] chdir("./1271") = 0 [pid 6299] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6299] setpgid(0, 0) = 0 [pid 6299] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6299] write(3, "1000", 4) = 4 [pid 6299] close(3) = 0 [pid 6299] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6299] memfd_create("syzkaller", 0) = 3 [pid 6299] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 149.709464][ T6298] loop0: detected capacity change from 0 to 4096 [ 149.718828][ T6298] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6299] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6299] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6299] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6299] close(3) = 0 [pid 6299] mkdir("./file0", 0777) = 0 [pid 6299] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6299] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6299] chdir("./file0") = 0 [pid 6299] ioctl(4, LOOP_CLR_FD) = 0 [pid 6299] close(4) = 0 [pid 6299] exit_group(0) = ? [pid 6299] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6299, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1271", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1271", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1271/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1271/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1271/binderfs") = 0 umount2("./1271/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1271/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1271/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1271/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1271/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1271/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1271") = 0 mkdir("./1272", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6300 ./strace-static-x86_64: Process 6300 attached [pid 6300] chdir("./1272") = 0 [pid 6300] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6300] setpgid(0, 0) = 0 [pid 6300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6300] write(3, "1000", 4) = 4 [pid 6300] close(3) = 0 [pid 6300] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6300] memfd_create("syzkaller", 0) = 3 [pid 6300] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 149.794161][ T6299] loop0: detected capacity change from 0 to 4096 [ 149.803390][ T6299] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6300] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6300] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6300] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6300] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6300] close(3) = 0 [pid 6300] mkdir("./file0", 0777) = 0 [pid 6300] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6300] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6300] chdir("./file0") = 0 [pid 6300] ioctl(4, LOOP_CLR_FD) = 0 [pid 6300] close(4) = 0 [pid 6300] exit_group(0) = ? [pid 6300] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6300, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1272", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1272", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1272/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1272/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1272/binderfs") = 0 umount2("./1272/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1272/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1272/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1272/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1272/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1272/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1272") = 0 mkdir("./1273", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6301 ./strace-static-x86_64: Process 6301 attached [pid 6301] chdir("./1273") = 0 [pid 6301] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6301] setpgid(0, 0) = 0 [pid 6301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6301] write(3, "1000", 4) = 4 [pid 6301] close(3) = 0 [pid 6301] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6301] memfd_create("syzkaller", 0) = 3 [pid 6301] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 149.873085][ T6300] loop0: detected capacity change from 0 to 4096 [ 149.881629][ T6300] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6301] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6301] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6301] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6301] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6301] close(3) = 0 [pid 6301] mkdir("./file0", 0777) = 0 [pid 6301] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6301] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6301] chdir("./file0") = 0 [pid 6301] ioctl(4, LOOP_CLR_FD) = 0 [pid 6301] close(4) = 0 [pid 6301] exit_group(0) = ? [pid 6301] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6301, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1273", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1273", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1273/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1273/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1273/binderfs") = 0 umount2("./1273/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1273/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1273/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1273/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1273/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1273/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1273") = 0 mkdir("./1274", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 149.950668][ T6301] loop0: detected capacity change from 0 to 4096 [ 149.959071][ T6301] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6302 ./strace-static-x86_64: Process 6302 attached [pid 6302] chdir("./1274") = 0 [pid 6302] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6302] setpgid(0, 0) = 0 [pid 6302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6302] write(3, "1000", 4) = 4 [pid 6302] close(3) = 0 [pid 6302] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6302] memfd_create("syzkaller", 0) = 3 [pid 6302] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6302] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6302] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6302] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6302] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6302] close(3) = 0 [pid 6302] mkdir("./file0", 0777) = 0 [pid 6302] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6302] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6302] chdir("./file0") = 0 [pid 6302] ioctl(4, LOOP_CLR_FD) = 0 [pid 6302] close(4) = 0 [pid 6302] exit_group(0) = ? [pid 6302] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6302, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1274", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1274", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1274/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1274/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1274/binderfs") = 0 umount2("./1274/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1274/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1274/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1274/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1274/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1274/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1274") = 0 mkdir("./1275", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6303 attached , child_tidptr=0x5555568435d0) = 6303 [pid 6303] chdir("./1275") = 0 [pid 6303] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6303] setpgid(0, 0) = 0 [pid 6303] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6303] write(3, "1000", 4) = 4 [ 150.040855][ T6302] loop0: detected capacity change from 0 to 4096 [ 150.049402][ T6302] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6303] close(3) = 0 [pid 6303] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6303] memfd_create("syzkaller", 0) = 3 [pid 6303] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6303] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6303] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6303] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6303] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6303] close(3) = 0 [pid 6303] mkdir("./file0", 0777) = 0 [pid 6303] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6303] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6303] chdir("./file0") = 0 [pid 6303] ioctl(4, LOOP_CLR_FD) = 0 [pid 6303] close(4) = 0 [pid 6303] exit_group(0) = ? [pid 6303] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6303, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1275", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1275", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1275/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1275/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1275/binderfs") = 0 umount2("./1275/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1275/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1275/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1275/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1275/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1275/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1275") = 0 mkdir("./1276", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6304 ./strace-static-x86_64: Process 6304 attached [pid 6304] chdir("./1276") = 0 [pid 6304] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6304] setpgid(0, 0) = 0 [pid 6304] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6304] write(3, "1000", 4) = 4 [pid 6304] close(3) = 0 [pid 6304] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6304] memfd_create("syzkaller", 0) = 3 [pid 6304] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 150.122460][ T6303] loop0: detected capacity change from 0 to 4096 [ 150.130884][ T6303] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6304] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6304] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6304] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6304] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6304] close(3) = 0 [pid 6304] mkdir("./file0", 0777) = 0 [pid 6304] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6304] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6304] chdir("./file0") = 0 [pid 6304] ioctl(4, LOOP_CLR_FD) = 0 [pid 6304] close(4) = 0 [pid 6304] exit_group(0) = ? [pid 6304] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6304, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1276", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1276", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1276/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1276/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1276/binderfs") = 0 umount2("./1276/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1276/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1276/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1276/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1276/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1276/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1276") = 0 mkdir("./1277", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6305 ./strace-static-x86_64: Process 6305 attached [pid 6305] chdir("./1277") = 0 [pid 6305] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6305] setpgid(0, 0) = 0 [pid 6305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6305] write(3, "1000", 4) = 4 [pid 6305] close(3) = 0 [ 150.198816][ T6304] loop0: detected capacity change from 0 to 4096 [ 150.207684][ T6304] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6305] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6305] memfd_create("syzkaller", 0) = 3 [pid 6305] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6305] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6305] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6305] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6305] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6305] close(3) = 0 [pid 6305] mkdir("./file0", 0777) = 0 [pid 6305] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6305] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6305] chdir("./file0") = 0 [pid 6305] ioctl(4, LOOP_CLR_FD) = 0 [pid 6305] close(4) = 0 [pid 6305] exit_group(0) = ? [pid 6305] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6305, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1277", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1277", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1277/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1277/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1277/binderfs") = 0 umount2("./1277/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1277/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1277/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1277/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1277/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1277/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1277") = 0 mkdir("./1278", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6306 attached , child_tidptr=0x5555568435d0) = 6306 [pid 6306] chdir("./1278") = 0 [pid 6306] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6306] setpgid(0, 0) = 0 [pid 6306] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6306] write(3, "1000", 4) = 4 [pid 6306] close(3) = 0 [pid 6306] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6306] memfd_create("syzkaller", 0) = 3 [ 150.280080][ T6305] loop0: detected capacity change from 0 to 4096 [ 150.288730][ T6305] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6306] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6306] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6306] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6306] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6306] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6306] close(3) = 0 [pid 6306] mkdir("./file0", 0777) = 0 [pid 6306] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6306] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6306] chdir("./file0") = 0 [pid 6306] ioctl(4, LOOP_CLR_FD) = 0 [pid 6306] close(4) = 0 [pid 6306] exit_group(0) = ? [pid 6306] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6306, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1278", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1278", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1278/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1278/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1278/binderfs") = 0 umount2("./1278/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1278/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1278/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1278/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1278/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1278/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1278") = 0 mkdir("./1279", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6307 attached , child_tidptr=0x5555568435d0) = 6307 [pid 6307] chdir("./1279") = 0 [pid 6307] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6307] setpgid(0, 0) = 0 [pid 6307] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6307] write(3, "1000", 4) = 4 [pid 6307] close(3) = 0 [pid 6307] symlink("/dev/binderfs", "./binderfs") = 0 [ 150.361837][ T6306] loop0: detected capacity change from 0 to 4096 [ 150.370107][ T6306] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6307] memfd_create("syzkaller", 0) = 3 [pid 6307] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6307] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6307] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6307] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6307] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6307] close(3) = 0 [pid 6307] mkdir("./file0", 0777) = 0 [pid 6307] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6307] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6307] chdir("./file0") = 0 [pid 6307] ioctl(4, LOOP_CLR_FD) = 0 [pid 6307] close(4) = 0 [pid 6307] exit_group(0) = ? [pid 6307] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6307, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1279", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1279", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1279/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1279/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1279/binderfs") = 0 umount2("./1279/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1279/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1279/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1279/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1279/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1279/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1279") = 0 mkdir("./1280", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6308 ./strace-static-x86_64: Process 6308 attached [pid 6308] chdir("./1280") = 0 [pid 6308] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6308] setpgid(0, 0) = 0 [pid 6308] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 150.449454][ T6307] loop0: detected capacity change from 0 to 4096 [ 150.457982][ T6307] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6308] write(3, "1000", 4) = 4 [pid 6308] close(3) = 0 [pid 6308] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6308] memfd_create("syzkaller", 0) = 3 [pid 6308] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6308] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6308] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6308] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6308] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6308] close(3) = 0 [pid 6308] mkdir("./file0", 0777) = 0 [pid 6308] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6308] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6308] chdir("./file0") = 0 [pid 6308] ioctl(4, LOOP_CLR_FD) = 0 [pid 6308] close(4) = 0 [pid 6308] exit_group(0) = ? [pid 6308] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6308, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1280", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1280", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1280/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1280/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1280/binderfs") = 0 umount2("./1280/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1280/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1280/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1280/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1280/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1280/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1280") = 0 mkdir("./1281", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6309 ./strace-static-x86_64: Process 6309 attached [pid 6309] chdir("./1281") = 0 [pid 6309] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6309] setpgid(0, 0) = 0 [pid 6309] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6309] write(3, "1000", 4) = 4 [pid 6309] close(3) = 0 [pid 6309] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6309] memfd_create("syzkaller", 0) = 3 [pid 6309] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 150.535488][ T6308] loop0: detected capacity change from 0 to 4096 [ 150.544084][ T6308] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6309] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6309] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6309] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6309] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6309] close(3) = 0 [pid 6309] mkdir("./file0", 0777) = 0 [pid 6309] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6309] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6309] chdir("./file0") = 0 [pid 6309] ioctl(4, LOOP_CLR_FD) = 0 [pid 6309] close(4) = 0 [pid 6309] exit_group(0) = ? [pid 6309] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6309, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- umount2("./1281", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1281", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1281/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1281/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1281/binderfs") = 0 [ 150.613963][ T6309] loop0: detected capacity change from 0 to 4096 [ 150.622982][ T6309] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). umount2("./1281/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1281/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1281/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1281/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1281/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1281/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1281") = 0 mkdir("./1282", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6310 ./strace-static-x86_64: Process 6310 attached [pid 6310] chdir("./1282") = 0 [pid 6310] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6310] setpgid(0, 0) = 0 [pid 6310] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6310] write(3, "1000", 4) = 4 [pid 6310] close(3) = 0 [pid 6310] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6310] memfd_create("syzkaller", 0) = 3 [pid 6310] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6310] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6310] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6310] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6310] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6310] close(3) = 0 [pid 6310] mkdir("./file0", 0777) = 0 [pid 6310] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6310] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6310] chdir("./file0") = 0 [pid 6310] ioctl(4, LOOP_CLR_FD) = 0 [pid 6310] close(4) = 0 [pid 6310] exit_group(0) = ? [pid 6310] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6310, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1282", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1282", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1282/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1282/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1282/binderfs") = 0 umount2("./1282/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1282/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1282/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1282/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1282/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1282/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1282") = 0 mkdir("./1283", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6311 attached , child_tidptr=0x5555568435d0) = 6311 [pid 6311] chdir("./1283") = 0 [pid 6311] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6311] setpgid(0, 0) = 0 [pid 6311] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6311] write(3, "1000", 4) = 4 [pid 6311] close(3) = 0 [pid 6311] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6311] memfd_create("syzkaller", 0) = 3 [pid 6311] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 150.704182][ T6310] loop0: detected capacity change from 0 to 4096 [ 150.712801][ T6310] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6311] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6311] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6311] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6311] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6311] close(3) = 0 [pid 6311] mkdir("./file0", 0777) = 0 [pid 6311] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6311] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6311] chdir("./file0") = 0 [pid 6311] ioctl(4, LOOP_CLR_FD) = 0 [pid 6311] close(4) = 0 [pid 6311] exit_group(0) = ? [pid 6311] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6311, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1283", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1283", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1283/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1283/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1283/binderfs") = 0 umount2("./1283/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1283/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1283/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1283/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1283/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1283/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1283") = 0 mkdir("./1284", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6312 ./strace-static-x86_64: Process 6312 attached [pid 6312] chdir("./1284") = 0 [pid 6312] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6312] setpgid(0, 0) = 0 [pid 6312] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6312] write(3, "1000", 4) = 4 [pid 6312] close(3) = 0 [pid 6312] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6312] memfd_create("syzkaller", 0) = 3 [pid 6312] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 150.788377][ T6311] loop0: detected capacity change from 0 to 4096 [ 150.796917][ T6311] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6312] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6312] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6312] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6312] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6312] close(3) = 0 [pid 6312] mkdir("./file0", 0777) = 0 [pid 6312] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6312] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6312] chdir("./file0") = 0 [pid 6312] ioctl(4, LOOP_CLR_FD) = 0 [pid 6312] close(4) = 0 [pid 6312] exit_group(0) = ? [pid 6312] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6312, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1284", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1284", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1284/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1284/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1284/binderfs") = 0 umount2("./1284/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1284/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1284/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1284/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1284/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1284/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1284") = 0 mkdir("./1285", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6313 attached , child_tidptr=0x5555568435d0) = 6313 [pid 6313] chdir("./1285") = 0 [pid 6313] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6313] setpgid(0, 0) = 0 [pid 6313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6313] write(3, "1000", 4) = 4 [pid 6313] close(3) = 0 [pid 6313] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6313] memfd_create("syzkaller", 0) = 3 [pid 6313] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 150.873107][ T6312] loop0: detected capacity change from 0 to 4096 [ 150.881401][ T6312] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6313] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6313] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6313] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6313] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6313] close(3) = 0 [pid 6313] mkdir("./file0", 0777) = 0 [pid 6313] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6313] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6313] chdir("./file0") = 0 [pid 6313] ioctl(4, LOOP_CLR_FD) = 0 [pid 6313] close(4) = 0 [pid 6313] exit_group(0) = ? [pid 6313] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6313, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1285", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1285", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1285/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1285/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1285/binderfs") = 0 umount2("./1285/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1285/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1285/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1285/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1285/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1285/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1285") = 0 mkdir("./1286", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6314 ./strace-static-x86_64: Process 6314 attached [ 150.953895][ T6313] loop0: detected capacity change from 0 to 4096 [ 150.962430][ T6313] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6314] chdir("./1286") = 0 [pid 6314] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6314] setpgid(0, 0) = 0 [pid 6314] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6314] write(3, "1000", 4) = 4 [pid 6314] close(3) = 0 [pid 6314] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6314] memfd_create("syzkaller", 0) = 3 [pid 6314] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6314] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6314] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6314] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6314] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6314] close(3) = 0 [pid 6314] mkdir("./file0", 0777) = 0 [pid 6314] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6314] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6314] chdir("./file0") = 0 [pid 6314] ioctl(4, LOOP_CLR_FD) = 0 [pid 6314] close(4) = 0 [pid 6314] exit_group(0) = ? [pid 6314] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6314, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1286", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1286", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1286/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1286/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1286/binderfs") = 0 umount2("./1286/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1286/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1286/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1286/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1286/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1286/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1286") = 0 mkdir("./1287", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6315 ./strace-static-x86_64: Process 6315 attached [pid 6315] chdir("./1287") = 0 [pid 6315] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6315] setpgid(0, 0) = 0 [pid 6315] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6315] write(3, "1000", 4) = 4 [pid 6315] close(3) = 0 [pid 6315] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6315] memfd_create("syzkaller", 0) = 3 [pid 6315] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 151.041460][ T6314] loop0: detected capacity change from 0 to 4096 [ 151.049766][ T6314] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6315] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6315] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6315] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6315] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6315] close(3) = 0 [pid 6315] mkdir("./file0", 0777) = 0 [pid 6315] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6315] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6315] chdir("./file0") = 0 [pid 6315] ioctl(4, LOOP_CLR_FD) = 0 [pid 6315] close(4) = 0 [pid 6315] exit_group(0) = ? [pid 6315] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6315, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1287", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1287", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1287/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1287/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1287/binderfs") = 0 umount2("./1287/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1287/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1287/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1287/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1287/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1287/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1287") = 0 mkdir("./1288", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6316 ./strace-static-x86_64: Process 6316 attached [pid 6316] chdir("./1288") = 0 [pid 6316] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6316] setpgid(0, 0) = 0 [pid 6316] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6316] write(3, "1000", 4) = 4 [pid 6316] close(3) = 0 [pid 6316] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6316] memfd_create("syzkaller", 0) = 3 [pid 6316] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 151.126668][ T6315] loop0: detected capacity change from 0 to 4096 [ 151.134887][ T6315] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6316] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6316] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6316] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6316] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6316] close(3) = 0 [pid 6316] mkdir("./file0", 0777) = 0 [pid 6316] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6316] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6316] chdir("./file0") = 0 [pid 6316] ioctl(4, LOOP_CLR_FD) = 0 [pid 6316] close(4) = 0 [pid 6316] exit_group(0) = ? [pid 6316] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6316, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1288", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1288", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1288/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1288/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1288/binderfs") = 0 umount2("./1288/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1288/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1288/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1288/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1288/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1288/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1288") = 0 mkdir("./1289", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6317 ./strace-static-x86_64: Process 6317 attached [pid 6317] chdir("./1289") = 0 [pid 6317] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 151.210197][ T6316] loop0: detected capacity change from 0 to 4096 [ 151.219236][ T6316] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6317] setpgid(0, 0) = 0 [pid 6317] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6317] write(3, "1000", 4) = 4 [pid 6317] close(3) = 0 [pid 6317] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6317] memfd_create("syzkaller", 0) = 3 [pid 6317] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6317] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6317] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6317] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6317] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6317] close(3) = 0 [pid 6317] mkdir("./file0", 0777) = 0 [pid 6317] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6317] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6317] chdir("./file0") = 0 [pid 6317] ioctl(4, LOOP_CLR_FD) = 0 [pid 6317] close(4) = 0 [pid 6317] exit_group(0) = ? [pid 6317] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6317, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1289", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1289", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1289/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1289/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1289/binderfs") = 0 umount2("./1289/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1289/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1289/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1289/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1289/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1289/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1289") = 0 mkdir("./1290", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6318 ./strace-static-x86_64: Process 6318 attached [ 151.293505][ T6317] loop0: detected capacity change from 0 to 4096 [ 151.302011][ T6317] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6318] chdir("./1290") = 0 [pid 6318] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6318] setpgid(0, 0) = 0 [pid 6318] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6318] write(3, "1000", 4) = 4 [pid 6318] close(3) = 0 [pid 6318] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6318] memfd_create("syzkaller", 0) = 3 [pid 6318] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6318] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6318] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6318] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6318] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6318] close(3) = 0 [pid 6318] mkdir("./file0", 0777) = 0 [pid 6318] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6318] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6318] chdir("./file0") = 0 [pid 6318] ioctl(4, LOOP_CLR_FD) = 0 [pid 6318] close(4) = 0 [pid 6318] exit_group(0) = ? [pid 6318] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6318, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1290", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1290", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1290/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1290/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1290/binderfs") = 0 umount2("./1290/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1290/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1290/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1290/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1290/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1290/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1290") = 0 mkdir("./1291", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6319 ./strace-static-x86_64: Process 6319 attached [pid 6319] chdir("./1291") = 0 [pid 6319] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6319] setpgid(0, 0) = 0 [pid 6319] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6319] write(3, "1000", 4) = 4 [pid 6319] close(3) = 0 [pid 6319] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6319] memfd_create("syzkaller", 0) = 3 [pid 6319] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 151.379901][ T6318] loop0: detected capacity change from 0 to 4096 [ 151.388402][ T6318] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6319] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6319] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6319] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6319] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6319] close(3) = 0 [pid 6319] mkdir("./file0", 0777) = 0 [pid 6319] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6319] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6319] chdir("./file0") = 0 [pid 6319] ioctl(4, LOOP_CLR_FD) = 0 [pid 6319] close(4) = 0 [pid 6319] exit_group(0) = ? [pid 6319] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6319, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1291", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1291", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1291/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1291/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1291/binderfs") = 0 umount2("./1291/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1291/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1291/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1291/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1291/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1291/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1291") = 0 mkdir("./1292", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6320 ./strace-static-x86_64: Process 6320 attached [pid 6320] chdir("./1292") = 0 [pid 6320] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6320] setpgid(0, 0) = 0 [pid 6320] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6320] write(3, "1000", 4) = 4 [pid 6320] close(3) = 0 [pid 6320] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6320] memfd_create("syzkaller", 0) = 3 [pid 6320] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 151.457552][ T6319] loop0: detected capacity change from 0 to 4096 [ 151.466402][ T6319] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6320] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6320] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6320] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6320] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6320] close(3) = 0 [pid 6320] mkdir("./file0", 0777) = 0 [pid 6320] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6320] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6320] chdir("./file0") = 0 [pid 6320] ioctl(4, LOOP_CLR_FD) = 0 [pid 6320] close(4) = 0 [pid 6320] exit_group(0) = ? [pid 6320] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6320, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1292", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1292", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1292/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1292/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1292/binderfs") = 0 umount2("./1292/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1292/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1292/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1292/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1292/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1292/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1292") = 0 mkdir("./1293", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 151.533469][ T6320] loop0: detected capacity change from 0 to 4096 [ 151.543224][ T6320] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6321 ./strace-static-x86_64: Process 6321 attached [pid 6321] chdir("./1293") = 0 [pid 6321] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6321] setpgid(0, 0) = 0 [pid 6321] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6321] write(3, "1000", 4) = 4 [pid 6321] close(3) = 0 [pid 6321] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6321] memfd_create("syzkaller", 0) = 3 [pid 6321] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6321] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6321] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6321] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6321] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6321] close(3) = 0 [pid 6321] mkdir("./file0", 0777) = 0 [pid 6321] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6321] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6321] chdir("./file0") = 0 [pid 6321] ioctl(4, LOOP_CLR_FD) = 0 [pid 6321] close(4) = 0 [pid 6321] exit_group(0) = ? [pid 6321] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6321, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1293", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1293", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1293/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1293/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1293/binderfs") = 0 umount2("./1293/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1293/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1293/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1293/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1293/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1293/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1293") = 0 mkdir("./1294", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6322 ./strace-static-x86_64: Process 6322 attached [pid 6322] chdir("./1294") = 0 [pid 6322] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6322] setpgid(0, 0) = 0 [pid 6322] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6322] write(3, "1000", 4) = 4 [pid 6322] close(3) = 0 [pid 6322] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6322] memfd_create("syzkaller", 0) = 3 [pid 6322] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 151.635156][ T6321] loop0: detected capacity change from 0 to 4096 [ 151.643668][ T6321] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6322] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6322] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6322] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6322] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6322] close(3) = 0 [pid 6322] mkdir("./file0", 0777) = 0 [pid 6322] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6322] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6322] chdir("./file0") = 0 [pid 6322] ioctl(4, LOOP_CLR_FD) = 0 [pid 6322] close(4) = 0 [pid 6322] exit_group(0) = ? [pid 6322] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6322, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1294", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1294", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1294/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1294/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1294/binderfs") = 0 umount2("./1294/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1294/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1294/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1294/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1294/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1294/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1294") = 0 mkdir("./1295", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 151.709770][ T6322] loop0: detected capacity change from 0 to 4096 [ 151.717941][ T6322] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6323 ./strace-static-x86_64: Process 6323 attached [pid 6323] chdir("./1295") = 0 [pid 6323] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6323] setpgid(0, 0) = 0 [pid 6323] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6323] write(3, "1000", 4) = 4 [pid 6323] close(3) = 0 [pid 6323] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6323] memfd_create("syzkaller", 0) = 3 [pid 6323] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6323] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6323] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6323] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6323] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6323] close(3) = 0 [pid 6323] mkdir("./file0", 0777) = 0 [pid 6323] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6323] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6323] chdir("./file0") = 0 [pid 6323] ioctl(4, LOOP_CLR_FD) = 0 [pid 6323] close(4) = 0 [pid 6323] exit_group(0) = ? [pid 6323] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6323, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1295", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1295", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1295/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1295/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1295/binderfs") = 0 umount2("./1295/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1295/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1295/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1295/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1295/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1295/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1295") = 0 mkdir("./1296", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6324 ./strace-static-x86_64: Process 6324 attached [pid 6324] chdir("./1296") = 0 [pid 6324] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6324] setpgid(0, 0) = 0 [pid 6324] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6324] write(3, "1000", 4) = 4 [pid 6324] close(3) = 0 [pid 6324] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6324] memfd_create("syzkaller", 0) = 3 [ 151.800380][ T6323] loop0: detected capacity change from 0 to 4096 [ 151.810045][ T6323] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6324] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6324] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6324] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6324] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6324] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6324] close(3) = 0 [pid 6324] mkdir("./file0", 0777) = 0 [pid 6324] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6324] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6324] chdir("./file0") = 0 [pid 6324] ioctl(4, LOOP_CLR_FD) = 0 [pid 6324] close(4) = 0 [pid 6324] exit_group(0) = ? [pid 6324] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6324, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1296", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1296", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1296/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1296/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1296/binderfs") = 0 umount2("./1296/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1296/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1296/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1296/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1296/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1296/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1296") = 0 mkdir("./1297", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6325 ./strace-static-x86_64: Process 6325 attached [pid 6325] chdir("./1297") = 0 [pid 6325] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6325] setpgid(0, 0) = 0 [pid 6325] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6325] write(3, "1000", 4) = 4 [pid 6325] close(3) = 0 [pid 6325] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6325] memfd_create("syzkaller", 0) = 3 [pid 6325] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 151.887326][ T6324] loop0: detected capacity change from 0 to 4096 [ 151.895773][ T6324] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6325] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6325] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6325] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6325] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6325] close(3) = 0 [pid 6325] mkdir("./file0", 0777) = 0 [pid 6325] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6325] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6325] chdir("./file0") = 0 [pid 6325] ioctl(4, LOOP_CLR_FD) = 0 [pid 6325] close(4) = 0 [pid 6325] exit_group(0) = ? [pid 6325] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6325, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1297", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1297", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1297/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1297/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1297/binderfs") = 0 umount2("./1297/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1297/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1297/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1297/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1297/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1297/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1297") = 0 mkdir("./1298", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 151.963752][ T6325] loop0: detected capacity change from 0 to 4096 [ 151.972589][ T6325] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6326 ./strace-static-x86_64: Process 6326 attached [pid 6326] chdir("./1298") = 0 [pid 6326] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6326] setpgid(0, 0) = 0 [pid 6326] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6326] write(3, "1000", 4) = 4 [pid 6326] close(3) = 0 [pid 6326] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6326] memfd_create("syzkaller", 0) = 3 [pid 6326] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6326] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6326] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6326] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6326] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6326] close(3) = 0 [pid 6326] mkdir("./file0", 0777) = 0 [pid 6326] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6326] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6326] chdir("./file0") = 0 [pid 6326] ioctl(4, LOOP_CLR_FD) = 0 [pid 6326] close(4) = 0 [pid 6326] exit_group(0) = ? [pid 6326] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6326, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1298", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1298", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1298/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1298/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1298/binderfs") = 0 umount2("./1298/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1298/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1298/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1298/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1298/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1298/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1298") = 0 mkdir("./1299", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6327 ./strace-static-x86_64: Process 6327 attached [pid 6327] chdir("./1299") = 0 [pid 6327] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6327] setpgid(0, 0) = 0 [pid 6327] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 152.054163][ T6326] loop0: detected capacity change from 0 to 4096 [ 152.063347][ T6326] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6327] write(3, "1000", 4) = 4 [pid 6327] close(3) = 0 [pid 6327] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6327] memfd_create("syzkaller", 0) = 3 [pid 6327] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6327] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6327] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6327] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6327] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6327] close(3) = 0 [pid 6327] mkdir("./file0", 0777) = 0 [pid 6327] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6327] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6327] chdir("./file0") = 0 [pid 6327] ioctl(4, LOOP_CLR_FD) = 0 [pid 6327] close(4) = 0 [pid 6327] exit_group(0) = ? [pid 6327] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6327, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1299", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1299", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1299/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1299/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1299/binderfs") = 0 umount2("./1299/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1299/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1299/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1299/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1299/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1299/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1299") = 0 mkdir("./1300", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6328 ./strace-static-x86_64: Process 6328 attached [pid 6328] chdir("./1300") = 0 [pid 6328] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6328] setpgid(0, 0) = 0 [pid 6328] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6328] write(3, "1000", 4) = 4 [pid 6328] close(3) = 0 [pid 6328] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6328] memfd_create("syzkaller", 0) = 3 [pid 6328] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 152.140809][ T6327] loop0: detected capacity change from 0 to 4096 [ 152.150005][ T6327] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6328] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6328] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6328] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6328] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6328] close(3) = 0 [pid 6328] mkdir("./file0", 0777) = 0 [pid 6328] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6328] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6328] chdir("./file0") = 0 [pid 6328] ioctl(4, LOOP_CLR_FD) = 0 [pid 6328] close(4) = 0 [pid 6328] exit_group(0) = ? [pid 6328] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6328, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1300", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1300", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1300/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1300/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1300/binderfs") = 0 umount2("./1300/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1300/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1300/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1300/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1300/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1300/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1300") = 0 mkdir("./1301", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6329 ./strace-static-x86_64: Process 6329 attached [pid 6329] chdir("./1301") = 0 [pid 6329] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6329] setpgid(0, 0) = 0 [pid 6329] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6329] write(3, "1000", 4) = 4 [pid 6329] close(3) = 0 [pid 6329] symlink("/dev/binderfs", "./binderfs") = 0 [ 152.226822][ T6328] loop0: detected capacity change from 0 to 4096 [ 152.235046][ T6328] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6329] memfd_create("syzkaller", 0) = 3 [pid 6329] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6329] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6329] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6329] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6329] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6329] close(3) = 0 [pid 6329] mkdir("./file0", 0777) = 0 [pid 6329] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6329] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6329] chdir("./file0") = 0 [pid 6329] ioctl(4, LOOP_CLR_FD) = 0 [pid 6329] close(4) = 0 [pid 6329] exit_group(0) = ? [pid 6329] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6329, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1301", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1301", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1301/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1301/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1301/binderfs") = 0 umount2("./1301/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1301/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1301/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1301/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1301/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1301/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1301") = 0 mkdir("./1302", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6330 ./strace-static-x86_64: Process 6330 attached [pid 6330] chdir("./1302") = 0 [pid 6330] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6330] setpgid(0, 0) = 0 [pid 6330] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 152.310171][ T6329] loop0: detected capacity change from 0 to 4096 [ 152.319250][ T6329] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6330] write(3, "1000", 4) = 4 [pid 6330] close(3) = 0 [pid 6330] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6330] memfd_create("syzkaller", 0) = 3 [pid 6330] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6330] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6330] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6330] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6330] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6330] close(3) = 0 [pid 6330] mkdir("./file0", 0777) = 0 [pid 6330] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6330] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6330] chdir("./file0") = 0 [pid 6330] ioctl(4, LOOP_CLR_FD) = 0 [pid 6330] close(4) = 0 [pid 6330] exit_group(0) = ? [pid 6330] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6330, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1302", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1302", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1302/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1302/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1302/binderfs") = 0 umount2("./1302/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1302/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1302/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1302/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1302/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1302/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1302") = 0 mkdir("./1303", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6331 ./strace-static-x86_64: Process 6331 attached [pid 6331] chdir("./1303") = 0 [pid 6331] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6331] setpgid(0, 0) = 0 [pid 6331] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6331] write(3, "1000", 4) = 4 [pid 6331] close(3) = 0 [pid 6331] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6331] memfd_create("syzkaller", 0) = 3 [pid 6331] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 152.397674][ T6330] loop0: detected capacity change from 0 to 4096 [ 152.406028][ T6330] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6331] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6331] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6331] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6331] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6331] close(3) = 0 [pid 6331] mkdir("./file0", 0777) = 0 [pid 6331] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6331] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6331] chdir("./file0") = 0 [pid 6331] ioctl(4, LOOP_CLR_FD) = 0 [pid 6331] close(4) = 0 [pid 6331] exit_group(0) = ? [pid 6331] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6331, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1303", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1303", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1303/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1303/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1303/binderfs") = 0 umount2("./1303/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1303/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1303/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1303/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1303/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1303/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1303") = 0 mkdir("./1304", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6332 ./strace-static-x86_64: Process 6332 attached [pid 6332] chdir("./1304") = 0 [pid 6332] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6332] setpgid(0, 0) = 0 [pid 6332] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6332] write(3, "1000", 4) = 4 [pid 6332] close(3) = 0 [pid 6332] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6332] memfd_create("syzkaller", 0) = 3 [ 152.466834][ T6331] loop0: detected capacity change from 0 to 4096 [ 152.475208][ T6331] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6332] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6332] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6332] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6332] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6332] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6332] close(3) = 0 [pid 6332] mkdir("./file0", 0777) = 0 [pid 6332] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6332] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6332] chdir("./file0") = 0 [pid 6332] ioctl(4, LOOP_CLR_FD) = 0 [pid 6332] close(4) = 0 [pid 6332] exit_group(0) = ? [pid 6332] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6332, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1304", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1304", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1304/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1304/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1304/binderfs") = 0 umount2("./1304/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1304/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1304/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1304/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1304/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1304/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1304") = 0 mkdir("./1305", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 152.551523][ T6332] loop0: detected capacity change from 0 to 4096 [ 152.560693][ T6332] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6333 ./strace-static-x86_64: Process 6333 attached [pid 6333] chdir("./1305") = 0 [pid 6333] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6333] setpgid(0, 0) = 0 [pid 6333] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6333] write(3, "1000", 4) = 4 [pid 6333] close(3) = 0 [pid 6333] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6333] memfd_create("syzkaller", 0) = 3 [pid 6333] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6333] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6333] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6333] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6333] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6333] close(3) = 0 [pid 6333] mkdir("./file0", 0777) = 0 [pid 6333] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6333] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6333] chdir("./file0") = 0 [pid 6333] ioctl(4, LOOP_CLR_FD) = 0 [pid 6333] close(4) = 0 [pid 6333] exit_group(0) = ? [pid 6333] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6333, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1305", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1305", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1305/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1305/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1305/binderfs") = 0 umount2("./1305/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1305/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1305/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1305/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1305/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1305/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1305") = 0 mkdir("./1306", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6334 ./strace-static-x86_64: Process 6334 attached [pid 6334] chdir("./1306") = 0 [pid 6334] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6334] setpgid(0, 0) = 0 [pid 6334] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6334] write(3, "1000", 4) = 4 [pid 6334] close(3) = 0 [pid 6334] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6334] memfd_create("syzkaller", 0) = 3 [ 152.637211][ T6333] loop0: detected capacity change from 0 to 4096 [ 152.645687][ T6333] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6334] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6334] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6334] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6334] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6334] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6334] close(3) = 0 [pid 6334] mkdir("./file0", 0777) = 0 [pid 6334] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6334] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6334] chdir("./file0") = 0 [pid 6334] ioctl(4, LOOP_CLR_FD) = 0 [pid 6334] close(4) = 0 [pid 6334] exit_group(0) = ? [pid 6334] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6334, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1306", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1306", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1306/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1306/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1306/binderfs") = 0 umount2("./1306/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1306/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1306/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1306/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1306/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1306/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1306") = 0 mkdir("./1307", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 152.723648][ T6334] loop0: detected capacity change from 0 to 4096 [ 152.733719][ T6334] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6335 ./strace-static-x86_64: Process 6335 attached [pid 6335] chdir("./1307") = 0 [pid 6335] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6335] setpgid(0, 0) = 0 [pid 6335] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6335] write(3, "1000", 4) = 4 [pid 6335] close(3) = 0 [pid 6335] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6335] memfd_create("syzkaller", 0) = 3 [pid 6335] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6335] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6335] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6335] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6335] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6335] close(3) = 0 [pid 6335] mkdir("./file0", 0777) = 0 [pid 6335] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6335] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6335] chdir("./file0") = 0 [pid 6335] ioctl(4, LOOP_CLR_FD) = 0 [pid 6335] close(4) = 0 [pid 6335] exit_group(0) = ? [pid 6335] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6335, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1307", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1307", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1307/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1307/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1307/binderfs") = 0 umount2("./1307/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1307/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1307/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1307/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1307/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1307/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1307") = 0 mkdir("./1308", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6336 ./strace-static-x86_64: Process 6336 attached [pid 6336] chdir("./1308") = 0 [pid 6336] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6336] setpgid(0, 0) = 0 [pid 6336] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 152.809536][ T6335] loop0: detected capacity change from 0 to 4096 [ 152.818648][ T6335] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6336] write(3, "1000", 4) = 4 [pid 6336] close(3) = 0 [pid 6336] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6336] memfd_create("syzkaller", 0) = 3 [pid 6336] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6336] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6336] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6336] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6336] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6336] close(3) = 0 [pid 6336] mkdir("./file0", 0777) = 0 [pid 6336] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6336] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6336] chdir("./file0") = 0 [pid 6336] ioctl(4, LOOP_CLR_FD) = 0 [pid 6336] close(4) = 0 [pid 6336] exit_group(0) = ? [pid 6336] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6336, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1308", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1308", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1308/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1308/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1308/binderfs") = 0 umount2("./1308/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1308/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1308/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1308/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1308/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1308/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1308") = 0 mkdir("./1309", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 152.902006][ T6336] loop0: detected capacity change from 0 to 4096 [ 152.910363][ T6336] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6337 ./strace-static-x86_64: Process 6337 attached [pid 6337] chdir("./1309") = 0 [pid 6337] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6337] setpgid(0, 0) = 0 [pid 6337] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6337] write(3, "1000", 4) = 4 [pid 6337] close(3) = 0 [pid 6337] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6337] memfd_create("syzkaller", 0) = 3 [pid 6337] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6337] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6337] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6337] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6337] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6337] close(3) = 0 [pid 6337] mkdir("./file0", 0777) = 0 [pid 6337] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6337] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6337] chdir("./file0") = 0 [pid 6337] ioctl(4, LOOP_CLR_FD) = 0 [pid 6337] close(4) = 0 [pid 6337] exit_group(0) = ? [pid 6337] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6337, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1309", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1309", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1309/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1309/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1309/binderfs") = 0 umount2("./1309/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1309/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1309/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1309/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1309/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1309/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1309") = 0 mkdir("./1310", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 152.989630][ T6337] loop0: detected capacity change from 0 to 4096 [ 152.998375][ T6337] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6338 ./strace-static-x86_64: Process 6338 attached [pid 6338] chdir("./1310") = 0 [pid 6338] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6338] setpgid(0, 0) = 0 [pid 6338] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6338] write(3, "1000", 4) = 4 [pid 6338] close(3) = 0 [pid 6338] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6338] memfd_create("syzkaller", 0) = 3 [pid 6338] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6338] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6338] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6338] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6338] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6338] close(3) = 0 [pid 6338] mkdir("./file0", 0777) = 0 [pid 6338] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6338] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6338] chdir("./file0") = 0 [pid 6338] ioctl(4, LOOP_CLR_FD) = 0 [pid 6338] close(4) = 0 [pid 6338] exit_group(0) = ? [pid 6338] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6338, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1310", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1310", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1310/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1310/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1310/binderfs") = 0 umount2("./1310/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1310/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1310/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1310/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1310/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1310/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1310") = 0 mkdir("./1311", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6339 ./strace-static-x86_64: Process 6339 attached [pid 6339] chdir("./1311") = 0 [pid 6339] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6339] setpgid(0, 0) = 0 [pid 6339] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6339] write(3, "1000", 4) = 4 [pid 6339] close(3) = 0 [pid 6339] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6339] memfd_create("syzkaller", 0) = 3 [pid 6339] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 153.079516][ T6338] loop0: detected capacity change from 0 to 4096 [ 153.087965][ T6338] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6339] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6339] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6339] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6339] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6339] close(3) = 0 [pid 6339] mkdir("./file0", 0777) = 0 [pid 6339] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6339] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6339] chdir("./file0") = 0 [pid 6339] ioctl(4, LOOP_CLR_FD) = 0 [pid 6339] close(4) = 0 [pid 6339] exit_group(0) = ? [pid 6339] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6339, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1311", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1311", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1311/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1311/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1311/binderfs") = 0 umount2("./1311/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1311/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1311/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1311/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1311/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1311/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1311") = 0 mkdir("./1312", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 153.158627][ T6339] loop0: detected capacity change from 0 to 4096 [ 153.166861][ T6339] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6340 ./strace-static-x86_64: Process 6340 attached [pid 6340] chdir("./1312") = 0 [pid 6340] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6340] setpgid(0, 0) = 0 [pid 6340] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6340] write(3, "1000", 4) = 4 [pid 6340] close(3) = 0 [pid 6340] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6340] memfd_create("syzkaller", 0) = 3 [pid 6340] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6340] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6340] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6340] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6340] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6340] close(3) = 0 [pid 6340] mkdir("./file0", 0777) = 0 [pid 6340] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6340] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6340] chdir("./file0") = 0 [pid 6340] ioctl(4, LOOP_CLR_FD) = 0 [pid 6340] close(4) = 0 [pid 6340] exit_group(0) = ? [pid 6340] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6340, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1312", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1312", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1312/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1312/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1312/binderfs") = 0 umount2("./1312/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1312/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1312/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1312/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1312/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1312/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1312") = 0 mkdir("./1313", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6341 ./strace-static-x86_64: Process 6341 attached [pid 6341] chdir("./1313") = 0 [pid 6341] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6341] setpgid(0, 0) = 0 [pid 6341] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6341] write(3, "1000", 4) = 4 [pid 6341] close(3) = 0 [pid 6341] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6341] memfd_create("syzkaller", 0) = 3 [ 153.244787][ T6340] loop0: detected capacity change from 0 to 4096 [ 153.253228][ T6340] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6341] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6341] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6341] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6341] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6341] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6341] close(3) = 0 [pid 6341] mkdir("./file0", 0777) = 0 [pid 6341] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6341] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6341] chdir("./file0") = 0 [pid 6341] ioctl(4, LOOP_CLR_FD) = 0 [pid 6341] close(4) = 0 [pid 6341] exit_group(0) = ? [pid 6341] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6341, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1313", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1313", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1313/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1313/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1313/binderfs") = 0 umount2("./1313/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1313/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1313/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1313/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1313/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1313/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1313") = 0 mkdir("./1314", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 153.329570][ T6341] loop0: detected capacity change from 0 to 4096 [ 153.337896][ T6341] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6342 ./strace-static-x86_64: Process 6342 attached [pid 6342] chdir("./1314") = 0 [pid 6342] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6342] setpgid(0, 0) = 0 [pid 6342] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6342] write(3, "1000", 4) = 4 [pid 6342] close(3) = 0 [pid 6342] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6342] memfd_create("syzkaller", 0) = 3 [pid 6342] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6342] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6342] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6342] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6342] close(3) = 0 [pid 6342] mkdir("./file0", 0777) = 0 [pid 6342] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6342] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6342] chdir("./file0") = 0 [pid 6342] ioctl(4, LOOP_CLR_FD) = 0 [pid 6342] close(4) = 0 [pid 6342] exit_group(0) = ? [pid 6342] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6342, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1314", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1314", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1314/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1314/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1314/binderfs") = 0 umount2("./1314/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1314/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1314/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1314/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1314/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1314/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1314") = 0 mkdir("./1315", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6343 ./strace-static-x86_64: Process 6343 attached [pid 6343] chdir("./1315") = 0 [pid 6343] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6343] setpgid(0, 0) = 0 [pid 6343] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6343] write(3, "1000", 4) = 4 [pid 6343] close(3) = 0 [pid 6343] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6343] memfd_create("syzkaller", 0) = 3 [pid 6343] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 153.413932][ T6342] loop0: detected capacity change from 0 to 4096 [ 153.422465][ T6342] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6343] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6343] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6343] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6343] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6343] close(3) = 0 [pid 6343] mkdir("./file0", 0777) = 0 [pid 6343] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6343] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6343] chdir("./file0") = 0 [pid 6343] ioctl(4, LOOP_CLR_FD) = 0 [pid 6343] close(4) = 0 [pid 6343] exit_group(0) = ? [pid 6343] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6343, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1315", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1315", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1315/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1315/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1315/binderfs") = 0 umount2("./1315/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1315/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1315/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1315/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1315/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1315/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1315") = 0 mkdir("./1316", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6344 ./strace-static-x86_64: Process 6344 attached [pid 6344] chdir("./1316") = 0 [pid 6344] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6344] setpgid(0, 0) = 0 [pid 6344] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6344] write(3, "1000", 4) = 4 [pid 6344] close(3) = 0 [pid 6344] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6344] memfd_create("syzkaller", 0) = 3 [pid 6344] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 153.497701][ T6343] loop0: detected capacity change from 0 to 4096 [ 153.507106][ T6343] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6344] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6344] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6344] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6344] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6344] close(3) = 0 [pid 6344] mkdir("./file0", 0777) = 0 [pid 6344] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6344] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6344] chdir("./file0") = 0 [pid 6344] ioctl(4, LOOP_CLR_FD) = 0 [pid 6344] close(4) = 0 [pid 6344] exit_group(0) = ? [pid 6344] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6344, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1316", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1316", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1316/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1316/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1316/binderfs") = 0 umount2("./1316/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1316/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1316/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1316/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1316/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1316/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1316") = 0 mkdir("./1317", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6345 ./strace-static-x86_64: Process 6345 attached [pid 6345] chdir("./1317") = 0 [pid 6345] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6345] setpgid(0, 0) = 0 [pid 6345] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6345] write(3, "1000", 4) = 4 [pid 6345] close(3) = 0 [ 153.575400][ T6344] loop0: detected capacity change from 0 to 4096 [ 153.584284][ T6344] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6345] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6345] memfd_create("syzkaller", 0) = 3 [pid 6345] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6345] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6345] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6345] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6345] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6345] close(3) = 0 [pid 6345] mkdir("./file0", 0777) = 0 [pid 6345] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6345] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6345] chdir("./file0") = 0 [pid 6345] ioctl(4, LOOP_CLR_FD) = 0 [pid 6345] close(4) = 0 [pid 6345] exit_group(0) = ? [pid 6345] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6345, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1317", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1317", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1317/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1317/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1317/binderfs") = 0 umount2("./1317/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1317/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1317/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1317/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1317/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1317/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1317") = 0 mkdir("./1318", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6346 attached , child_tidptr=0x5555568435d0) = 6346 [pid 6346] chdir("./1318") = 0 [pid 6346] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6346] setpgid(0, 0) = 0 [pid 6346] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6346] write(3, "1000", 4) = 4 [pid 6346] close(3) = 0 [ 153.658962][ T6345] loop0: detected capacity change from 0 to 4096 [ 153.667427][ T6345] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6346] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6346] memfd_create("syzkaller", 0) = 3 [pid 6346] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6346] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6346] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6346] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6346] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6346] close(3) = 0 [pid 6346] mkdir("./file0", 0777) = 0 [pid 6346] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6346] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6346] chdir("./file0") = 0 [pid 6346] ioctl(4, LOOP_CLR_FD) = 0 [pid 6346] close(4) = 0 [pid 6346] exit_group(0) = ? [pid 6346] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6346, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1318", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1318", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1318/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1318/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1318/binderfs") = 0 umount2("./1318/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1318/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1318/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1318/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1318/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1318/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1318") = 0 mkdir("./1319", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6347 ./strace-static-x86_64: Process 6347 attached [pid 6347] chdir("./1319") = 0 [pid 6347] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6347] setpgid(0, 0) = 0 [pid 6347] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6347] write(3, "1000", 4) = 4 [pid 6347] close(3) = 0 [pid 6347] symlink("/dev/binderfs", "./binderfs") = 0 [ 153.741734][ T6346] loop0: detected capacity change from 0 to 4096 [ 153.750165][ T6346] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6347] memfd_create("syzkaller", 0) = 3 [pid 6347] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6347] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6347] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6347] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6347] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6347] close(3) = 0 [pid 6347] mkdir("./file0", 0777) = 0 [pid 6347] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6347] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6347] chdir("./file0") = 0 [pid 6347] ioctl(4, LOOP_CLR_FD) = 0 [pid 6347] close(4) = 0 [pid 6347] exit_group(0) = ? [pid 6347] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6347, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1319", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1319", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1319/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1319/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1319/binderfs") = 0 umount2("./1319/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1319/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1319/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1319/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1319/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1319/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1319") = 0 mkdir("./1320", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6348 ./strace-static-x86_64: Process 6348 attached [pid 6348] chdir("./1320") = 0 [pid 6348] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6348] setpgid(0, 0) = 0 [pid 6348] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6348] write(3, "1000", 4) = 4 [pid 6348] close(3) = 0 [pid 6348] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6348] memfd_create("syzkaller", 0) = 3 [pid 6348] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 153.821817][ T6347] loop0: detected capacity change from 0 to 4096 [ 153.831094][ T6347] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6348] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6348] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6348] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6348] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6348] close(3) = 0 [pid 6348] mkdir("./file0", 0777) = 0 [pid 6348] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6348] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6348] chdir("./file0") = 0 [pid 6348] ioctl(4, LOOP_CLR_FD) = 0 [pid 6348] close(4) = 0 [pid 6348] exit_group(0) = ? [pid 6348] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6348, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1320", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1320", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1320/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1320/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1320/binderfs") = 0 umount2("./1320/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1320/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1320/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1320/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1320/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1320/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1320") = 0 mkdir("./1321", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6349 ./strace-static-x86_64: Process 6349 attached [pid 6349] chdir("./1321") = 0 [pid 6349] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6349] setpgid(0, 0) = 0 [pid 6349] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6349] write(3, "1000", 4) = 4 [pid 6349] close(3) = 0 [pid 6349] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6349] memfd_create("syzkaller", 0) = 3 [pid 6349] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 153.906573][ T6348] loop0: detected capacity change from 0 to 4096 [ 153.914809][ T6348] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6349] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6349] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6349] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6349] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6349] close(3) = 0 [pid 6349] mkdir("./file0", 0777) = 0 [pid 6349] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6349] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6349] chdir("./file0") = 0 [pid 6349] ioctl(4, LOOP_CLR_FD) = 0 [pid 6349] close(4) = 0 [pid 6349] exit_group(0) = ? [pid 6349] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6349, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1321", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1321", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1321/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1321/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1321/binderfs") = 0 umount2("./1321/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1321/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1321/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1321/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1321/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1321/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1321") = 0 mkdir("./1322", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6350 ./strace-static-x86_64: Process 6350 attached [pid 6350] chdir("./1322") = 0 [pid 6350] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6350] setpgid(0, 0) = 0 [ 153.990354][ T6349] loop0: detected capacity change from 0 to 4096 [ 153.999508][ T6349] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6350] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6350] write(3, "1000", 4) = 4 [pid 6350] close(3) = 0 [pid 6350] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6350] memfd_create("syzkaller", 0) = 3 [pid 6350] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6350] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6350] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6350] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6350] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6350] close(3) = 0 [pid 6350] mkdir("./file0", 0777) = 0 [pid 6350] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6350] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6350] chdir("./file0") = 0 [pid 6350] ioctl(4, LOOP_CLR_FD) = 0 [pid 6350] close(4) = 0 [pid 6350] exit_group(0) = ? [pid 6350] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6350, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1322", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1322", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1322/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1322/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1322/binderfs") = 0 umount2("./1322/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1322/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1322/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1322/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1322/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1322/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 [ 154.078335][ T6350] loop0: detected capacity change from 0 to 4096 [ 154.087294][ T6350] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 rmdir("./1322") = 0 mkdir("./1323", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6351 ./strace-static-x86_64: Process 6351 attached [pid 6351] chdir("./1323") = 0 [pid 6351] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6351] setpgid(0, 0) = 0 [pid 6351] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6351] write(3, "1000", 4) = 4 [pid 6351] close(3) = 0 [pid 6351] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6351] memfd_create("syzkaller", 0) = 3 [pid 6351] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6351] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6351] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6351] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6351] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6351] close(3) = 0 [pid 6351] mkdir("./file0", 0777) = 0 [pid 6351] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6351] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6351] chdir("./file0") = 0 [pid 6351] ioctl(4, LOOP_CLR_FD) = 0 [pid 6351] close(4) = 0 [pid 6351] exit_group(0) = ? [pid 6351] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6351, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1323", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1323", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1323/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1323/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1323/binderfs") = 0 umount2("./1323/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1323/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1323/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1323/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1323/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1323/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1323") = 0 mkdir("./1324", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6352 ./strace-static-x86_64: Process 6352 attached [pid 6352] chdir("./1324") = 0 [pid 6352] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6352] setpgid(0, 0) = 0 [pid 6352] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6352] write(3, "1000", 4) = 4 [pid 6352] close(3) = 0 [pid 6352] symlink("/dev/binderfs", "./binderfs") = 0 [ 154.173965][ T6351] loop0: detected capacity change from 0 to 4096 [ 154.182633][ T6351] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6352] memfd_create("syzkaller", 0) = 3 [pid 6352] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6352] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6352] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6352] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6352] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6352] close(3) = 0 [pid 6352] mkdir("./file0", 0777) = 0 [pid 6352] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6352] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6352] chdir("./file0") = 0 [pid 6352] ioctl(4, LOOP_CLR_FD) = 0 [pid 6352] close(4) = 0 [pid 6352] exit_group(0) = ? [pid 6352] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6352, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1324", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1324", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1324/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1324/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1324/binderfs") = 0 umount2("./1324/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1324/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1324/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1324/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1324/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1324/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1324") = 0 mkdir("./1325", 0777) = 0 [ 154.258679][ T6352] loop0: detected capacity change from 0 to 4096 [ 154.267376][ T6352] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6353 attached , child_tidptr=0x5555568435d0) = 6353 [pid 6353] chdir("./1325") = 0 [pid 6353] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6353] setpgid(0, 0) = 0 [pid 6353] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6353] write(3, "1000", 4) = 4 [pid 6353] close(3) = 0 [pid 6353] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6353] memfd_create("syzkaller", 0) = 3 [pid 6353] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6353] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6353] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6353] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6353] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6353] close(3) = 0 [pid 6353] mkdir("./file0", 0777) = 0 [pid 6353] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6353] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6353] chdir("./file0") = 0 [pid 6353] ioctl(4, LOOP_CLR_FD) = 0 [pid 6353] close(4) = 0 [pid 6353] exit_group(0) = ? [pid 6353] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6353, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1325", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1325", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1325/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1325/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1325/binderfs") = 0 umount2("./1325/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1325/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1325/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1325/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1325/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1325/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1325") = 0 mkdir("./1326", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6354 ./strace-static-x86_64: Process 6354 attached [pid 6354] chdir("./1326") = 0 [pid 6354] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6354] setpgid(0, 0) = 0 [pid 6354] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6354] write(3, "1000", 4) = 4 [pid 6354] close(3) = 0 [pid 6354] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6354] memfd_create("syzkaller", 0) = 3 [pid 6354] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 154.346362][ T6353] loop0: detected capacity change from 0 to 4096 [ 154.354575][ T6353] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6354] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6354] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6354] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6354] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6354] close(3) = 0 [pid 6354] mkdir("./file0", 0777) = 0 [pid 6354] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6354] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6354] chdir("./file0") = 0 [pid 6354] ioctl(4, LOOP_CLR_FD) = 0 [pid 6354] close(4) = 0 [pid 6354] exit_group(0) = ? [pid 6354] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6354, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1326", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1326", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1326/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1326/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1326/binderfs") = 0 umount2("./1326/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1326/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1326/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1326/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1326/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1326/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1326") = 0 [ 154.424137][ T6354] loop0: detected capacity change from 0 to 4096 [ 154.433078][ T6354] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./1327", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6355 attached , child_tidptr=0x5555568435d0) = 6355 [pid 6355] chdir("./1327") = 0 [pid 6355] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6355] setpgid(0, 0) = 0 [pid 6355] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6355] write(3, "1000", 4) = 4 [pid 6355] close(3) = 0 [pid 6355] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6355] memfd_create("syzkaller", 0) = 3 [pid 6355] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6355] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6355] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6355] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6355] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6355] close(3) = 0 [pid 6355] mkdir("./file0", 0777) = 0 [pid 6355] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6355] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6355] chdir("./file0") = 0 [pid 6355] ioctl(4, LOOP_CLR_FD) = 0 [pid 6355] close(4) = 0 [pid 6355] exit_group(0) = ? [pid 6355] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6355, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1327", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1327", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1327/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1327/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1327/binderfs") = 0 umount2("./1327/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1327/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1327/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1327/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1327/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1327/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1327") = 0 mkdir("./1328", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 154.518703][ T6355] loop0: detected capacity change from 0 to 4096 [ 154.527204][ T6355] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6356 ./strace-static-x86_64: Process 6356 attached [pid 6356] chdir("./1328") = 0 [pid 6356] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6356] setpgid(0, 0) = 0 [pid 6356] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6356] write(3, "1000", 4) = 4 [pid 6356] close(3) = 0 [pid 6356] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6356] memfd_create("syzkaller", 0) = 3 [pid 6356] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6356] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6356] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6356] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6356] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6356] close(3) = 0 [pid 6356] mkdir("./file0", 0777) = 0 [pid 6356] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6356] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6356] chdir("./file0") = 0 [pid 6356] ioctl(4, LOOP_CLR_FD) = 0 [pid 6356] close(4) = 0 [pid 6356] exit_group(0) = ? [pid 6356] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6356, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1328", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1328", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1328/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1328/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1328/binderfs") = 0 umount2("./1328/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1328/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1328/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1328/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1328/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1328/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1328") = 0 mkdir("./1329", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6357 ./strace-static-x86_64: Process 6357 attached [pid 6357] chdir("./1329") = 0 [pid 6357] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6357] setpgid(0, 0) = 0 [pid 6357] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6357] write(3, "1000", 4) = 4 [pid 6357] close(3) = 0 [pid 6357] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6357] memfd_create("syzkaller", 0) = 3 [pid 6357] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 154.604586][ T6356] loop0: detected capacity change from 0 to 4096 [ 154.612819][ T6356] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6357] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6357] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6357] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6357] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6357] close(3) = 0 [pid 6357] mkdir("./file0", 0777) = 0 [pid 6357] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6357] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6357] chdir("./file0") = 0 [pid 6357] ioctl(4, LOOP_CLR_FD) = 0 [pid 6357] close(4) = 0 [pid 6357] exit_group(0) = ? [pid 6357] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6357, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1329", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1329", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1329/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1329/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1329/binderfs") = 0 umount2("./1329/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1329/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1329/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1329/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1329/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1329/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1329") = 0 mkdir("./1330", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 154.681960][ T6357] loop0: detected capacity change from 0 to 4096 [ 154.690834][ T6357] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6358 ./strace-static-x86_64: Process 6358 attached [pid 6358] chdir("./1330") = 0 [pid 6358] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6358] setpgid(0, 0) = 0 [pid 6358] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6358] write(3, "1000", 4) = 4 [pid 6358] close(3) = 0 [pid 6358] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6358] memfd_create("syzkaller", 0) = 3 [pid 6358] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6358] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6358] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6358] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6358] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6358] close(3) = 0 [pid 6358] mkdir("./file0", 0777) = 0 [pid 6358] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6358] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6358] chdir("./file0") = 0 [pid 6358] ioctl(4, LOOP_CLR_FD) = 0 [pid 6358] close(4) = 0 [pid 6358] exit_group(0) = ? [pid 6358] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6358, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1330", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1330", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1330/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1330/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1330/binderfs") = 0 umount2("./1330/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1330/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1330/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1330/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1330/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1330/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1330") = 0 mkdir("./1331", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6359 ./strace-static-x86_64: Process 6359 attached [pid 6359] chdir("./1331") = 0 [pid 6359] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6359] setpgid(0, 0) = 0 [pid 6359] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6359] write(3, "1000", 4) = 4 [pid 6359] close(3) = 0 [pid 6359] symlink("/dev/binderfs", "./binderfs") = 0 [ 154.771761][ T6358] loop0: detected capacity change from 0 to 4096 [ 154.780218][ T6358] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6359] memfd_create("syzkaller", 0) = 3 [pid 6359] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6359] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6359] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6359] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6359] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6359] close(3) = 0 [pid 6359] mkdir("./file0", 0777) = 0 [pid 6359] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6359] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6359] chdir("./file0") = 0 [pid 6359] ioctl(4, LOOP_CLR_FD) = 0 [pid 6359] close(4) = 0 [pid 6359] exit_group(0) = ? [pid 6359] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6359, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1331", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1331", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1331/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1331/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1331/binderfs") = 0 umount2("./1331/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1331/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1331/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1331/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1331/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1331/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1331") = 0 mkdir("./1332", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6360 ./strace-static-x86_64: Process 6360 attached [pid 6360] chdir("./1332") = 0 [ 154.850835][ T6359] loop0: detected capacity change from 0 to 4096 [ 154.859746][ T6359] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6360] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6360] setpgid(0, 0) = 0 [pid 6360] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6360] write(3, "1000", 4) = 4 [pid 6360] close(3) = 0 [pid 6360] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6360] memfd_create("syzkaller", 0) = 3 [pid 6360] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6360] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6360] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6360] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6360] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6360] close(3) = 0 [pid 6360] mkdir("./file0", 0777) = 0 [pid 6360] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6360] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6360] chdir("./file0") = 0 [pid 6360] ioctl(4, LOOP_CLR_FD) = 0 [pid 6360] close(4) = 0 [pid 6360] exit_group(0) = ? [pid 6360] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6360, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1332", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1332", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1332/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1332/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1332/binderfs") = 0 umount2("./1332/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1332/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1332/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1332/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1332/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1332/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1332") = 0 mkdir("./1333", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6361 ./strace-static-x86_64: Process 6361 attached [pid 6361] chdir("./1333") = 0 [pid 6361] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6361] setpgid(0, 0) = 0 [pid 6361] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6361] write(3, "1000", 4) = 4 [pid 6361] close(3) = 0 [pid 6361] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6361] memfd_create("syzkaller", 0) = 3 [pid 6361] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 154.947083][ T6360] loop0: detected capacity change from 0 to 4096 [ 154.955323][ T6360] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6361] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6361] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6361] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6361] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6361] close(3) = 0 [pid 6361] mkdir("./file0", 0777) = 0 [pid 6361] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6361] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6361] chdir("./file0") = 0 [pid 6361] ioctl(4, LOOP_CLR_FD) = 0 [pid 6361] close(4) = 0 [pid 6361] exit_group(0) = ? [pid 6361] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6361, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1333", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1333", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1333/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1333/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1333/binderfs") = 0 umount2("./1333/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1333/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1333/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1333/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1333/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1333/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1333") = 0 mkdir("./1334", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6362 ./strace-static-x86_64: Process 6362 attached [pid 6362] chdir("./1334") = 0 [pid 6362] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6362] setpgid(0, 0) = 0 [ 155.031123][ T6361] loop0: detected capacity change from 0 to 4096 [ 155.039681][ T6361] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6362] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6362] write(3, "1000", 4) = 4 [pid 6362] close(3) = 0 [pid 6362] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6362] memfd_create("syzkaller", 0) = 3 [pid 6362] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6362] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6362] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6362] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6362] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6362] close(3) = 0 [pid 6362] mkdir("./file0", 0777) = 0 [pid 6362] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6362] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6362] chdir("./file0") = 0 [pid 6362] ioctl(4, LOOP_CLR_FD) = 0 [pid 6362] close(4) = 0 [pid 6362] exit_group(0) = ? [pid 6362] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6362, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1334", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1334", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1334/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1334/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1334/binderfs") = 0 umount2("./1334/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1334/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1334/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1334/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1334/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1334/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1334") = 0 mkdir("./1335", 0777) = 0 [ 155.119511][ T6362] loop0: detected capacity change from 0 to 4096 [ 155.128393][ T6362] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6363 ./strace-static-x86_64: Process 6363 attached [pid 6363] chdir("./1335") = 0 [pid 6363] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6363] setpgid(0, 0) = 0 [pid 6363] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6363] write(3, "1000", 4) = 4 [pid 6363] close(3) = 0 [pid 6363] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6363] memfd_create("syzkaller", 0) = 3 [pid 6363] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6363] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6363] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6363] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6363] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6363] close(3) = 0 [pid 6363] mkdir("./file0", 0777) = 0 [pid 6363] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6363] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6363] chdir("./file0") = 0 [pid 6363] ioctl(4, LOOP_CLR_FD) = 0 [pid 6363] close(4) = 0 [pid 6363] exit_group(0) = ? [pid 6363] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6363, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1335", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1335", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1335/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1335/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1335/binderfs") = 0 umount2("./1335/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1335/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1335/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1335/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1335/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1335/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1335") = 0 mkdir("./1336", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 155.212939][ T6363] loop0: detected capacity change from 0 to 4096 [ 155.221315][ T6363] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6364 attached , child_tidptr=0x5555568435d0) = 6364 [pid 6364] chdir("./1336") = 0 [pid 6364] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6364] setpgid(0, 0) = 0 [pid 6364] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6364] write(3, "1000", 4) = 4 [pid 6364] close(3) = 0 [pid 6364] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6364] memfd_create("syzkaller", 0) = 3 [pid 6364] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6364] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6364] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6364] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6364] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6364] close(3) = 0 [pid 6364] mkdir("./file0", 0777) = 0 [pid 6364] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6364] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6364] chdir("./file0") = 0 [pid 6364] ioctl(4, LOOP_CLR_FD) = 0 [pid 6364] close(4) = 0 [pid 6364] exit_group(0) = ? [pid 6364] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6364, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1336", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1336", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1336/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1336/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1336/binderfs") = 0 umount2("./1336/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1336/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1336/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1336/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1336/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1336/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1336") = 0 mkdir("./1337", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6365 ./strace-static-x86_64: Process 6365 attached [pid 6365] chdir("./1337") = 0 [ 155.300655][ T6364] loop0: detected capacity change from 0 to 4096 [ 155.308921][ T6364] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6365] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6365] setpgid(0, 0) = 0 [pid 6365] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6365] write(3, "1000", 4) = 4 [pid 6365] close(3) = 0 [pid 6365] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6365] memfd_create("syzkaller", 0) = 3 [pid 6365] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6365] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6365] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6365] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6365] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6365] close(3) = 0 [pid 6365] mkdir("./file0", 0777) = 0 [pid 6365] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6365] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6365] chdir("./file0") = 0 [pid 6365] ioctl(4, LOOP_CLR_FD) = 0 [pid 6365] close(4) = 0 [pid 6365] exit_group(0) = ? [pid 6365] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6365, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1337", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1337", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1337/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1337/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1337/binderfs") = 0 umount2("./1337/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1337/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1337/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1337/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1337/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 [ 155.388891][ T6365] loop0: detected capacity change from 0 to 4096 [ 155.397804][ T6365] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). rmdir("./1337/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1337") = 0 mkdir("./1338", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6366 ./strace-static-x86_64: Process 6366 attached [pid 6366] chdir("./1338") = 0 [pid 6366] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6366] setpgid(0, 0) = 0 [pid 6366] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6366] write(3, "1000", 4) = 4 [pid 6366] close(3) = 0 [pid 6366] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6366] memfd_create("syzkaller", 0) = 3 [pid 6366] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6366] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6366] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6366] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6366] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6366] close(3) = 0 [pid 6366] mkdir("./file0", 0777) = 0 [pid 6366] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6366] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6366] chdir("./file0") = 0 [pid 6366] ioctl(4, LOOP_CLR_FD) = 0 [pid 6366] close(4) = 0 [pid 6366] exit_group(0) = ? [pid 6366] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6366, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1338", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1338", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1338/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1338/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1338/binderfs") = 0 umount2("./1338/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1338/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1338/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1338/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1338/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1338/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1338") = 0 mkdir("./1339", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6367 ./strace-static-x86_64: Process 6367 attached [pid 6367] chdir("./1339") = 0 [pid 6367] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6367] setpgid(0, 0) = 0 [ 155.485221][ T6366] loop0: detected capacity change from 0 to 4096 [ 155.494317][ T6366] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6367] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6367] write(3, "1000", 4) = 4 [pid 6367] close(3) = 0 [pid 6367] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6367] memfd_create("syzkaller", 0) = 3 [pid 6367] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6367] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6367] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6367] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6367] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6367] close(3) = 0 [pid 6367] mkdir("./file0", 0777) = 0 [pid 6367] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6367] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6367] chdir("./file0") = 0 [pid 6367] ioctl(4, LOOP_CLR_FD) = 0 [pid 6367] close(4) = 0 [pid 6367] exit_group(0) = ? [pid 6367] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6367, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1339", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1339", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1339/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1339/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1339/binderfs") = 0 umount2("./1339/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1339/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1339/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1339/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1339/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1339/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1339") = 0 mkdir("./1340", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 155.572285][ T6367] loop0: detected capacity change from 0 to 4096 [ 155.580821][ T6367] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6368 ./strace-static-x86_64: Process 6368 attached [pid 6368] chdir("./1340") = 0 [pid 6368] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6368] setpgid(0, 0) = 0 [pid 6368] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6368] write(3, "1000", 4) = 4 [pid 6368] close(3) = 0 [pid 6368] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6368] memfd_create("syzkaller", 0) = 3 [pid 6368] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6368] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6368] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6368] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6368] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6368] close(3) = 0 [pid 6368] mkdir("./file0", 0777) = 0 [pid 6368] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6368] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6368] chdir("./file0") = 0 [pid 6368] ioctl(4, LOOP_CLR_FD) = 0 [pid 6368] close(4) = 0 [pid 6368] exit_group(0) = ? [pid 6368] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6368, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1340", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1340", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1340/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1340/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1340/binderfs") = 0 umount2("./1340/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1340/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1340/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1340/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1340/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1340/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1340") = 0 mkdir("./1341", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6369 ./strace-static-x86_64: Process 6369 attached [pid 6369] chdir("./1341") = 0 [pid 6369] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6369] setpgid(0, 0) = 0 [pid 6369] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6369] write(3, "1000", 4) = 4 [pid 6369] close(3) = 0 [pid 6369] symlink("/dev/binderfs", "./binderfs") = 0 [ 155.658801][ T6368] loop0: detected capacity change from 0 to 4096 [ 155.667180][ T6368] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6369] memfd_create("syzkaller", 0) = 3 [pid 6369] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6369] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6369] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6369] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6369] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6369] close(3) = 0 [pid 6369] mkdir("./file0", 0777) = 0 [pid 6369] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6369] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6369] chdir("./file0") = 0 [pid 6369] ioctl(4, LOOP_CLR_FD) = 0 [pid 6369] close(4) = 0 [pid 6369] exit_group(0) = ? [pid 6369] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6369, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1341", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1341", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1341/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1341/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1341/binderfs") = 0 umount2("./1341/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1341/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1341/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1341/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1341/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1341/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1341") = 0 mkdir("./1342", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6370 ./strace-static-x86_64: Process 6370 attached [pid 6370] chdir("./1342") = 0 [pid 6370] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6370] setpgid(0, 0) = 0 [pid 6370] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6370] write(3, "1000", 4) = 4 [pid 6370] close(3) = 0 [pid 6370] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6370] memfd_create("syzkaller", 0) = 3 [pid 6370] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 155.740474][ T6369] loop0: detected capacity change from 0 to 4096 [ 155.748865][ T6369] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6370] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6370] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6370] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6370] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6370] close(3) = 0 [pid 6370] mkdir("./file0", 0777) = 0 [pid 6370] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6370] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6370] chdir("./file0") = 0 [pid 6370] ioctl(4, LOOP_CLR_FD) = 0 [pid 6370] close(4) = 0 [pid 6370] exit_group(0) = ? [pid 6370] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6370, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1342", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1342", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1342/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1342/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1342/binderfs") = 0 umount2("./1342/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1342/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1342/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1342/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1342/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1342/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1342") = 0 mkdir("./1343", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6371 ./strace-static-x86_64: Process 6371 attached [pid 6371] chdir("./1343") = 0 [pid 6371] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6371] setpgid(0, 0) = 0 [pid 6371] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6371] write(3, "1000", 4) = 4 [pid 6371] close(3) = 0 [pid 6371] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6371] memfd_create("syzkaller", 0) = 3 [pid 6371] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 155.823045][ T6370] loop0: detected capacity change from 0 to 4096 [ 155.831219][ T6370] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6371] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6371] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6371] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6371] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6371] close(3) = 0 [pid 6371] mkdir("./file0", 0777) = 0 [pid 6371] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6371] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6371] chdir("./file0") = 0 [pid 6371] ioctl(4, LOOP_CLR_FD) = 0 [pid 6371] close(4) = 0 [pid 6371] exit_group(0) = ? [pid 6371] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6371, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1343", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1343", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1343/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1343/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1343/binderfs") = 0 umount2("./1343/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1343/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1343/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1343/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1343/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1343/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1343") = 0 mkdir("./1344", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6372 ./strace-static-x86_64: Process 6372 attached [pid 6372] chdir("./1344") = 0 [pid 6372] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6372] setpgid(0, 0) = 0 [pid 6372] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6372] write(3, "1000", 4) = 4 [pid 6372] close(3) = 0 [ 155.898052][ T6371] loop0: detected capacity change from 0 to 4096 [ 155.906700][ T6371] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6372] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6372] memfd_create("syzkaller", 0) = 3 [pid 6372] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6372] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6372] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6372] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6372] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6372] close(3) = 0 [pid 6372] mkdir("./file0", 0777) = 0 [pid 6372] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6372] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6372] chdir("./file0") = 0 [pid 6372] ioctl(4, LOOP_CLR_FD) = 0 [pid 6372] close(4) = 0 [pid 6372] exit_group(0) = ? [pid 6372] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6372, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1344", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1344", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1344/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1344/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1344/binderfs") = 0 umount2("./1344/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1344/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1344/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1344/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1344/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1344/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1344") = 0 mkdir("./1345", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6373 ./strace-static-x86_64: Process 6373 attached [pid 6373] chdir("./1345") = 0 [pid 6373] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6373] setpgid(0, 0) = 0 [pid 6373] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6373] write(3, "1000", 4) = 4 [pid 6373] close(3) = 0 [pid 6373] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6373] memfd_create("syzkaller", 0) = 3 [pid 6373] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 155.983276][ T6372] loop0: detected capacity change from 0 to 4096 [ 155.991607][ T6372] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6373] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6373] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6373] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6373] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6373] close(3) = 0 [pid 6373] mkdir("./file0", 0777) = 0 [pid 6373] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6373] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6373] chdir("./file0") = 0 [pid 6373] ioctl(4, LOOP_CLR_FD) = 0 [pid 6373] close(4) = 0 [pid 6373] exit_group(0) = ? [pid 6373] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6373, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1345", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1345", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1345/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1345/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1345/binderfs") = 0 umount2("./1345/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1345/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1345/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1345/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1345/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1345/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1345") = 0 mkdir("./1346", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 156.062658][ T6373] loop0: detected capacity change from 0 to 4096 [ 156.071201][ T6373] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6374 ./strace-static-x86_64: Process 6374 attached [pid 6374] chdir("./1346") = 0 [pid 6374] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6374] setpgid(0, 0) = 0 [pid 6374] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6374] write(3, "1000", 4) = 4 [pid 6374] close(3) = 0 [pid 6374] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6374] memfd_create("syzkaller", 0) = 3 [pid 6374] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6374] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6374] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6374] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6374] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6374] close(3) = 0 [pid 6374] mkdir("./file0", 0777) = 0 [pid 6374] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6374] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6374] chdir("./file0") = 0 [pid 6374] ioctl(4, LOOP_CLR_FD) = 0 [pid 6374] close(4) = 0 [pid 6374] exit_group(0) = ? [pid 6374] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6374, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1346", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1346", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1346/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1346/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1346/binderfs") = 0 umount2("./1346/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1346/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1346/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1346/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1346/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1346/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1346") = 0 mkdir("./1347", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 156.154260][ T6374] loop0: detected capacity change from 0 to 4096 [ 156.162875][ T6374] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6375 attached [pid 6375] chdir("./1347") = 0 [pid 6375] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6375] setpgid(0, 0 [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 6375 [pid 6375] <... setpgid resumed>) = 0 [pid 6375] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6375] write(3, "1000", 4) = 4 [pid 6375] close(3) = 0 [pid 6375] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6375] memfd_create("syzkaller", 0) = 3 [pid 6375] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6375] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6375] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6375] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6375] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6375] close(3) = 0 [pid 6375] mkdir("./file0", 0777) = 0 [pid 6375] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6375] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6375] chdir("./file0") = 0 [pid 6375] ioctl(4, LOOP_CLR_FD) = 0 [pid 6375] close(4) = 0 [pid 6375] exit_group(0) = ? [pid 6375] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6375, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1347", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1347", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1347/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1347/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1347/binderfs") = 0 umount2("./1347/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1347/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1347/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1347/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1347/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1347/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1347") = 0 mkdir("./1348", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6376 ./strace-static-x86_64: Process 6376 attached [pid 6376] chdir("./1348") = 0 [pid 6376] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6376] setpgid(0, 0) = 0 [pid 6376] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6376] write(3, "1000", 4) = 4 [pid 6376] close(3) = 0 [pid 6376] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6376] memfd_create("syzkaller", 0) = 3 [pid 6376] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 156.247126][ T6375] loop0: detected capacity change from 0 to 4096 [ 156.255456][ T6375] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6376] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6376] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6376] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6376] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6376] close(3) = 0 [pid 6376] mkdir("./file0", 0777) = 0 [pid 6376] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6376] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6376] chdir("./file0") = 0 [pid 6376] ioctl(4, LOOP_CLR_FD) = 0 [pid 6376] close(4) = 0 [pid 6376] exit_group(0) = ? [pid 6376] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6376, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1348", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1348", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1348/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1348/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1348/binderfs") = 0 umount2("./1348/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1348/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1348/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1348/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1348/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1348/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1348") = 0 mkdir("./1349", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 156.331196][ T6376] loop0: detected capacity change from 0 to 4096 [ 156.340235][ T6376] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6377 ./strace-static-x86_64: Process 6377 attached [pid 6377] chdir("./1349") = 0 [pid 6377] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6377] setpgid(0, 0) = 0 [pid 6377] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6377] write(3, "1000", 4) = 4 [pid 6377] close(3) = 0 [pid 6377] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6377] memfd_create("syzkaller", 0) = 3 [pid 6377] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6377] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6377] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6377] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6377] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6377] close(3) = 0 [pid 6377] mkdir("./file0", 0777) = 0 [pid 6377] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6377] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6377] chdir("./file0") = 0 [pid 6377] ioctl(4, LOOP_CLR_FD) = 0 [pid 6377] close(4) = 0 [pid 6377] exit_group(0) = ? [pid 6377] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6377, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1349", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1349", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1349/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1349/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1349/binderfs") = 0 umount2("./1349/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1349/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1349/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1349/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1349/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1349/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1349") = 0 mkdir("./1350", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6378 ./strace-static-x86_64: Process 6378 attached [pid 6378] chdir("./1350") = 0 [pid 6378] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6378] setpgid(0, 0) = 0 [pid 6378] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6378] write(3, "1000", 4) = 4 [pid 6378] close(3) = 0 [pid 6378] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6378] memfd_create("syzkaller", 0) = 3 [pid 6378] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 156.417320][ T6377] loop0: detected capacity change from 0 to 4096 [ 156.425648][ T6377] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6378] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6378] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6378] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6378] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6378] close(3) = 0 [pid 6378] mkdir("./file0", 0777) = 0 [pid 6378] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6378] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6378] chdir("./file0") = 0 [pid 6378] ioctl(4, LOOP_CLR_FD) = 0 [pid 6378] close(4) = 0 [pid 6378] exit_group(0) = ? [pid 6378] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6378, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1350", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1350", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1350/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1350/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1350/binderfs") = 0 umount2("./1350/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1350/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1350/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1350/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1350/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1350/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1350") = 0 mkdir("./1351", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6379 ./strace-static-x86_64: Process 6379 attached [pid 6379] chdir("./1351") = 0 [pid 6379] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6379] setpgid(0, 0) = 0 [pid 6379] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6379] write(3, "1000", 4) = 4 [pid 6379] close(3) = 0 [pid 6379] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6379] memfd_create("syzkaller", 0) = 3 [pid 6379] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 156.492781][ T6378] loop0: detected capacity change from 0 to 4096 [ 156.502102][ T6378] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6379] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6379] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6379] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6379] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6379] close(3) = 0 [pid 6379] mkdir("./file0", 0777) = 0 [pid 6379] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6379] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6379] chdir("./file0") = 0 [pid 6379] ioctl(4, LOOP_CLR_FD) = 0 [pid 6379] close(4) = 0 [pid 6379] exit_group(0) = ? [pid 6379] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6379, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- umount2("./1351", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1351", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1351/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1351/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1351/binderfs") = 0 umount2("./1351/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1351/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1351/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1351/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1351/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 [ 156.570440][ T6379] loop0: detected capacity change from 0 to 4096 [ 156.579787][ T6379] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(4) = 0 rmdir("./1351/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1351") = 0 mkdir("./1352", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6380 ./strace-static-x86_64: Process 6380 attached [pid 6380] chdir("./1352") = 0 [pid 6380] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6380] setpgid(0, 0) = 0 [pid 6380] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6380] write(3, "1000", 4) = 4 [pid 6380] close(3) = 0 [pid 6380] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6380] memfd_create("syzkaller", 0) = 3 [pid 6380] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6380] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6380] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6380] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6380] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6380] close(3) = 0 [pid 6380] mkdir("./file0", 0777) = 0 [pid 6380] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6380] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6380] chdir("./file0") = 0 [pid 6380] ioctl(4, LOOP_CLR_FD) = 0 [pid 6380] close(4) = 0 [pid 6380] exit_group(0) = ? [pid 6380] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6380, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1352", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1352", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1352/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1352/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1352/binderfs") = 0 umount2("./1352/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1352/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1352/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1352/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1352/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1352/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1352") = 0 mkdir("./1353", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6381 attached [pid 6381] chdir("./1353") = 0 [pid 6381] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6381] setpgid(0, 0) = 0 [pid 6381] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 6381 [pid 6381] <... openat resumed>) = 3 [pid 6381] write(3, "1000", 4) = 4 [pid 6381] close(3) = 0 [pid 6381] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6381] memfd_create("syzkaller", 0) = 3 [pid 6381] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 156.667477][ T6380] loop0: detected capacity change from 0 to 4096 [ 156.676812][ T6380] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6381] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6381] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6381] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6381] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6381] close(3) = 0 [pid 6381] mkdir("./file0", 0777) = 0 [pid 6381] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6381] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6381] chdir("./file0") = 0 [pid 6381] ioctl(4, LOOP_CLR_FD) = 0 [pid 6381] close(4) = 0 [pid 6381] exit_group(0) = ? [pid 6381] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6381, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1353", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1353", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1353/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1353/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1353/binderfs") = 0 umount2("./1353/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1353/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1353/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1353/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1353/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1353/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 [ 156.745813][ T6381] loop0: detected capacity change from 0 to 4096 [ 156.754669][ T6381] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 rmdir("./1353") = 0 mkdir("./1354", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6382 attached , child_tidptr=0x5555568435d0) = 6382 [pid 6382] chdir("./1354") = 0 [pid 6382] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6382] setpgid(0, 0) = 0 [pid 6382] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6382] write(3, "1000", 4) = 4 [pid 6382] close(3) = 0 [pid 6382] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6382] memfd_create("syzkaller", 0) = 3 [pid 6382] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6382] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6382] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6382] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6382] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6382] close(3) = 0 [pid 6382] mkdir("./file0", 0777) = 0 [pid 6382] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6382] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6382] chdir("./file0") = 0 [pid 6382] ioctl(4, LOOP_CLR_FD) = 0 [pid 6382] close(4) = 0 [pid 6382] exit_group(0) = ? [pid 6382] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6382, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1354", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1354", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1354/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1354/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1354/binderfs") = 0 umount2("./1354/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1354/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1354/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1354/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1354/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1354/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1354") = 0 mkdir("./1355", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6383 ./strace-static-x86_64: Process 6383 attached [pid 6383] chdir("./1355") = 0 [pid 6383] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6383] setpgid(0, 0) = 0 [pid 6383] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6383] write(3, "1000", 4) = 4 [pid 6383] close(3) = 0 [pid 6383] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6383] memfd_create("syzkaller", 0) = 3 [ 156.837183][ T6382] loop0: detected capacity change from 0 to 4096 [ 156.845396][ T6382] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6383] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6383] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6383] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6383] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6383] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6383] close(3) = 0 [pid 6383] mkdir("./file0", 0777) = 0 [pid 6383] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6383] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6383] chdir("./file0") = 0 [pid 6383] ioctl(4, LOOP_CLR_FD) = 0 [pid 6383] close(4) = 0 [pid 6383] exit_group(0) = ? [pid 6383] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6383, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1355", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1355", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1355/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1355/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1355/binderfs") = 0 umount2("./1355/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1355/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1355/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1355/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1355/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1355/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1355") = 0 mkdir("./1356", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6384 ./strace-static-x86_64: Process 6384 attached [pid 6384] chdir("./1356") = 0 [pid 6384] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6384] setpgid(0, 0) = 0 [pid 6384] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6384] write(3, "1000", 4) = 4 [pid 6384] close(3) = 0 [pid 6384] symlink("/dev/binderfs", "./binderfs") = 0 [ 156.917234][ T6383] loop0: detected capacity change from 0 to 4096 [ 156.925775][ T6383] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6384] memfd_create("syzkaller", 0) = 3 [pid 6384] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6384] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6384] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6384] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6384] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6384] close(3) = 0 [pid 6384] mkdir("./file0", 0777) = 0 [pid 6384] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6384] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6384] chdir("./file0") = 0 [pid 6384] ioctl(4, LOOP_CLR_FD) = 0 [pid 6384] close(4) = 0 [pid 6384] exit_group(0) = ? [pid 6384] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6384, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1356", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1356", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1356/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1356/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1356/binderfs") = 0 umount2("./1356/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1356/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1356/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1356/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1356/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1356/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1356") = 0 mkdir("./1357", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6385 ./strace-static-x86_64: Process 6385 attached [ 157.003312][ T6384] loop0: detected capacity change from 0 to 4096 [ 157.012097][ T6384] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6385] chdir("./1357") = 0 [pid 6385] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6385] setpgid(0, 0) = 0 [pid 6385] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6385] write(3, "1000", 4) = 4 [pid 6385] close(3) = 0 [pid 6385] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6385] memfd_create("syzkaller", 0) = 3 [pid 6385] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6385] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6385] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6385] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6385] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6385] close(3) = 0 [pid 6385] mkdir("./file0", 0777) = 0 [pid 6385] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6385] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6385] chdir("./file0") = 0 [pid 6385] ioctl(4, LOOP_CLR_FD) = 0 [pid 6385] close(4) = 0 [pid 6385] exit_group(0) = ? [pid 6385] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6385, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1357", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1357", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1357/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1357/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1357/binderfs") = 0 umount2("./1357/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1357/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1357/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1357/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1357/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1357/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1357") = 0 mkdir("./1358", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 157.091319][ T6385] loop0: detected capacity change from 0 to 4096 [ 157.099710][ T6385] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6386 attached , child_tidptr=0x5555568435d0) = 6386 [pid 6386] chdir("./1358") = 0 [pid 6386] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6386] setpgid(0, 0) = 0 [pid 6386] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6386] write(3, "1000", 4) = 4 [pid 6386] close(3) = 0 [pid 6386] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6386] memfd_create("syzkaller", 0) = 3 [pid 6386] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6386] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6386] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6386] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6386] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6386] close(3) = 0 [pid 6386] mkdir("./file0", 0777) = 0 [pid 6386] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6386] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6386] chdir("./file0") = 0 [pid 6386] ioctl(4, LOOP_CLR_FD) = 0 [pid 6386] close(4) = 0 [pid 6386] exit_group(0) = ? [pid 6386] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6386, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1358", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1358", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1358/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1358/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1358/binderfs") = 0 umount2("./1358/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1358/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1358/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1358/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1358/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1358/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1358") = 0 mkdir("./1359", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6387 ./strace-static-x86_64: Process 6387 attached [pid 6387] chdir("./1359") = 0 [pid 6387] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6387] setpgid(0, 0) = 0 [pid 6387] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6387] write(3, "1000", 4) = 4 [pid 6387] close(3) = 0 [pid 6387] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6387] memfd_create("syzkaller", 0) = 3 [pid 6387] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 157.180755][ T6386] loop0: detected capacity change from 0 to 4096 [ 157.189620][ T6386] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6387] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6387] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6387] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6387] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6387] close(3) = 0 [pid 6387] mkdir("./file0", 0777) = 0 [pid 6387] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6387] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6387] chdir("./file0") = 0 [pid 6387] ioctl(4, LOOP_CLR_FD) = 0 [pid 6387] close(4) = 0 [pid 6387] exit_group(0) = ? [pid 6387] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6387, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- umount2("./1359", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1359", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1359/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1359/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1359/binderfs") = 0 umount2("./1359/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1359/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1359/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1359/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1359/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1359/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1359") = 0 mkdir("./1360", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6388 ./strace-static-x86_64: Process 6388 attached [pid 6388] chdir("./1360") = 0 [pid 6388] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6388] setpgid(0, 0) = 0 [pid 6388] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6388] write(3, "1000", 4) = 4 [pid 6388] close(3) = 0 [pid 6388] symlink("/dev/binderfs", "./binderfs") = 0 [ 157.264091][ T6387] loop0: detected capacity change from 0 to 4096 [ 157.272902][ T6387] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6388] memfd_create("syzkaller", 0) = 3 [pid 6388] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6388] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6388] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6388] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6388] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6388] close(3) = 0 [pid 6388] mkdir("./file0", 0777) = 0 [pid 6388] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6388] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6388] chdir("./file0") = 0 [pid 6388] ioctl(4, LOOP_CLR_FD) = 0 [pid 6388] close(4) = 0 [pid 6388] exit_group(0) = ? [pid 6388] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6388, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1360", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1360", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1360/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1360/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1360/binderfs") = 0 umount2("./1360/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1360/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1360/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1360/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1360/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1360/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1360") = 0 mkdir("./1361", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 157.347620][ T6388] loop0: detected capacity change from 0 to 4096 [ 157.356388][ T6388] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6389 attached , child_tidptr=0x5555568435d0) = 6389 [pid 6389] chdir("./1361") = 0 [pid 6389] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6389] setpgid(0, 0) = 0 [pid 6389] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6389] write(3, "1000", 4) = 4 [pid 6389] close(3) = 0 [pid 6389] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6389] memfd_create("syzkaller", 0) = 3 [pid 6389] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6389] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6389] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6389] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6389] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6389] close(3) = 0 [pid 6389] mkdir("./file0", 0777) = 0 [pid 6389] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6389] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6389] chdir("./file0") = 0 [pid 6389] ioctl(4, LOOP_CLR_FD) = 0 [pid 6389] close(4) = 0 [pid 6389] exit_group(0) = ? [pid 6389] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6389, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1361", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1361", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1361/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1361/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1361/binderfs") = 0 umount2("./1361/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1361/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1361/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1361/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1361/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1361/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1361") = 0 mkdir("./1362", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6390 ./strace-static-x86_64: Process 6390 attached [ 157.438355][ T6389] loop0: detected capacity change from 0 to 4096 [ 157.447257][ T6389] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6390] chdir("./1362") = 0 [pid 6390] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6390] setpgid(0, 0) = 0 [pid 6390] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6390] write(3, "1000", 4) = 4 [pid 6390] close(3) = 0 [pid 6390] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6390] memfd_create("syzkaller", 0) = 3 [pid 6390] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6390] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6390] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6390] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6390] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6390] close(3) = 0 [pid 6390] mkdir("./file0", 0777) = 0 [pid 6390] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6390] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6390] chdir("./file0") = 0 [pid 6390] ioctl(4, LOOP_CLR_FD) = 0 [pid 6390] close(4) = 0 [pid 6390] exit_group(0) = ? [pid 6390] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6390, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1362", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1362", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1362/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1362/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1362/binderfs") = 0 umount2("./1362/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1362/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1362/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1362/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1362/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1362/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1362") = 0 mkdir("./1363", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6391 ./strace-static-x86_64: Process 6391 attached [pid 6391] chdir("./1363") = 0 [pid 6391] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6391] setpgid(0, 0) = 0 [pid 6391] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6391] write(3, "1000", 4) = 4 [pid 6391] close(3) = 0 [pid 6391] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6391] memfd_create("syzkaller", 0) = 3 [pid 6391] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 157.525081][ T6390] loop0: detected capacity change from 0 to 4096 [ 157.534037][ T6390] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6391] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6391] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6391] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6391] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6391] close(3) = 0 [pid 6391] mkdir("./file0", 0777) = 0 [pid 6391] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6391] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6391] chdir("./file0") = 0 [pid 6391] ioctl(4, LOOP_CLR_FD) = 0 [pid 6391] close(4) = 0 [pid 6391] exit_group(0) = ? [pid 6391] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6391, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1363", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1363", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1363/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1363/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1363/binderfs") = 0 umount2("./1363/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1363/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1363/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1363/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1363/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1363/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1363") = 0 mkdir("./1364", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6392 ./strace-static-x86_64: Process 6392 attached [pid 6392] chdir("./1364") = 0 [pid 6392] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6392] setpgid(0, 0) = 0 [pid 6392] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6392] write(3, "1000", 4) = 4 [pid 6392] close(3) = 0 [pid 6392] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6392] memfd_create("syzkaller", 0) = 3 [pid 6392] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 157.608574][ T6391] loop0: detected capacity change from 0 to 4096 [ 157.616819][ T6391] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6392] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6392] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6392] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6392] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6392] close(3) = 0 [pid 6392] mkdir("./file0", 0777) = 0 [pid 6392] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6392] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6392] chdir("./file0") = 0 [pid 6392] ioctl(4, LOOP_CLR_FD) = 0 [pid 6392] close(4) = 0 [pid 6392] exit_group(0) = ? [pid 6392] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6392, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1364", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1364", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1364/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1364/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1364/binderfs") = 0 umount2("./1364/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1364/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1364/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1364/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1364/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1364/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1364") = 0 mkdir("./1365", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 157.687252][ T6392] loop0: detected capacity change from 0 to 4096 [ 157.695427][ T6392] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6393 ./strace-static-x86_64: Process 6393 attached [pid 6393] chdir("./1365") = 0 [pid 6393] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6393] setpgid(0, 0) = 0 [pid 6393] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6393] write(3, "1000", 4) = 4 [pid 6393] close(3) = 0 [pid 6393] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6393] memfd_create("syzkaller", 0) = 3 [pid 6393] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6393] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6393] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6393] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6393] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6393] close(3) = 0 [pid 6393] mkdir("./file0", 0777) = 0 [pid 6393] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6393] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6393] chdir("./file0") = 0 [pid 6393] ioctl(4, LOOP_CLR_FD) = 0 [pid 6393] close(4) = 0 [pid 6393] exit_group(0) = ? [pid 6393] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6393, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1365", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1365", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1365/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1365/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1365/binderfs") = 0 umount2("./1365/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1365/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1365/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1365/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1365/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1365/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1365") = 0 mkdir("./1366", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6394 ./strace-static-x86_64: Process 6394 attached [pid 6394] chdir("./1366") = 0 [pid 6394] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6394] setpgid(0, 0) = 0 [pid 6394] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6394] write(3, "1000", 4) = 4 [pid 6394] close(3) = 0 [pid 6394] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6394] memfd_create("syzkaller", 0) = 3 [pid 6394] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 157.771932][ T6393] loop0: detected capacity change from 0 to 4096 [ 157.780884][ T6393] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6394] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6394] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6394] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6394] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6394] close(3) = 0 [pid 6394] mkdir("./file0", 0777) = 0 [pid 6394] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6394] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6394] chdir("./file0") = 0 [pid 6394] ioctl(4, LOOP_CLR_FD) = 0 [pid 6394] close(4) = 0 [pid 6394] exit_group(0) = ? [pid 6394] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6394, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1366", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1366", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1366/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1366/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1366/binderfs") = 0 umount2("./1366/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1366/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1366/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1366/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1366/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1366/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1366") = 0 mkdir("./1367", 0777) = 0 [ 157.854006][ T6394] loop0: detected capacity change from 0 to 4096 [ 157.863069][ T6394] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6395 ./strace-static-x86_64: Process 6395 attached [pid 6395] chdir("./1367") = 0 [pid 6395] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6395] setpgid(0, 0) = 0 [pid 6395] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6395] write(3, "1000", 4) = 4 [pid 6395] close(3) = 0 [pid 6395] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6395] memfd_create("syzkaller", 0) = 3 [pid 6395] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6395] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6395] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6395] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6395] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6395] close(3) = 0 [pid 6395] mkdir("./file0", 0777) = 0 [pid 6395] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6395] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6395] chdir("./file0") = 0 [pid 6395] ioctl(4, LOOP_CLR_FD) = 0 [pid 6395] close(4) = 0 [pid 6395] exit_group(0) = ? [pid 6395] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6395, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1367", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1367", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1367/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1367/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1367/binderfs") = 0 umount2("./1367/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1367/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1367/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1367/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1367/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1367/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1367") = 0 mkdir("./1368", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6396 ./strace-static-x86_64: Process 6396 attached [pid 6396] chdir("./1368") = 0 [pid 6396] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6396] setpgid(0, 0) = 0 [pid 6396] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6396] write(3, "1000", 4) = 4 [pid 6396] close(3) = 0 [pid 6396] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6396] memfd_create("syzkaller", 0) = 3 [pid 6396] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 157.945482][ T6395] loop0: detected capacity change from 0 to 4096 [ 157.954098][ T6395] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6396] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6396] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6396] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6396] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6396] close(3) = 0 [pid 6396] mkdir("./file0", 0777) = 0 [pid 6396] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6396] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6396] chdir("./file0") = 0 [pid 6396] ioctl(4, LOOP_CLR_FD) = 0 [pid 6396] close(4) = 0 [pid 6396] exit_group(0) = ? [pid 6396] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6396, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1368", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1368", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1368/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1368/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1368/binderfs") = 0 umount2("./1368/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1368/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1368/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1368/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1368/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1368/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1368") = 0 mkdir("./1369", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6397 ./strace-static-x86_64: Process 6397 attached [pid 6397] chdir("./1369") = 0 [pid 6397] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6397] setpgid(0, 0) = 0 [pid 6397] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6397] write(3, "1000", 4) = 4 [pid 6397] close(3) = 0 [pid 6397] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6397] memfd_create("syzkaller", 0) = 3 [pid 6397] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 158.031146][ T6396] loop0: detected capacity change from 0 to 4096 [ 158.040481][ T6396] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6397] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6397] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6397] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6397] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6397] close(3) = 0 [pid 6397] mkdir("./file0", 0777) = 0 [pid 6397] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6397] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6397] chdir("./file0") = 0 [pid 6397] ioctl(4, LOOP_CLR_FD) = 0 [pid 6397] close(4) = 0 [pid 6397] exit_group(0) = ? [pid 6397] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6397, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1369", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1369", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1369/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1369/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1369/binderfs") = 0 umount2("./1369/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1369/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1369/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1369/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1369/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1369/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1369") = 0 mkdir("./1370", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6398 ./strace-static-x86_64: Process 6398 attached [pid 6398] chdir("./1370") = 0 [pid 6398] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6398] setpgid(0, 0) = 0 [pid 6398] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6398] write(3, "1000", 4) = 4 [pid 6398] close(3) = 0 [pid 6398] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6398] memfd_create("syzkaller", 0) = 3 [pid 6398] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 158.109400][ T6397] loop0: detected capacity change from 0 to 4096 [ 158.118627][ T6397] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6398] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6398] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6398] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6398] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6398] close(3) = 0 [pid 6398] mkdir("./file0", 0777) = 0 [pid 6398] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6398] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6398] chdir("./file0") = 0 [pid 6398] ioctl(4, LOOP_CLR_FD) = 0 [pid 6398] close(4) = 0 [pid 6398] exit_group(0) = ? [pid 6398] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6398, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1370", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1370", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1370/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1370/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1370/binderfs") = 0 umount2("./1370/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1370/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1370/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1370/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1370/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1370/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1370") = 0 mkdir("./1371", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6399 ./strace-static-x86_64: Process 6399 attached [pid 6399] chdir("./1371") = 0 [pid 6399] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6399] setpgid(0, 0) = 0 [pid 6399] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 158.190888][ T6398] loop0: detected capacity change from 0 to 4096 [ 158.200179][ T6398] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6399] write(3, "1000", 4) = 4 [pid 6399] close(3) = 0 [pid 6399] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6399] memfd_create("syzkaller", 0) = 3 [pid 6399] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6399] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6399] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6399] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6399] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6399] close(3) = 0 [pid 6399] mkdir("./file0", 0777) = 0 [pid 6399] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6399] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6399] chdir("./file0") = 0 [pid 6399] ioctl(4, LOOP_CLR_FD) = 0 [pid 6399] close(4) = 0 [pid 6399] exit_group(0) = ? [pid 6399] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6399, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1371", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1371", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1371/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1371/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1371/binderfs") = 0 umount2("./1371/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1371/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1371/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1371/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1371/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1371/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1371") = 0 mkdir("./1372", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 158.274378][ T6399] loop0: detected capacity change from 0 to 4096 [ 158.284139][ T6399] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6400 ./strace-static-x86_64: Process 6400 attached [pid 6400] chdir("./1372") = 0 [pid 6400] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6400] setpgid(0, 0) = 0 [pid 6400] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6400] write(3, "1000", 4) = 4 [pid 6400] close(3) = 0 [pid 6400] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6400] memfd_create("syzkaller", 0) = 3 [pid 6400] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6400] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6400] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6400] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6400] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6400] close(3) = 0 [pid 6400] mkdir("./file0", 0777) = 0 [pid 6400] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6400] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6400] chdir("./file0") = 0 [pid 6400] ioctl(4, LOOP_CLR_FD) = 0 [pid 6400] close(4) = 0 [pid 6400] exit_group(0) = ? [pid 6400] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6400, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1372", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1372", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1372/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1372/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1372/binderfs") = 0 umount2("./1372/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1372/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1372/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1372/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1372/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1372/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1372") = 0 mkdir("./1373", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6401 ./strace-static-x86_64: Process 6401 attached [pid 6401] chdir("./1373") = 0 [pid 6401] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6401] setpgid(0, 0) = 0 [pid 6401] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6401] write(3, "1000", 4) = 4 [pid 6401] close(3) = 0 [pid 6401] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6401] memfd_create("syzkaller", 0) = 3 [pid 6401] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 158.365824][ T6400] loop0: detected capacity change from 0 to 4096 [ 158.374550][ T6400] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6401] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6401] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6401] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6401] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6401] close(3) = 0 [pid 6401] mkdir("./file0", 0777) = 0 [pid 6401] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6401] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6401] chdir("./file0") = 0 [pid 6401] ioctl(4, LOOP_CLR_FD) = 0 [pid 6401] close(4) = 0 [pid 6401] exit_group(0) = ? [pid 6401] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6401, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1373", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1373", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1373/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1373/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1373/binderfs") = 0 umount2("./1373/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1373/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1373/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1373/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1373/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1373/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1373") = 0 mkdir("./1374", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6402 ./strace-static-x86_64: Process 6402 attached [pid 6402] chdir("./1374") = 0 [pid 6402] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6402] setpgid(0, 0) = 0 [pid 6402] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6402] write(3, "1000", 4) = 4 [pid 6402] close(3) = 0 [pid 6402] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6402] memfd_create("syzkaller", 0) = 3 [pid 6402] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 158.441924][ T6401] loop0: detected capacity change from 0 to 4096 [ 158.450716][ T6401] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6402] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6402] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6402] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6402] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6402] close(3) = 0 [pid 6402] mkdir("./file0", 0777) = 0 [pid 6402] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6402] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6402] chdir("./file0") = 0 [pid 6402] ioctl(4, LOOP_CLR_FD) = 0 [pid 6402] close(4) = 0 [pid 6402] exit_group(0) = ? [pid 6402] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6402, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1374", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1374", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1374/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1374/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1374/binderfs") = 0 umount2("./1374/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1374/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1374/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1374/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1374/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1374/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1374") = 0 mkdir("./1375", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6403 ./strace-static-x86_64: Process 6403 attached [pid 6403] chdir("./1375") = 0 [pid 6403] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6403] setpgid(0, 0) = 0 [ 158.522043][ T6402] loop0: detected capacity change from 0 to 4096 [ 158.531336][ T6402] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6403] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6403] write(3, "1000", 4) = 4 [pid 6403] close(3) = 0 [pid 6403] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6403] memfd_create("syzkaller", 0) = 3 [pid 6403] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6403] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6403] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6403] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6403] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6403] close(3) = 0 [pid 6403] mkdir("./file0", 0777) = 0 [pid 6403] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6403] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6403] chdir("./file0") = 0 [pid 6403] ioctl(4, LOOP_CLR_FD) = 0 [pid 6403] close(4) = 0 [pid 6403] exit_group(0) = ? [pid 6403] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6403, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1375", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1375", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1375/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1375/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1375/binderfs") = 0 umount2("./1375/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1375/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1375/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1375/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1375/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1375/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1375") = 0 mkdir("./1376", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 158.605384][ T6403] loop0: detected capacity change from 0 to 4096 [ 158.614971][ T6403] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6404 ./strace-static-x86_64: Process 6404 attached [pid 6404] chdir("./1376") = 0 [pid 6404] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6404] setpgid(0, 0) = 0 [pid 6404] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6404] write(3, "1000", 4) = 4 [pid 6404] close(3) = 0 [pid 6404] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6404] memfd_create("syzkaller", 0) = 3 [pid 6404] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6404] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6404] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6404] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6404] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6404] close(3) = 0 [pid 6404] mkdir("./file0", 0777) = 0 [pid 6404] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6404] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6404] chdir("./file0") = 0 [pid 6404] ioctl(4, LOOP_CLR_FD) = 0 [pid 6404] close(4) = 0 [pid 6404] exit_group(0) = ? [pid 6404] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6404, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1376", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1376", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1376/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1376/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1376/binderfs") = 0 umount2("./1376/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1376/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1376/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1376/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1376/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1376/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1376") = 0 mkdir("./1377", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6405 ./strace-static-x86_64: Process 6405 attached [pid 6405] chdir("./1377") = 0 [pid 6405] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6405] setpgid(0, 0) = 0 [pid 6405] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6405] write(3, "1000", 4) = 4 [pid 6405] close(3) = 0 [pid 6405] symlink("/dev/binderfs", "./binderfs") = 0 [ 158.700229][ T6404] loop0: detected capacity change from 0 to 4096 [ 158.708863][ T6404] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6405] memfd_create("syzkaller", 0) = 3 [pid 6405] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6405] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6405] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6405] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6405] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6405] close(3) = 0 [pid 6405] mkdir("./file0", 0777) = 0 [pid 6405] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6405] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6405] chdir("./file0") = 0 [pid 6405] ioctl(4, LOOP_CLR_FD) = 0 [pid 6405] close(4) = 0 [pid 6405] exit_group(0) = ? [pid 6405] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6405, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1377", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1377", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1377/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1377/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1377/binderfs") = 0 umount2("./1377/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1377/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1377/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1377/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1377/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1377/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1377") = 0 mkdir("./1378", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6406 ./strace-static-x86_64: Process 6406 attached [pid 6406] chdir("./1378") = 0 [pid 6406] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 158.781676][ T6405] loop0: detected capacity change from 0 to 4096 [ 158.790844][ T6405] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6406] setpgid(0, 0) = 0 [pid 6406] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6406] write(3, "1000", 4) = 4 [pid 6406] close(3) = 0 [pid 6406] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6406] memfd_create("syzkaller", 0) = 3 [pid 6406] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6406] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6406] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6406] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6406] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6406] close(3) = 0 [pid 6406] mkdir("./file0", 0777) = 0 [pid 6406] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6406] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6406] chdir("./file0") = 0 [pid 6406] ioctl(4, LOOP_CLR_FD) = 0 [pid 6406] close(4) = 0 [pid 6406] exit_group(0) = ? [pid 6406] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6406, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1378", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1378", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1378/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1378/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1378/binderfs") = 0 umount2("./1378/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1378/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1378/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1378/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1378/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1378/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1378") = 0 mkdir("./1379", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6407 ./strace-static-x86_64: Process 6407 attached [pid 6407] chdir("./1379") = 0 [pid 6407] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6407] setpgid(0, 0) = 0 [pid 6407] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6407] write(3, "1000", 4) = 4 [pid 6407] close(3) = 0 [pid 6407] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6407] memfd_create("syzkaller", 0) = 3 [pid 6407] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 158.865909][ T6406] loop0: detected capacity change from 0 to 4096 [ 158.875399][ T6406] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6407] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6407] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6407] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6407] close(3) = 0 [pid 6407] mkdir("./file0", 0777) = 0 [pid 6407] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6407] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6407] chdir("./file0") = 0 [pid 6407] ioctl(4, LOOP_CLR_FD) = 0 [pid 6407] close(4) = 0 [pid 6407] exit_group(0) = ? [pid 6407] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6407, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1379", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1379", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1379/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1379/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1379/binderfs") = 0 umount2("./1379/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1379/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1379/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1379/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1379/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1379/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1379") = 0 mkdir("./1380", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6408 ./strace-static-x86_64: Process 6408 attached [pid 6408] chdir("./1380") = 0 [pid 6408] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6408] setpgid(0, 0) = 0 [pid 6408] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6408] write(3, "1000", 4) = 4 [pid 6408] close(3) = 0 [pid 6408] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6408] memfd_create("syzkaller", 0) = 3 [pid 6408] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 158.943065][ T6407] loop0: detected capacity change from 0 to 4096 [ 158.951544][ T6407] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6408] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6408] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6408] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6408] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6408] close(3) = 0 [pid 6408] mkdir("./file0", 0777) = 0 [pid 6408] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6408] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6408] chdir("./file0") = 0 [pid 6408] ioctl(4, LOOP_CLR_FD) = 0 [pid 6408] close(4) = 0 [pid 6408] exit_group(0) = ? [pid 6408] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6408, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1380", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1380", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1380/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1380/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1380/binderfs") = 0 umount2("./1380/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1380/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1380/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1380/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1380/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1380/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1380") = 0 mkdir("./1381", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6409 attached , child_tidptr=0x5555568435d0) = 6409 [pid 6409] chdir("./1381") = 0 [pid 6409] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6409] setpgid(0, 0) = 0 [pid 6409] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6409] write(3, "1000", 4) = 4 [pid 6409] close(3) = 0 [pid 6409] symlink("/dev/binderfs", "./binderfs") = 0 [ 159.020501][ T6408] loop0: detected capacity change from 0 to 4096 [ 159.029017][ T6408] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6409] memfd_create("syzkaller", 0) = 3 [pid 6409] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6409] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6409] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6409] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6409] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6409] close(3) = 0 [pid 6409] mkdir("./file0", 0777) = 0 [pid 6409] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6409] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6409] chdir("./file0") = 0 [pid 6409] ioctl(4, LOOP_CLR_FD) = 0 [pid 6409] close(4) = 0 [pid 6409] exit_group(0) = ? [pid 6409] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6409, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1381", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1381", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1381/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1381/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1381/binderfs") = 0 umount2("./1381/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1381/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1381/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1381/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1381/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1381/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1381") = 0 mkdir("./1382", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6410 ./strace-static-x86_64: Process 6410 attached [pid 6410] chdir("./1382") = 0 [pid 6410] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6410] setpgid(0, 0) = 0 [pid 6410] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6410] write(3, "1000", 4) = 4 [pid 6410] close(3) = 0 [pid 6410] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6410] memfd_create("syzkaller", 0) = 3 [ 159.104261][ T6409] loop0: detected capacity change from 0 to 4096 [ 159.113540][ T6409] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6410] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6410] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6410] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6410] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6410] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6410] close(3) = 0 [pid 6410] mkdir("./file0", 0777) = 0 [pid 6410] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6410] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6410] chdir("./file0") = 0 [pid 6410] ioctl(4, LOOP_CLR_FD) = 0 [pid 6410] close(4) = 0 [pid 6410] exit_group(0) = ? [pid 6410] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6410, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1382", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1382", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1382/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1382/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1382/binderfs") = 0 umount2("./1382/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1382/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1382/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1382/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1382/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1382/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1382") = 0 mkdir("./1383", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6411 ./strace-static-x86_64: Process 6411 attached [pid 6411] chdir("./1383") = 0 [pid 6411] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6411] setpgid(0, 0) = 0 [pid 6411] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6411] write(3, "1000", 4) = 4 [pid 6411] close(3) = 0 [pid 6411] symlink("/dev/binderfs", "./binderfs") = 0 [ 159.191312][ T6410] loop0: detected capacity change from 0 to 4096 [ 159.200375][ T6410] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6411] memfd_create("syzkaller", 0) = 3 [pid 6411] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6411] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6411] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6411] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6411] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6411] close(3) = 0 [pid 6411] mkdir("./file0", 0777) = 0 [pid 6411] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6411] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6411] chdir("./file0") = 0 [pid 6411] ioctl(4, LOOP_CLR_FD) = 0 [pid 6411] close(4) = 0 [pid 6411] exit_group(0) = ? [pid 6411] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6411, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1383", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1383", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1383/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1383/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1383/binderfs") = 0 umount2("./1383/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1383/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1383/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1383/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1383/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1383/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1383") = 0 mkdir("./1384", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6412 ./strace-static-x86_64: Process 6412 attached [pid 6412] chdir("./1384") = 0 [ 159.273823][ T6411] loop0: detected capacity change from 0 to 4096 [ 159.282382][ T6411] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6412] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6412] setpgid(0, 0) = 0 [pid 6412] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6412] write(3, "1000", 4) = 4 [pid 6412] close(3) = 0 [pid 6412] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6412] memfd_create("syzkaller", 0) = 3 [pid 6412] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6412] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6412] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6412] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6412] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6412] close(3) = 0 [pid 6412] mkdir("./file0", 0777) = 0 [pid 6412] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6412] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6412] chdir("./file0") = 0 [pid 6412] ioctl(4, LOOP_CLR_FD) = 0 [pid 6412] close(4) = 0 [pid 6412] exit_group(0) = ? [pid 6412] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6412, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1384", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1384", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1384/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1384/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1384/binderfs") = 0 umount2("./1384/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1384/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1384/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1384/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1384/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1384/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1384") = 0 mkdir("./1385", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6413 ./strace-static-x86_64: Process 6413 attached [pid 6413] chdir("./1385") = 0 [pid 6413] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6413] setpgid(0, 0) = 0 [pid 6413] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6413] write(3, "1000", 4) = 4 [pid 6413] close(3) = 0 [pid 6413] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6413] memfd_create("syzkaller", 0) = 3 [pid 6413] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 159.361185][ T6412] loop0: detected capacity change from 0 to 4096 [ 159.369427][ T6412] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6413] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6413] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6413] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6413] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6413] close(3) = 0 [pid 6413] mkdir("./file0", 0777) = 0 [pid 6413] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6413] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6413] chdir("./file0") = 0 [pid 6413] ioctl(4, LOOP_CLR_FD) = 0 [pid 6413] close(4) = 0 [pid 6413] exit_group(0) = ? [pid 6413] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6413, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1385", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1385", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1385/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1385/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1385/binderfs") = 0 umount2("./1385/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1385/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1385/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1385/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1385/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1385/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1385") = 0 mkdir("./1386", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6414 attached , child_tidptr=0x5555568435d0) = 6414 [pid 6414] chdir("./1386") = 0 [pid 6414] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6414] setpgid(0, 0) = 0 [pid 6414] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6414] write(3, "1000", 4) = 4 [pid 6414] close(3) = 0 [pid 6414] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6414] memfd_create("syzkaller", 0) = 3 [pid 6414] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 159.436753][ T6413] loop0: detected capacity change from 0 to 4096 [ 159.444809][ T6413] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6414] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6414] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6414] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6414] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6414] close(3) = 0 [pid 6414] mkdir("./file0", 0777) = 0 [pid 6414] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6414] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6414] chdir("./file0") = 0 [pid 6414] ioctl(4, LOOP_CLR_FD) = 0 [pid 6414] close(4) = 0 [pid 6414] exit_group(0) = ? [pid 6414] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6414, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1386", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1386", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1386/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1386/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1386/binderfs") = 0 umount2("./1386/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1386/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1386/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1386/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1386/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1386/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1386") = 0 mkdir("./1387", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6415 ./strace-static-x86_64: Process 6415 attached [ 159.518149][ T6414] loop0: detected capacity change from 0 to 4096 [ 159.526513][ T6414] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6415] chdir("./1387") = 0 [pid 6415] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6415] setpgid(0, 0) = 0 [pid 6415] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6415] write(3, "1000", 4) = 4 [pid 6415] close(3) = 0 [pid 6415] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6415] memfd_create("syzkaller", 0) = 3 [pid 6415] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6415] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6415] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6415] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6415] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6415] close(3) = 0 [pid 6415] mkdir("./file0", 0777) = 0 [pid 6415] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6415] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6415] chdir("./file0") = 0 [pid 6415] ioctl(4, LOOP_CLR_FD) = 0 [pid 6415] close(4) = 0 [pid 6415] exit_group(0) = ? [pid 6415] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6415, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1387", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1387", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1387/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1387/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1387/binderfs") = 0 umount2("./1387/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1387/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1387/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1387/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1387/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1387/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1387") = 0 mkdir("./1388", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 159.601644][ T6415] loop0: detected capacity change from 0 to 4096 [ 159.610054][ T6415] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6416 ./strace-static-x86_64: Process 6416 attached [pid 6416] chdir("./1388") = 0 [pid 6416] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6416] setpgid(0, 0) = 0 [pid 6416] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6416] write(3, "1000", 4) = 4 [pid 6416] close(3) = 0 [pid 6416] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6416] memfd_create("syzkaller", 0) = 3 [pid 6416] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6416] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6416] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6416] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6416] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6416] close(3) = 0 [pid 6416] mkdir("./file0", 0777) = 0 [pid 6416] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6416] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6416] chdir("./file0") = 0 [pid 6416] ioctl(4, LOOP_CLR_FD) = 0 [pid 6416] close(4) = 0 [pid 6416] exit_group(0) = ? [pid 6416] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6416, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1388", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1388", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1388/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1388/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1388/binderfs") = 0 umount2("./1388/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1388/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1388/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1388/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1388/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1388/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1388") = 0 mkdir("./1389", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6417 attached , child_tidptr=0x5555568435d0) = 6417 [pid 6417] chdir("./1389") = 0 [pid 6417] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6417] setpgid(0, 0) = 0 [pid 6417] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 159.685222][ T6416] loop0: detected capacity change from 0 to 4096 [ 159.693625][ T6416] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6417] write(3, "1000", 4) = 4 [pid 6417] close(3) = 0 [pid 6417] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6417] memfd_create("syzkaller", 0) = 3 [pid 6417] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6417] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6417] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6417] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6417] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6417] close(3) = 0 [pid 6417] mkdir("./file0", 0777) = 0 [pid 6417] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6417] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6417] chdir("./file0") = 0 [pid 6417] ioctl(4, LOOP_CLR_FD) = 0 [pid 6417] close(4) = 0 [pid 6417] exit_group(0) = ? [pid 6417] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6417, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1389", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1389", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1389/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1389/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1389/binderfs") = 0 umount2("./1389/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1389/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1389/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1389/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1389/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1389/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1389") = 0 mkdir("./1390", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6418 attached , child_tidptr=0x5555568435d0) = 6418 [pid 6418] chdir("./1390") = 0 [pid 6418] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6418] setpgid(0, 0) = 0 [pid 6418] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6418] write(3, "1000", 4) = 4 [pid 6418] close(3) = 0 [ 159.775221][ T6417] loop0: detected capacity change from 0 to 4096 [ 159.784431][ T6417] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6418] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6418] memfd_create("syzkaller", 0) = 3 [pid 6418] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6418] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6418] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6418] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6418] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6418] close(3) = 0 [pid 6418] mkdir("./file0", 0777) = 0 [pid 6418] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6418] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6418] chdir("./file0") = 0 [pid 6418] ioctl(4, LOOP_CLR_FD) = 0 [pid 6418] close(4) = 0 [pid 6418] exit_group(0) = ? [pid 6418] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6418, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1390", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1390", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1390/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1390/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1390/binderfs") = 0 umount2("./1390/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1390/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1390/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1390/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1390/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1390/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1390") = 0 mkdir("./1391", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6419 attached , child_tidptr=0x5555568435d0) = 6419 [pid 6419] chdir("./1391") = 0 [pid 6419] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6419] setpgid(0, 0) = 0 [pid 6419] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6419] write(3, "1000", 4) = 4 [pid 6419] close(3) = 0 [pid 6419] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6419] memfd_create("syzkaller", 0) = 3 [pid 6419] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 159.861916][ T6418] loop0: detected capacity change from 0 to 4096 [ 159.870372][ T6418] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6419] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6419] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6419] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6419] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6419] close(3) = 0 [pid 6419] mkdir("./file0", 0777) = 0 [pid 6419] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6419] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6419] chdir("./file0") = 0 [pid 6419] ioctl(4, LOOP_CLR_FD) = 0 [pid 6419] close(4) = 0 [pid 6419] exit_group(0) = ? [pid 6419] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6419, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1391", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1391", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1391/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1391/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1391/binderfs") = 0 umount2("./1391/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1391/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1391/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1391/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1391/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1391/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1391") = 0 mkdir("./1392", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 159.942848][ T6419] loop0: detected capacity change from 0 to 4096 [ 159.951258][ T6419] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6420 attached [pid 6420] chdir("./1392") = 0 [pid 6420] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6420] setpgid(0, 0) = 0 [pid 6420] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 6420 [pid 6420] <... openat resumed>) = 3 [pid 6420] write(3, "1000", 4) = 4 [pid 6420] close(3) = 0 [pid 6420] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6420] memfd_create("syzkaller", 0) = 3 [pid 6420] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6420] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6420] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6420] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6420] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6420] close(3) = 0 [pid 6420] mkdir("./file0", 0777) = 0 [pid 6420] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6420] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6420] chdir("./file0") = 0 [pid 6420] ioctl(4, LOOP_CLR_FD) = 0 [pid 6420] close(4) = 0 [pid 6420] exit_group(0) = ? [pid 6420] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6420, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1392", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1392", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1392/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1392/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1392/binderfs") = 0 umount2("./1392/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1392/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1392/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1392/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1392/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1392/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1392") = 0 mkdir("./1393", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 160.034140][ T6420] loop0: detected capacity change from 0 to 4096 [ 160.042517][ T6420] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6421 ./strace-static-x86_64: Process 6421 attached [pid 6421] chdir("./1393") = 0 [pid 6421] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6421] setpgid(0, 0) = 0 [pid 6421] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6421] write(3, "1000", 4) = 4 [pid 6421] close(3) = 0 [pid 6421] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6421] memfd_create("syzkaller", 0) = 3 [pid 6421] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6421] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6421] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6421] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6421] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6421] close(3) = 0 [pid 6421] mkdir("./file0", 0777) = 0 [pid 6421] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6421] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6421] chdir("./file0") = 0 [pid 6421] ioctl(4, LOOP_CLR_FD) = 0 [pid 6421] close(4) = 0 [pid 6421] exit_group(0) = ? [pid 6421] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6421, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1393", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1393", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1393/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1393/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1393/binderfs") = 0 umount2("./1393/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1393/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1393/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1393/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1393/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1393/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1393") = 0 mkdir("./1394", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6422 ./strace-static-x86_64: Process 6422 attached [pid 6422] chdir("./1394") = 0 [pid 6422] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6422] setpgid(0, 0) = 0 [pid 6422] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6422] write(3, "1000", 4) = 4 [pid 6422] close(3) = 0 [pid 6422] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6422] memfd_create("syzkaller", 0) = 3 [pid 6422] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 160.126960][ T6421] loop0: detected capacity change from 0 to 4096 [ 160.135276][ T6421] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6422] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6422] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6422] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6422] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6422] close(3) = 0 [pid 6422] mkdir("./file0", 0777) = 0 [pid 6422] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6422] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6422] chdir("./file0") = 0 [pid 6422] ioctl(4, LOOP_CLR_FD) = 0 [pid 6422] close(4) = 0 [pid 6422] exit_group(0) = ? [pid 6422] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6422, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- umount2("./1394", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1394", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1394/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1394/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1394/binderfs") = 0 umount2("./1394/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1394/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1394/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1394/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1394/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1394/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1394") = 0 mkdir("./1395", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6423 ./strace-static-x86_64: Process 6423 attached [pid 6423] chdir("./1395") = 0 [pid 6423] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6423] setpgid(0, 0) = 0 [pid 6423] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6423] write(3, "1000", 4) = 4 [pid 6423] close(3) = 0 [pid 6423] symlink("/dev/binderfs", "./binderfs") = 0 [ 160.205259][ T6422] loop0: detected capacity change from 0 to 4096 [ 160.214217][ T6422] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6423] memfd_create("syzkaller", 0) = 3 [pid 6423] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6423] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6423] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6423] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6423] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6423] close(3) = 0 [pid 6423] mkdir("./file0", 0777) = 0 [pid 6423] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6423] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6423] chdir("./file0") = 0 [pid 6423] ioctl(4, LOOP_CLR_FD) = 0 [pid 6423] close(4) = 0 [pid 6423] exit_group(0) = ? [pid 6423] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6423, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1395", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1395", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1395/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1395/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1395/binderfs") = 0 umount2("./1395/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1395/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1395/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1395/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1395/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1395/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1395") = 0 mkdir("./1396", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6424 ./strace-static-x86_64: Process 6424 attached [pid 6424] chdir("./1396") = 0 [pid 6424] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6424] setpgid(0, 0) = 0 [pid 6424] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6424] write(3, "1000", 4) = 4 [pid 6424] close(3) = 0 [pid 6424] symlink("/dev/binderfs", "./binderfs") = 0 [ 160.293482][ T6423] loop0: detected capacity change from 0 to 4096 [ 160.302572][ T6423] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6424] memfd_create("syzkaller", 0) = 3 [pid 6424] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6424] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6424] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6424] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6424] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6424] close(3) = 0 [pid 6424] mkdir("./file0", 0777) = 0 [pid 6424] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6424] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6424] chdir("./file0") = 0 [pid 6424] ioctl(4, LOOP_CLR_FD) = 0 [pid 6424] close(4) = 0 [pid 6424] exit_group(0) = ? [pid 6424] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6424, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1396", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1396", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1396/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1396/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1396/binderfs") = 0 umount2("./1396/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1396/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1396/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1396/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1396/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1396/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1396") = 0 mkdir("./1397", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6425 ./strace-static-x86_64: Process 6425 attached [pid 6425] chdir("./1397") = 0 [pid 6425] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6425] setpgid(0, 0) = 0 [pid 6425] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6425] write(3, "1000", 4) = 4 [pid 6425] close(3) = 0 [pid 6425] symlink("/dev/binderfs", "./binderfs") = 0 [ 160.377093][ T6424] loop0: detected capacity change from 0 to 4096 [ 160.386586][ T6424] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6425] memfd_create("syzkaller", 0) = 3 [pid 6425] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6425] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6425] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6425] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6425] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6425] close(3) = 0 [pid 6425] mkdir("./file0", 0777) = 0 [pid 6425] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6425] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6425] chdir("./file0") = 0 [pid 6425] ioctl(4, LOOP_CLR_FD) = 0 [pid 6425] close(4) = 0 [pid 6425] exit_group(0) = ? [pid 6425] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6425, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1397", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1397", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1397/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1397/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1397/binderfs") = 0 umount2("./1397/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1397/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1397/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1397/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1397/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1397/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1397") = 0 [ 160.462235][ T6425] loop0: detected capacity change from 0 to 4096 [ 160.471013][ T6425] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./1398", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6426 ./strace-static-x86_64: Process 6426 attached [pid 6426] chdir("./1398") = 0 [pid 6426] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6426] setpgid(0, 0) = 0 [pid 6426] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6426] write(3, "1000", 4) = 4 [pid 6426] close(3) = 0 [pid 6426] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6426] memfd_create("syzkaller", 0) = 3 [pid 6426] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6426] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6426] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6426] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6426] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6426] close(3) = 0 [pid 6426] mkdir("./file0", 0777) = 0 [pid 6426] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6426] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6426] chdir("./file0") = 0 [pid 6426] ioctl(4, LOOP_CLR_FD) = 0 [pid 6426] close(4) = 0 [pid 6426] exit_group(0) = ? [pid 6426] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6426, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1398", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1398", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1398/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1398/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1398/binderfs") = 0 umount2("./1398/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1398/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1398/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1398/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1398/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1398/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1398") = 0 mkdir("./1399", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6427 ./strace-static-x86_64: Process 6427 attached [pid 6427] chdir("./1399") = 0 [pid 6427] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6427] setpgid(0, 0) = 0 [pid 6427] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6427] write(3, "1000", 4) = 4 [pid 6427] close(3) = 0 [ 160.555196][ T6426] loop0: detected capacity change from 0 to 4096 [ 160.564406][ T6426] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6427] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6427] memfd_create("syzkaller", 0) = 3 [pid 6427] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6427] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6427] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6427] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6427] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6427] close(3) = 0 [pid 6427] mkdir("./file0", 0777) = 0 [pid 6427] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6427] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6427] chdir("./file0") = 0 [pid 6427] ioctl(4, LOOP_CLR_FD) = 0 [pid 6427] close(4) = 0 [pid 6427] exit_group(0) = ? [pid 6427] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6427, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1399", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1399", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1399/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1399/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1399/binderfs") = 0 umount2("./1399/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1399/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1399/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1399/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1399/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1399/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 [ 160.644078][ T6427] loop0: detected capacity change from 0 to 4096 [ 160.652659][ T6427] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). rmdir("./1399") = 0 mkdir("./1400", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6428 ./strace-static-x86_64: Process 6428 attached [pid 6428] chdir("./1400") = 0 [pid 6428] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6428] setpgid(0, 0) = 0 [pid 6428] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6428] write(3, "1000", 4) = 4 [pid 6428] close(3) = 0 [pid 6428] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6428] memfd_create("syzkaller", 0) = 3 [pid 6428] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6428] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6428] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6428] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6428] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6428] close(3) = 0 [pid 6428] mkdir("./file0", 0777) = 0 [pid 6428] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6428] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6428] chdir("./file0") = 0 [pid 6428] ioctl(4, LOOP_CLR_FD) = 0 [pid 6428] close(4) = 0 [pid 6428] exit_group(0) = ? [pid 6428] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6428, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1400", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1400", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1400/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1400/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1400/binderfs") = 0 umount2("./1400/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1400/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1400/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1400/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1400/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1400/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1400") = 0 mkdir("./1401", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6429 ./strace-static-x86_64: Process 6429 attached [pid 6429] chdir("./1401") = 0 [pid 6429] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6429] setpgid(0, 0) = 0 [pid 6429] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6429] write(3, "1000", 4) = 4 [pid 6429] close(3) = 0 [pid 6429] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6429] memfd_create("syzkaller", 0) = 3 [ 160.735633][ T6428] loop0: detected capacity change from 0 to 4096 [ 160.744085][ T6428] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6429] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6429] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6429] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6429] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6429] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6429] close(3) = 0 [pid 6429] mkdir("./file0", 0777) = 0 [pid 6429] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6429] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6429] chdir("./file0") = 0 [pid 6429] ioctl(4, LOOP_CLR_FD) = 0 [pid 6429] close(4) = 0 [pid 6429] exit_group(0) = ? [pid 6429] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6429, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1401", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1401", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1401/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1401/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1401/binderfs") = 0 umount2("./1401/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1401/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1401/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1401/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1401/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1401/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1401") = 0 mkdir("./1402", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 160.821162][ T6429] loop0: detected capacity change from 0 to 4096 [ 160.830226][ T6429] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6430 ./strace-static-x86_64: Process 6430 attached [pid 6430] chdir("./1402") = 0 [pid 6430] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6430] setpgid(0, 0) = 0 [pid 6430] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6430] write(3, "1000", 4) = 4 [pid 6430] close(3) = 0 [pid 6430] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6430] memfd_create("syzkaller", 0) = 3 [pid 6430] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6430] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6430] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6430] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6430] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6430] close(3) = 0 [pid 6430] mkdir("./file0", 0777) = 0 [pid 6430] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6430] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6430] chdir("./file0") = 0 [pid 6430] ioctl(4, LOOP_CLR_FD) = 0 [pid 6430] close(4) = 0 [pid 6430] exit_group(0) = ? [pid 6430] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6430, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1402", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1402", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1402/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1402/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1402/binderfs") = 0 umount2("./1402/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1402/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1402/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1402/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1402/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1402/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1402") = 0 [ 160.910948][ T6430] loop0: detected capacity change from 0 to 4096 [ 160.919478][ T6430] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./1403", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6431 ./strace-static-x86_64: Process 6431 attached [pid 6431] chdir("./1403") = 0 [pid 6431] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6431] setpgid(0, 0) = 0 [pid 6431] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6431] write(3, "1000", 4) = 4 [pid 6431] close(3) = 0 [pid 6431] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6431] memfd_create("syzkaller", 0) = 3 [pid 6431] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6431] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6431] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6431] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6431] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6431] close(3) = 0 [pid 6431] mkdir("./file0", 0777) = 0 [pid 6431] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6431] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6431] chdir("./file0") = 0 [pid 6431] ioctl(4, LOOP_CLR_FD) = 0 [pid 6431] close(4) = 0 [pid 6431] exit_group(0) = ? [pid 6431] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6431, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1403", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1403", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1403/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1403/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1403/binderfs") = 0 umount2("./1403/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1403/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1403/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1403/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1403/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1403/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1403") = 0 mkdir("./1404", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6432 ./strace-static-x86_64: Process 6432 attached [pid 6432] chdir("./1404") = 0 [pid 6432] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6432] setpgid(0, 0) = 0 [pid 6432] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6432] write(3, "1000", 4) = 4 [pid 6432] close(3) = 0 [pid 6432] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6432] memfd_create("syzkaller", 0) = 3 [ 161.003803][ T6431] loop0: detected capacity change from 0 to 4096 [ 161.012715][ T6431] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6432] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6432] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6432] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6432] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6432] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6432] close(3) = 0 [pid 6432] mkdir("./file0", 0777) = 0 [pid 6432] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6432] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6432] chdir("./file0") = 0 [pid 6432] ioctl(4, LOOP_CLR_FD) = 0 [pid 6432] close(4) = 0 [pid 6432] exit_group(0) = ? [pid 6432] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6432, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1404", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1404", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1404/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1404/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1404/binderfs") = 0 umount2("./1404/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1404/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1404/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1404/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1404/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1404/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1404") = 0 mkdir("./1405", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 161.090355][ T6432] loop0: detected capacity change from 0 to 4096 [ 161.098946][ T6432] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6433 ./strace-static-x86_64: Process 6433 attached [pid 6433] chdir("./1405") = 0 [pid 6433] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6433] setpgid(0, 0) = 0 [pid 6433] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6433] write(3, "1000", 4) = 4 [pid 6433] close(3) = 0 [pid 6433] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6433] memfd_create("syzkaller", 0) = 3 [pid 6433] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6433] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6433] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6433] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6433] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6433] close(3) = 0 [pid 6433] mkdir("./file0", 0777) = 0 [pid 6433] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6433] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6433] chdir("./file0") = 0 [pid 6433] ioctl(4, LOOP_CLR_FD) = 0 [pid 6433] close(4) = 0 [pid 6433] exit_group(0) = ? [pid 6433] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6433, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1405", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1405", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1405/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1405/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1405/binderfs") = 0 umount2("./1405/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1405/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1405/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1405/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1405/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1405/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1405") = 0 mkdir("./1406", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6434 ./strace-static-x86_64: Process 6434 attached [ 161.175539][ T6433] loop0: detected capacity change from 0 to 4096 [ 161.184723][ T6433] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6434] chdir("./1406") = 0 [pid 6434] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6434] setpgid(0, 0) = 0 [pid 6434] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6434] write(3, "1000", 4) = 4 [pid 6434] close(3) = 0 [pid 6434] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6434] memfd_create("syzkaller", 0) = 3 [pid 6434] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6434] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6434] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6434] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6434] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6434] close(3) = 0 [pid 6434] mkdir("./file0", 0777) = 0 [pid 6434] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6434] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6434] chdir("./file0") = 0 [pid 6434] ioctl(4, LOOP_CLR_FD) = 0 [pid 6434] close(4) = 0 [pid 6434] exit_group(0) = ? [pid 6434] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6434, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1406", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1406", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1406/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1406/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1406/binderfs") = 0 umount2("./1406/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1406/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1406/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1406/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1406/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1406/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1406") = 0 mkdir("./1407", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 161.263951][ T6434] loop0: detected capacity change from 0 to 4096 [ 161.273029][ T6434] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6435 ./strace-static-x86_64: Process 6435 attached [pid 6435] chdir("./1407") = 0 [pid 6435] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6435] setpgid(0, 0) = 0 [pid 6435] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6435] write(3, "1000", 4) = 4 [pid 6435] close(3) = 0 [pid 6435] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6435] memfd_create("syzkaller", 0) = 3 [pid 6435] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6435] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6435] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6435] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6435] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6435] close(3) = 0 [pid 6435] mkdir("./file0", 0777) = 0 [pid 6435] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6435] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6435] chdir("./file0") = 0 [pid 6435] ioctl(4, LOOP_CLR_FD) = 0 [pid 6435] close(4) = 0 [pid 6435] exit_group(0) = ? [pid 6435] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6435, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1407", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1407", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1407/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1407/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1407/binderfs") = 0 umount2("./1407/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1407/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1407/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1407/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1407/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1407/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1407") = 0 mkdir("./1408", 0777) = 0 [ 161.352847][ T6435] loop0: detected capacity change from 0 to 4096 [ 161.361774][ T6435] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6436 attached , child_tidptr=0x5555568435d0) = 6436 [pid 6436] chdir("./1408") = 0 [pid 6436] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6436] setpgid(0, 0) = 0 [pid 6436] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6436] write(3, "1000", 4) = 4 [pid 6436] close(3) = 0 [pid 6436] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6436] memfd_create("syzkaller", 0) = 3 [pid 6436] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6436] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6436] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6436] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6436] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6436] close(3) = 0 [pid 6436] mkdir("./file0", 0777) = 0 [pid 6436] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6436] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6436] chdir("./file0") = 0 [pid 6436] ioctl(4, LOOP_CLR_FD) = 0 [pid 6436] close(4) = 0 [pid 6436] exit_group(0) = ? [pid 6436] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6436, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1408", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1408", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1408/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1408/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1408/binderfs") = 0 umount2("./1408/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1408/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1408/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1408/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1408/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1408/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1408") = 0 mkdir("./1409", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6437 ./strace-static-x86_64: Process 6437 attached [pid 6437] chdir("./1409") = 0 [pid 6437] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6437] setpgid(0, 0) = 0 [pid 6437] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6437] write(3, "1000", 4) = 4 [pid 6437] close(3) = 0 [pid 6437] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6437] memfd_create("syzkaller", 0) = 3 [pid 6437] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 161.445220][ T6436] loop0: detected capacity change from 0 to 4096 [ 161.454230][ T6436] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6437] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6437] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6437] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6437] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6437] close(3) = 0 [pid 6437] mkdir("./file0", 0777) = 0 [pid 6437] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6437] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6437] chdir("./file0") = 0 [pid 6437] ioctl(4, LOOP_CLR_FD) = 0 [pid 6437] close(4) = 0 [pid 6437] exit_group(0) = ? [pid 6437] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6437, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1409", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1409", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1409/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1409/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1409/binderfs") = 0 umount2("./1409/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1409/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1409/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1409/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1409/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1409/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1409") = 0 mkdir("./1410", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6438 ./strace-static-x86_64: Process 6438 attached [pid 6438] chdir("./1410") = 0 [pid 6438] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6438] setpgid(0, 0) = 0 [pid 6438] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6438] write(3, "1000", 4) = 4 [pid 6438] close(3) = 0 [pid 6438] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6438] memfd_create("syzkaller", 0) = 3 [pid 6438] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 161.528376][ T6437] loop0: detected capacity change from 0 to 4096 [ 161.537467][ T6437] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6438] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6438] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6438] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6438] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6438] close(3) = 0 [pid 6438] mkdir("./file0", 0777) = 0 [pid 6438] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6438] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6438] chdir("./file0") = 0 [pid 6438] ioctl(4, LOOP_CLR_FD) = 0 [pid 6438] close(4) = 0 [pid 6438] exit_group(0) = ? [pid 6438] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6438, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1410", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1410", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1410/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1410/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1410/binderfs") = 0 umount2("./1410/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1410/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1410/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1410/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1410/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1410/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1410") = 0 mkdir("./1411", 0777) = 0 [ 161.611687][ T6438] loop0: detected capacity change from 0 to 4096 [ 161.621016][ T6438] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6439 ./strace-static-x86_64: Process 6439 attached [pid 6439] chdir("./1411") = 0 [pid 6439] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6439] setpgid(0, 0) = 0 [pid 6439] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6439] write(3, "1000", 4) = 4 [pid 6439] close(3) = 0 [pid 6439] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6439] memfd_create("syzkaller", 0) = 3 [pid 6439] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6439] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6439] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6439] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6439] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6439] close(3) = 0 [pid 6439] mkdir("./file0", 0777) = 0 [pid 6439] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6439] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6439] chdir("./file0") = 0 [pid 6439] ioctl(4, LOOP_CLR_FD) = 0 [pid 6439] close(4) = 0 [pid 6439] exit_group(0) = ? [pid 6439] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6439, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1411", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1411", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1411/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1411/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1411/binderfs") = 0 umount2("./1411/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1411/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1411/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1411/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1411/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1411/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1411") = 0 mkdir("./1412", 0777) = 0 [ 161.703025][ T6439] loop0: detected capacity change from 0 to 4096 [ 161.711823][ T6439] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6440 ./strace-static-x86_64: Process 6440 attached [pid 6440] chdir("./1412") = 0 [pid 6440] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6440] setpgid(0, 0) = 0 [pid 6440] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6440] write(3, "1000", 4) = 4 [pid 6440] close(3) = 0 [pid 6440] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6440] memfd_create("syzkaller", 0) = 3 [pid 6440] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6440] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6440] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6440] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6440] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6440] close(3) = 0 [pid 6440] mkdir("./file0", 0777) = 0 [pid 6440] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6440] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6440] chdir("./file0") = 0 [pid 6440] ioctl(4, LOOP_CLR_FD) = 0 [pid 6440] close(4) = 0 [pid 6440] exit_group(0) = ? [pid 6440] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6440, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1412", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1412", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1412/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1412/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1412/binderfs") = 0 umount2("./1412/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1412/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1412/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1412/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1412/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1412/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1412") = 0 mkdir("./1413", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6441 ./strace-static-x86_64: Process 6441 attached [pid 6441] chdir("./1413") = 0 [pid 6441] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6441] setpgid(0, 0) = 0 [pid 6441] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6441] write(3, "1000", 4) = 4 [pid 6441] close(3) = 0 [pid 6441] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6441] memfd_create("syzkaller", 0) = 3 [pid 6441] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 161.796220][ T6440] loop0: detected capacity change from 0 to 4096 [ 161.804931][ T6440] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6441] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6441] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6441] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6441] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6441] close(3) = 0 [pid 6441] mkdir("./file0", 0777) = 0 [pid 6441] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6441] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6441] chdir("./file0") = 0 [pid 6441] ioctl(4, LOOP_CLR_FD) = 0 [pid 6441] close(4) = 0 [pid 6441] exit_group(0) = ? [pid 6441] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6441, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1413", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1413", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1413/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1413/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1413/binderfs") = 0 umount2("./1413/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1413/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1413/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1413/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1413/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1413/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1413") = 0 mkdir("./1414", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 161.871885][ T6441] loop0: detected capacity change from 0 to 4096 [ 161.880278][ T6441] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6442 ./strace-static-x86_64: Process 6442 attached [pid 6442] chdir("./1414") = 0 [pid 6442] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6442] setpgid(0, 0) = 0 [pid 6442] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6442] write(3, "1000", 4) = 4 [pid 6442] close(3) = 0 [pid 6442] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6442] memfd_create("syzkaller", 0) = 3 [pid 6442] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6442] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6442] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6442] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6442] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6442] close(3) = 0 [pid 6442] mkdir("./file0", 0777) = 0 [pid 6442] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6442] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6442] chdir("./file0") = 0 [pid 6442] ioctl(4, LOOP_CLR_FD) = 0 [pid 6442] close(4) = 0 [pid 6442] exit_group(0) = ? [pid 6442] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6442, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1414", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1414", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1414/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1414/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1414/binderfs") = 0 umount2("./1414/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1414/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1414/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1414/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1414/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1414/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1414") = 0 mkdir("./1415", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6443 ./strace-static-x86_64: Process 6443 attached [pid 6443] chdir("./1415") = 0 [pid 6443] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6443] setpgid(0, 0) = 0 [pid 6443] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6443] write(3, "1000", 4) = 4 [pid 6443] close(3) = 0 [ 161.955358][ T6442] loop0: detected capacity change from 0 to 4096 [ 161.964314][ T6442] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6443] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6443] memfd_create("syzkaller", 0) = 3 [pid 6443] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6443] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6443] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6443] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6443] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6443] close(3) = 0 [pid 6443] mkdir("./file0", 0777) = 0 [pid 6443] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6443] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6443] chdir("./file0") = 0 [pid 6443] ioctl(4, LOOP_CLR_FD) = 0 [pid 6443] close(4) = 0 [pid 6443] exit_group(0) = ? [pid 6443] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6443, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1415", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1415", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1415/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1415/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1415/binderfs") = 0 umount2("./1415/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1415/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1415/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1415/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1415/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1415/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 [ 162.038555][ T6443] loop0: detected capacity change from 0 to 4096 [ 162.047575][ T6443] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). rmdir("./1415") = 0 mkdir("./1416", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6444 ./strace-static-x86_64: Process 6444 attached [pid 6444] chdir("./1416") = 0 [pid 6444] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6444] setpgid(0, 0) = 0 [pid 6444] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6444] write(3, "1000", 4) = 4 [pid 6444] close(3) = 0 [pid 6444] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6444] memfd_create("syzkaller", 0) = 3 [pid 6444] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6444] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6444] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6444] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6444] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6444] close(3) = 0 [pid 6444] mkdir("./file0", 0777) = 0 [pid 6444] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6444] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6444] chdir("./file0") = 0 [pid 6444] ioctl(4, LOOP_CLR_FD) = 0 [pid 6444] close(4) = 0 [pid 6444] exit_group(0) = ? [pid 6444] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6444, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1416", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1416", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1416/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1416/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1416/binderfs") = 0 umount2("./1416/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1416/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1416/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1416/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1416/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1416/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1416") = 0 mkdir("./1417", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 162.128136][ T6444] loop0: detected capacity change from 0 to 4096 [ 162.136697][ T6444] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6445 ./strace-static-x86_64: Process 6445 attached [pid 6445] chdir("./1417") = 0 [pid 6445] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6445] setpgid(0, 0) = 0 [pid 6445] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6445] write(3, "1000", 4) = 4 [pid 6445] close(3) = 0 [pid 6445] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6445] memfd_create("syzkaller", 0) = 3 [pid 6445] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6445] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6445] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6445] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6445] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6445] close(3) = 0 [pid 6445] mkdir("./file0", 0777) = 0 [pid 6445] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6445] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6445] chdir("./file0") = 0 [pid 6445] ioctl(4, LOOP_CLR_FD) = 0 [pid 6445] close(4) = 0 [pid 6445] exit_group(0) = ? [pid 6445] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6445, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1417", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1417", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1417/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1417/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1417/binderfs") = 0 umount2("./1417/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1417/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1417/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1417/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1417/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1417/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1417") = 0 mkdir("./1418", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 162.213733][ T6445] loop0: detected capacity change from 0 to 4096 [ 162.222512][ T6445] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6446 attached [pid 6446] chdir("./1418" [pid 5019] <... clone resumed>, child_tidptr=0x5555568435d0) = 6446 [pid 6446] <... chdir resumed>) = 0 [pid 6446] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6446] setpgid(0, 0) = 0 [pid 6446] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6446] write(3, "1000", 4) = 4 [pid 6446] close(3) = 0 [pid 6446] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6446] memfd_create("syzkaller", 0) = 3 [pid 6446] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6446] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6446] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6446] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6446] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6446] close(3) = 0 [pid 6446] mkdir("./file0", 0777) = 0 [pid 6446] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6446] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6446] chdir("./file0") = 0 [pid 6446] ioctl(4, LOOP_CLR_FD) = 0 [pid 6446] close(4) = 0 [pid 6446] exit_group(0) = ? [pid 6446] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6446, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1418", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1418", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1418/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1418/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1418/binderfs") = 0 umount2("./1418/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1418/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1418/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1418/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1418/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1418/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1418") = 0 mkdir("./1419", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6447 ./strace-static-x86_64: Process 6447 attached [pid 6447] chdir("./1419") = 0 [pid 6447] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6447] setpgid(0, 0) = 0 [pid 6447] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6447] write(3, "1000", 4) = 4 [ 162.305677][ T6446] loop0: detected capacity change from 0 to 4096 [ 162.314303][ T6446] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6447] close(3) = 0 [pid 6447] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6447] memfd_create("syzkaller", 0) = 3 [pid 6447] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6447] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6447] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6447] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6447] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6447] close(3) = 0 [pid 6447] mkdir("./file0", 0777) = 0 [pid 6447] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6447] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6447] chdir("./file0") = 0 [pid 6447] ioctl(4, LOOP_CLR_FD) = 0 [pid 6447] close(4) = 0 [pid 6447] exit_group(0) = ? [pid 6447] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6447, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1419", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1419", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1419/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1419/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1419/binderfs") = 0 umount2("./1419/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1419/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1419/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1419/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1419/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1419/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1419") = 0 mkdir("./1420", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 162.387646][ T6447] loop0: detected capacity change from 0 to 4096 [ 162.395957][ T6447] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6448 ./strace-static-x86_64: Process 6448 attached [pid 6448] chdir("./1420") = 0 [pid 6448] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6448] setpgid(0, 0) = 0 [pid 6448] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6448] write(3, "1000", 4) = 4 [pid 6448] close(3) = 0 [pid 6448] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6448] memfd_create("syzkaller", 0) = 3 [pid 6448] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6448] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6448] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6448] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6448] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6448] close(3) = 0 [pid 6448] mkdir("./file0", 0777) = 0 [pid 6448] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6448] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6448] chdir("./file0") = 0 [pid 6448] ioctl(4, LOOP_CLR_FD) = 0 [pid 6448] close(4) = 0 [pid 6448] exit_group(0) = ? [pid 6448] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6448, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1420", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1420", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1420/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1420/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1420/binderfs") = 0 umount2("./1420/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1420/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1420/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1420/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1420/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1420/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1420") = 0 mkdir("./1421", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 162.478498][ T6448] loop0: detected capacity change from 0 to 4096 [ 162.487055][ T6448] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6449 ./strace-static-x86_64: Process 6449 attached [pid 6449] chdir("./1421") = 0 [pid 6449] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6449] setpgid(0, 0) = 0 [pid 6449] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6449] write(3, "1000", 4) = 4 [pid 6449] close(3) = 0 [pid 6449] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6449] memfd_create("syzkaller", 0) = 3 [pid 6449] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6449] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6449] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6449] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6449] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6449] close(3) = 0 [pid 6449] mkdir("./file0", 0777) = 0 [pid 6449] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6449] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6449] chdir("./file0") = 0 [pid 6449] ioctl(4, LOOP_CLR_FD) = 0 [pid 6449] close(4) = 0 [pid 6449] exit_group(0) = ? [pid 6449] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6449, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1421", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1421", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1421/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1421/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1421/binderfs") = 0 umount2("./1421/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1421/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1421/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1421/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1421/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1421/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1421") = 0 mkdir("./1422", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6450 ./strace-static-x86_64: Process 6450 attached [pid 6450] chdir("./1422") = 0 [pid 6450] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6450] setpgid(0, 0) = 0 [pid 6450] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6450] write(3, "1000", 4) = 4 [pid 6450] close(3) = 0 [pid 6450] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6450] memfd_create("syzkaller", 0) = 3 [pid 6450] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 162.567507][ T6449] loop0: detected capacity change from 0 to 4096 [ 162.576913][ T6449] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6450] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6450] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6450] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6450] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6450] close(3) = 0 [pid 6450] mkdir("./file0", 0777) = 0 [pid 6450] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6450] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6450] chdir("./file0") = 0 [pid 6450] ioctl(4, LOOP_CLR_FD) = 0 [pid 6450] close(4) = 0 [pid 6450] exit_group(0) = ? [pid 6450] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6450, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1422", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1422", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1422/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1422/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1422/binderfs") = 0 umount2("./1422/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1422/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1422/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1422/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1422/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1422/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1422") = 0 mkdir("./1423", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6451 ./strace-static-x86_64: Process 6451 attached [pid 6451] chdir("./1423") = 0 [pid 6451] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6451] setpgid(0, 0) = 0 [pid 6451] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6451] write(3, "1000", 4) = 4 [pid 6451] close(3) = 0 [pid 6451] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6451] memfd_create("syzkaller", 0) = 3 [pid 6451] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 162.654014][ T6450] loop0: detected capacity change from 0 to 4096 [ 162.663314][ T6450] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6451] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6451] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6451] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6451] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6451] close(3) = 0 [pid 6451] mkdir("./file0", 0777) = 0 [pid 6451] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6451] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6451] chdir("./file0") = 0 [pid 6451] ioctl(4, LOOP_CLR_FD) = 0 [pid 6451] close(4) = 0 [pid 6451] exit_group(0) = ? [pid 6451] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6451, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1423", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1423", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1423/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1423/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1423/binderfs") = 0 umount2("./1423/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1423/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1423/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1423/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1423/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1423/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1423") = 0 mkdir("./1424", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6452 ./strace-static-x86_64: Process 6452 attached [pid 6452] chdir("./1424") = 0 [pid 6452] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6452] setpgid(0, 0) = 0 [pid 6452] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6452] write(3, "1000", 4) = 4 [pid 6452] close(3) = 0 [pid 6452] symlink("/dev/binderfs", "./binderfs") = 0 [ 162.740239][ T6451] loop0: detected capacity change from 0 to 4096 [ 162.748905][ T6451] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6452] memfd_create("syzkaller", 0) = 3 [pid 6452] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6452] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6452] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6452] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6452] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6452] close(3) = 0 [pid 6452] mkdir("./file0", 0777) = 0 [pid 6452] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6452] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6452] chdir("./file0") = 0 [pid 6452] ioctl(4, LOOP_CLR_FD) = 0 [pid 6452] close(4) = 0 [pid 6452] exit_group(0) = ? [pid 6452] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6452, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1424", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1424", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1424/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1424/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1424/binderfs") = 0 umount2("./1424/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1424/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1424/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1424/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1424/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1424/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1424") = 0 mkdir("./1425", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6453 ./strace-static-x86_64: Process 6453 attached [pid 6453] chdir("./1425") = 0 [pid 6453] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6453] setpgid(0, 0) = 0 [pid 6453] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6453] write(3, "1000", 4) = 4 [pid 6453] close(3) = 0 [pid 6453] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6453] memfd_create("syzkaller", 0) = 3 [ 162.820589][ T6452] loop0: detected capacity change from 0 to 4096 [ 162.829284][ T6452] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6453] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6453] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6453] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6453] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6453] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6453] close(3) = 0 [pid 6453] mkdir("./file0", 0777) = 0 [pid 6453] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6453] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6453] chdir("./file0") = 0 [pid 6453] ioctl(4, LOOP_CLR_FD) = 0 [pid 6453] close(4) = 0 [pid 6453] exit_group(0) = ? [pid 6453] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6453, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1425", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1425", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1425/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1425/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1425/binderfs") = 0 umount2("./1425/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1425/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1425/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1425/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1425/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1425/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1425") = 0 mkdir("./1426", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 162.908515][ T6453] loop0: detected capacity change from 0 to 4096 [ 162.917025][ T6453] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6454 ./strace-static-x86_64: Process 6454 attached [pid 6454] chdir("./1426") = 0 [pid 6454] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6454] setpgid(0, 0) = 0 [pid 6454] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6454] write(3, "1000", 4) = 4 [pid 6454] close(3) = 0 [pid 6454] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6454] memfd_create("syzkaller", 0) = 3 [pid 6454] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6454] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6454] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6454] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6454] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6454] close(3) = 0 [pid 6454] mkdir("./file0", 0777) = 0 [pid 6454] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6454] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6454] chdir("./file0") = 0 [pid 6454] ioctl(4, LOOP_CLR_FD) = 0 [pid 6454] close(4) = 0 [pid 6454] exit_group(0) = ? [pid 6454] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6454, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1426", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1426", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1426/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1426/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1426/binderfs") = 0 umount2("./1426/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1426/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1426/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1426/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1426/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1426/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1426") = 0 mkdir("./1427", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6455 attached , child_tidptr=0x5555568435d0) = 6455 [pid 6455] chdir("./1427") = 0 [pid 6455] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6455] setpgid(0, 0) = 0 [pid 6455] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6455] write(3, "1000", 4) = 4 [pid 6455] close(3) = 0 [pid 6455] symlink("/dev/binderfs", "./binderfs") = 0 [ 162.997719][ T6454] loop0: detected capacity change from 0 to 4096 [ 163.006397][ T6454] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6455] memfd_create("syzkaller", 0) = 3 [pid 6455] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6455] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6455] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6455] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6455] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6455] close(3) = 0 [pid 6455] mkdir("./file0", 0777) = 0 [pid 6455] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6455] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6455] chdir("./file0") = 0 [pid 6455] ioctl(4, LOOP_CLR_FD) = 0 [pid 6455] close(4) = 0 [pid 6455] exit_group(0) = ? [pid 6455] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6455, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1427", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1427", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1427/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1427/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1427/binderfs") = 0 umount2("./1427/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1427/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1427/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1427/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1427/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1427/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1427") = 0 mkdir("./1428", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6456 ./strace-static-x86_64: Process 6456 attached [pid 6456] chdir("./1428") = 0 [pid 6456] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6456] setpgid(0, 0) = 0 [pid 6456] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6456] write(3, "1000", 4) = 4 [pid 6456] close(3) = 0 [pid 6456] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6456] memfd_create("syzkaller", 0) = 3 [ 163.087760][ T6455] loop0: detected capacity change from 0 to 4096 [ 163.096840][ T6455] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6456] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6456] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6456] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6456] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6456] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6456] close(3) = 0 [pid 6456] mkdir("./file0", 0777) = 0 [pid 6456] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6456] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6456] chdir("./file0") = 0 [pid 6456] ioctl(4, LOOP_CLR_FD) = 0 [pid 6456] close(4) = 0 [pid 6456] exit_group(0) = ? [pid 6456] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6456, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1428", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1428", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1428/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1428/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1428/binderfs") = 0 umount2("./1428/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1428/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1428/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1428/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1428/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1428/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 [ 163.168637][ T6456] loop0: detected capacity change from 0 to 4096 [ 163.177261][ T6456] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 rmdir("./1428") = 0 mkdir("./1429", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6457 ./strace-static-x86_64: Process 6457 attached [pid 6457] chdir("./1429") = 0 [pid 6457] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6457] setpgid(0, 0) = 0 [pid 6457] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6457] write(3, "1000", 4) = 4 [pid 6457] close(3) = 0 [pid 6457] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6457] memfd_create("syzkaller", 0) = 3 [pid 6457] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6457] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6457] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6457] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6457] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6457] close(3) = 0 [pid 6457] mkdir("./file0", 0777) = 0 [pid 6457] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6457] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6457] chdir("./file0") = 0 [pid 6457] ioctl(4, LOOP_CLR_FD) = 0 [pid 6457] close(4) = 0 [pid 6457] exit_group(0) = ? [pid 6457] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6457, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1429", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1429", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1429/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1429/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1429/binderfs") = 0 umount2("./1429/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1429/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1429/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1429/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1429/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1429/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1429") = 0 mkdir("./1430", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6458 attached , child_tidptr=0x5555568435d0) = 6458 [pid 6458] chdir("./1430") = 0 [pid 6458] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6458] setpgid(0, 0) = 0 [pid 6458] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6458] write(3, "1000", 4) = 4 [pid 6458] close(3) = 0 [pid 6458] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6458] memfd_create("syzkaller", 0) = 3 [pid 6458] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 163.263029][ T6457] loop0: detected capacity change from 0 to 4096 [ 163.271645][ T6457] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6458] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6458] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6458] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6458] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6458] close(3) = 0 [pid 6458] mkdir("./file0", 0777) = 0 [pid 6458] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6458] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6458] chdir("./file0") = 0 [pid 6458] ioctl(4, LOOP_CLR_FD) = 0 [pid 6458] close(4) = 0 [pid 6458] exit_group(0) = ? [pid 6458] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6458, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1430", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1430", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1430/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1430/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1430/binderfs") = 0 umount2("./1430/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1430/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1430/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1430/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1430/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1430/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1430") = 0 mkdir("./1431", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6459 ./strace-static-x86_64: Process 6459 attached [pid 6459] chdir("./1431") = 0 [pid 6459] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6459] setpgid(0, 0) = 0 [pid 6459] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6459] write(3, "1000", 4) = 4 [pid 6459] close(3) = 0 [pid 6459] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6459] memfd_create("syzkaller", 0) = 3 [pid 6459] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 163.345647][ T6458] loop0: detected capacity change from 0 to 4096 [ 163.354932][ T6458] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6459] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6459] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6459] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6459] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6459] close(3) = 0 [pid 6459] mkdir("./file0", 0777) = 0 [pid 6459] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6459] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6459] chdir("./file0") = 0 [pid 6459] ioctl(4, LOOP_CLR_FD) = 0 [pid 6459] close(4) = 0 [pid 6459] exit_group(0) = ? [pid 6459] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6459, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1431", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1431", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1431/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1431/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1431/binderfs") = 0 umount2("./1431/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1431/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1431/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1431/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1431/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1431/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1431") = 0 [ 163.421326][ T6459] loop0: detected capacity change from 0 to 4096 [ 163.429864][ T6459] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./1432", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6460 ./strace-static-x86_64: Process 6460 attached [pid 6460] chdir("./1432") = 0 [pid 6460] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6460] setpgid(0, 0) = 0 [pid 6460] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6460] write(3, "1000", 4) = 4 [pid 6460] close(3) = 0 [pid 6460] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6460] memfd_create("syzkaller", 0) = 3 [pid 6460] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6460] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6460] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6460] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6460] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6460] close(3) = 0 [pid 6460] mkdir("./file0", 0777) = 0 [pid 6460] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6460] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6460] chdir("./file0") = 0 [pid 6460] ioctl(4, LOOP_CLR_FD) = 0 [pid 6460] close(4) = 0 [pid 6460] exit_group(0) = ? [pid 6460] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6460, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1432", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1432", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1432/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1432/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1432/binderfs") = 0 umount2("./1432/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1432/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1432/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1432/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1432/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1432/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1432") = 0 mkdir("./1433", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6461 ./strace-static-x86_64: Process 6461 attached [pid 6461] chdir("./1433") = 0 [pid 6461] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6461] setpgid(0, 0) = 0 [pid 6461] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6461] write(3, "1000", 4) = 4 [pid 6461] close(3) = 0 [pid 6461] symlink("/dev/binderfs", "./binderfs") = 0 [ 163.517004][ T6460] loop0: detected capacity change from 0 to 4096 [ 163.525337][ T6460] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6461] memfd_create("syzkaller", 0) = 3 [pid 6461] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6461] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6461] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6461] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6461] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6461] close(3) = 0 [pid 6461] mkdir("./file0", 0777) = 0 [pid 6461] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6461] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6461] chdir("./file0") = 0 [pid 6461] ioctl(4, LOOP_CLR_FD) = 0 [pid 6461] close(4) = 0 [pid 6461] exit_group(0) = ? [pid 6461] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6461, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1433", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1433", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1433/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1433/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1433/binderfs") = 0 umount2("./1433/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1433/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1433/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1433/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1433/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1433/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1433") = 0 mkdir("./1434", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6462 ./strace-static-x86_64: Process 6462 attached [pid 6462] chdir("./1434") = 0 [pid 6462] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6462] setpgid(0, 0) = 0 [pid 6462] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6462] write(3, "1000", 4) = 4 [pid 6462] close(3) = 0 [pid 6462] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6462] memfd_create("syzkaller", 0) = 3 [pid 6462] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 163.598704][ T6461] loop0: detected capacity change from 0 to 4096 [ 163.606956][ T6461] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6462] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6462] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6462] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6462] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6462] close(3) = 0 [pid 6462] mkdir("./file0", 0777) = 0 [pid 6462] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6462] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6462] chdir("./file0") = 0 [pid 6462] ioctl(4, LOOP_CLR_FD) = 0 [pid 6462] close(4) = 0 [pid 6462] exit_group(0) = ? [pid 6462] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6462, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1434", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1434", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1434/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1434/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1434/binderfs") = 0 umount2("./1434/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1434/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1434/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1434/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1434/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1434/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1434") = 0 mkdir("./1435", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6463 ./strace-static-x86_64: Process 6463 attached [pid 6463] chdir("./1435") = 0 [pid 6463] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6463] setpgid(0, 0) = 0 [pid 6463] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6463] write(3, "1000", 4) = 4 [pid 6463] close(3) = 0 [pid 6463] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6463] memfd_create("syzkaller", 0) = 3 [pid 6463] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 163.682554][ T6462] loop0: detected capacity change from 0 to 4096 [ 163.690998][ T6462] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6463] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6463] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6463] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6463] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6463] close(3) = 0 [pid 6463] mkdir("./file0", 0777) = 0 [pid 6463] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6463] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6463] chdir("./file0") = 0 [pid 6463] ioctl(4, LOOP_CLR_FD) = 0 [pid 6463] close(4) = 0 [pid 6463] exit_group(0) = ? [pid 6463] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6463, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1435", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1435", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1435/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1435/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1435/binderfs") = 0 umount2("./1435/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1435/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1435/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1435/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1435/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1435/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1435") = 0 mkdir("./1436", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6464 ./strace-static-x86_64: Process 6464 attached [pid 6464] chdir("./1436") = 0 [pid 6464] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6464] setpgid(0, 0) = 0 [pid 6464] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6464] write(3, "1000", 4) = 4 [pid 6464] close(3) = 0 [pid 6464] symlink("/dev/binderfs", "./binderfs") = 0 [ 163.776315][ T6463] loop0: detected capacity change from 0 to 4096 [ 163.785169][ T6463] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6464] memfd_create("syzkaller", 0) = 3 [pid 6464] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6464] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6464] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6464] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6464] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6464] close(3) = 0 [pid 6464] mkdir("./file0", 0777) = 0 [pid 6464] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6464] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6464] chdir("./file0") = 0 [pid 6464] ioctl(4, LOOP_CLR_FD) = 0 [pid 6464] close(4) = 0 [pid 6464] exit_group(0) = ? [pid 6464] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6464, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- umount2("./1436", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1436", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1436/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1436/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1436/binderfs") = 0 umount2("./1436/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1436/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1436/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1436/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1436/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1436/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1436") = 0 mkdir("./1437", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6465 ./strace-static-x86_64: Process 6465 attached [ 163.860990][ T6464] loop0: detected capacity change from 0 to 4096 [ 163.870015][ T6464] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6465] chdir("./1437") = 0 [pid 6465] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6465] setpgid(0, 0) = 0 [pid 6465] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6465] write(3, "1000", 4) = 4 [pid 6465] close(3) = 0 [pid 6465] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6465] memfd_create("syzkaller", 0) = 3 [pid 6465] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6465] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6465] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6465] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6465] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6465] close(3) = 0 [pid 6465] mkdir("./file0", 0777) = 0 [pid 6465] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6465] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6465] chdir("./file0") = 0 [pid 6465] ioctl(4, LOOP_CLR_FD) = 0 [pid 6465] close(4) = 0 [pid 6465] exit_group(0) = ? [pid 6465] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6465, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1437", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1437", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1437/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1437/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1437/binderfs") = 0 umount2("./1437/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1437/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1437/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1437/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1437/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1437/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1437") = 0 mkdir("./1438", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6466 ./strace-static-x86_64: Process 6466 attached [pid 6466] chdir("./1438") = 0 [pid 6466] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6466] setpgid(0, 0) = 0 [pid 6466] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6466] write(3, "1000", 4) = 4 [pid 6466] close(3) = 0 [pid 6466] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6466] memfd_create("syzkaller", 0) = 3 [pid 6466] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 163.950518][ T6465] loop0: detected capacity change from 0 to 4096 [ 163.958647][ T6465] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6466] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6466] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6466] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6466] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6466] close(3) = 0 [pid 6466] mkdir("./file0", 0777) = 0 [pid 6466] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6466] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6466] chdir("./file0") = 0 [pid 6466] ioctl(4, LOOP_CLR_FD) = 0 [pid 6466] close(4) = 0 [pid 6466] exit_group(0) = ? [pid 6466] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6466, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1438", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1438", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1438/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1438/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1438/binderfs") = 0 umount2("./1438/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1438/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1438/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1438/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1438/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1438/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1438") = 0 mkdir("./1439", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6467 ./strace-static-x86_64: Process 6467 attached [pid 6467] chdir("./1439") = 0 [pid 6467] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6467] setpgid(0, 0) = 0 [pid 6467] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6467] write(3, "1000", 4) = 4 [pid 6467] close(3) = 0 [pid 6467] symlink("/dev/binderfs", "./binderfs") = 0 [ 164.023614][ T6466] loop0: detected capacity change from 0 to 4096 [ 164.032485][ T6466] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6467] memfd_create("syzkaller", 0) = 3 [pid 6467] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6467] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6467] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6467] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6467] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6467] close(3) = 0 [pid 6467] mkdir("./file0", 0777) = 0 [pid 6467] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6467] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6467] chdir("./file0") = 0 [pid 6467] ioctl(4, LOOP_CLR_FD) = 0 [pid 6467] close(4) = 0 [pid 6467] exit_group(0) = ? [pid 6467] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6467, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1439", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1439", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1439/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1439/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1439/binderfs") = 0 umount2("./1439/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1439/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1439/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1439/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1439/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1439/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1439") = 0 mkdir("./1440", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6468 ./strace-static-x86_64: Process 6468 attached [pid 6468] chdir("./1440") = 0 [pid 6468] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6468] setpgid(0, 0) = 0 [pid 6468] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6468] write(3, "1000", 4) = 4 [pid 6468] close(3) = 0 [pid 6468] symlink("/dev/binderfs", "./binderfs") = 0 [ 164.104129][ T6467] loop0: detected capacity change from 0 to 4096 [ 164.112560][ T6467] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6468] memfd_create("syzkaller", 0) = 3 [pid 6468] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6468] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6468] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6468] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6468] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6468] close(3) = 0 [pid 6468] mkdir("./file0", 0777) = 0 [pid 6468] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6468] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6468] chdir("./file0") = 0 [pid 6468] ioctl(4, LOOP_CLR_FD) = 0 [pid 6468] close(4) = 0 [pid 6468] exit_group(0) = ? [pid 6468] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6468, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1440", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1440", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1440/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1440/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1440/binderfs") = 0 umount2("./1440/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1440/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1440/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1440/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1440/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1440/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1440") = 0 mkdir("./1441", 0777) = 0 [ 164.189265][ T6468] loop0: detected capacity change from 0 to 4096 [ 164.197550][ T6468] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6469 ./strace-static-x86_64: Process 6469 attached [pid 6469] chdir("./1441") = 0 [pid 6469] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6469] setpgid(0, 0) = 0 [pid 6469] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6469] write(3, "1000", 4) = 4 [pid 6469] close(3) = 0 [pid 6469] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6469] memfd_create("syzkaller", 0) = 3 [pid 6469] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6469] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6469] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6469] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6469] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6469] close(3) = 0 [pid 6469] mkdir("./file0", 0777) = 0 [pid 6469] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6469] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6469] chdir("./file0") = 0 [pid 6469] ioctl(4, LOOP_CLR_FD) = 0 [pid 6469] close(4) = 0 [pid 6469] exit_group(0) = ? [pid 6469] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6469, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1441", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1441", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1441/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1441/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1441/binderfs") = 0 umount2("./1441/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1441/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1441/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1441/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1441/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1441/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1441") = 0 mkdir("./1442", 0777) = 0 [ 164.279652][ T6469] loop0: detected capacity change from 0 to 4096 [ 164.288721][ T6469] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6470 ./strace-static-x86_64: Process 6470 attached [pid 6470] chdir("./1442") = 0 [pid 6470] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6470] setpgid(0, 0) = 0 [pid 6470] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6470] write(3, "1000", 4) = 4 [pid 6470] close(3) = 0 [pid 6470] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6470] memfd_create("syzkaller", 0) = 3 [pid 6470] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6470] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6470] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6470] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6470] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6470] close(3) = 0 [pid 6470] mkdir("./file0", 0777) = 0 [pid 6470] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6470] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6470] chdir("./file0") = 0 [pid 6470] ioctl(4, LOOP_CLR_FD) = 0 [pid 6470] close(4) = 0 [pid 6470] exit_group(0) = ? [pid 6470] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6470, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1442", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1442", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1442/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1442/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1442/binderfs") = 0 umount2("./1442/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1442/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1442/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1442/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1442/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1442/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1442") = 0 mkdir("./1443", 0777) = 0 [ 164.372811][ T6470] loop0: detected capacity change from 0 to 4096 [ 164.382728][ T6470] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6471 ./strace-static-x86_64: Process 6471 attached [pid 6471] chdir("./1443") = 0 [pid 6471] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6471] setpgid(0, 0) = 0 [pid 6471] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6471] write(3, "1000", 4) = 4 [pid 6471] close(3) = 0 [pid 6471] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6471] memfd_create("syzkaller", 0) = 3 [pid 6471] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6471] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6471] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6471] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6471] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6471] close(3) = 0 [pid 6471] mkdir("./file0", 0777) = 0 [pid 6471] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6471] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6471] chdir("./file0") = 0 [pid 6471] ioctl(4, LOOP_CLR_FD) = 0 [pid 6471] close(4) = 0 [pid 6471] exit_group(0) = ? [pid 6471] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6471, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1443", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1443", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1443/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1443/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1443/binderfs") = 0 umount2("./1443/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1443/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1443/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1443/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1443/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1443/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1443") = 0 mkdir("./1444", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6472 ./strace-static-x86_64: Process 6472 attached [pid 6472] chdir("./1444") = 0 [pid 6472] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6472] setpgid(0, 0) = 0 [pid 6472] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6472] write(3, "1000", 4) = 4 [pid 6472] close(3) = 0 [pid 6472] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6472] memfd_create("syzkaller", 0) = 3 [pid 6472] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 164.462775][ T6471] loop0: detected capacity change from 0 to 4096 [ 164.471286][ T6471] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6472] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6472] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6472] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6472] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6472] close(3) = 0 [pid 6472] mkdir("./file0", 0777) = 0 [pid 6472] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6472] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6472] chdir("./file0") = 0 [pid 6472] ioctl(4, LOOP_CLR_FD) = 0 [pid 6472] close(4) = 0 [pid 6472] exit_group(0) = ? [pid 6472] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6472, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1444", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1444", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1444/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1444/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1444/binderfs") = 0 umount2("./1444/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1444/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1444/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1444/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1444/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1444/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1444") = 0 mkdir("./1445", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 164.551247][ T6472] loop0: detected capacity change from 0 to 4096 [ 164.560731][ T6472] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6473 ./strace-static-x86_64: Process 6473 attached [pid 6473] chdir("./1445") = 0 [pid 6473] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6473] setpgid(0, 0) = 0 [pid 6473] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6473] write(3, "1000", 4) = 4 [pid 6473] close(3) = 0 [pid 6473] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6473] memfd_create("syzkaller", 0) = 3 [pid 6473] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6473] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6473] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6473] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6473] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6473] close(3) = 0 [pid 6473] mkdir("./file0", 0777) = 0 [pid 6473] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6473] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6473] chdir("./file0") = 0 [pid 6473] ioctl(4, LOOP_CLR_FD) = 0 [pid 6473] close(4) = 0 [pid 6473] exit_group(0) = ? [pid 6473] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6473, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1445", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1445", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1445/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1445/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1445/binderfs") = 0 umount2("./1445/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1445/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1445/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1445/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1445/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1445/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1445") = 0 mkdir("./1446", 0777) = 0 [ 164.642456][ T6473] loop0: detected capacity change from 0 to 4096 [ 164.651196][ T6473] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6474 ./strace-static-x86_64: Process 6474 attached [pid 6474] chdir("./1446") = 0 [pid 6474] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6474] setpgid(0, 0) = 0 [pid 6474] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6474] write(3, "1000", 4) = 4 [pid 6474] close(3) = 0 [pid 6474] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6474] memfd_create("syzkaller", 0) = 3 [pid 6474] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6474] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6474] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6474] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6474] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6474] close(3) = 0 [pid 6474] mkdir("./file0", 0777) = 0 [pid 6474] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6474] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6474] chdir("./file0") = 0 [pid 6474] ioctl(4, LOOP_CLR_FD) = 0 [pid 6474] close(4) = 0 [pid 6474] exit_group(0) = ? [pid 6474] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6474, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1446", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1446", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1446/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1446/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1446/binderfs") = 0 umount2("./1446/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1446/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1446/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1446/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1446/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1446/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1446") = 0 mkdir("./1447", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6475 ./strace-static-x86_64: Process 6475 attached [pid 6475] chdir("./1447") = 0 [pid 6475] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6475] setpgid(0, 0) = 0 [pid 6475] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6475] write(3, "1000", 4) = 4 [pid 6475] close(3) = 0 [pid 6475] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6475] memfd_create("syzkaller", 0) = 3 [pid 6475] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 164.734669][ T6474] loop0: detected capacity change from 0 to 4096 [ 164.743865][ T6474] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6475] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6475] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6475] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6475] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6475] close(3) = 0 [pid 6475] mkdir("./file0", 0777) = 0 [pid 6475] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6475] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6475] chdir("./file0") = 0 [pid 6475] ioctl(4, LOOP_CLR_FD) = 0 [pid 6475] close(4) = 0 [pid 6475] exit_group(0) = ? [pid 6475] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6475, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1447", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1447", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1447/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1447/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1447/binderfs") = 0 umount2("./1447/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1447/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1447/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1447/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1447/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1447/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1447") = 0 mkdir("./1448", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 164.811821][ T6475] loop0: detected capacity change from 0 to 4096 [ 164.820713][ T6475] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6476 ./strace-static-x86_64: Process 6476 attached [pid 6476] chdir("./1448") = 0 [pid 6476] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6476] setpgid(0, 0) = 0 [pid 6476] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6476] write(3, "1000", 4) = 4 [pid 6476] close(3) = 0 [pid 6476] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6476] memfd_create("syzkaller", 0) = 3 [pid 6476] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6476] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6476] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6476] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6476] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6476] close(3) = 0 [pid 6476] mkdir("./file0", 0777) = 0 [pid 6476] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6476] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6476] chdir("./file0") = 0 [pid 6476] ioctl(4, LOOP_CLR_FD) = 0 [pid 6476] close(4) = 0 [pid 6476] exit_group(0) = ? [pid 6476] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6476, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1448", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1448", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1448/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1448/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1448/binderfs") = 0 umount2("./1448/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1448/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1448/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1448/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1448/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1448/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1448") = 0 mkdir("./1449", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6477 ./strace-static-x86_64: Process 6477 attached [pid 6477] chdir("./1449") = 0 [pid 6477] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6477] setpgid(0, 0) = 0 [pid 6477] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6477] write(3, "1000", 4) = 4 [pid 6477] close(3) = 0 [pid 6477] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6477] memfd_create("syzkaller", 0) = 3 [pid 6477] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 164.896730][ T6476] loop0: detected capacity change from 0 to 4096 [ 164.905313][ T6476] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6477] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6477] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6477] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6477] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6477] close(3) = 0 [pid 6477] mkdir("./file0", 0777) = 0 [pid 6477] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6477] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6477] chdir("./file0") = 0 [pid 6477] ioctl(4, LOOP_CLR_FD) = 0 [pid 6477] close(4) = 0 [pid 6477] exit_group(0) = ? [pid 6477] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6477, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1449", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1449", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1449/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1449/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1449/binderfs") = 0 umount2("./1449/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1449/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1449/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1449/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1449/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1449/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1449") = 0 mkdir("./1450", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 164.979951][ T6477] loop0: detected capacity change from 0 to 4096 [ 164.988210][ T6477] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6478 ./strace-static-x86_64: Process 6478 attached [pid 6478] chdir("./1450") = 0 [pid 6478] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6478] setpgid(0, 0) = 0 [pid 6478] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6478] write(3, "1000", 4) = 4 [pid 6478] close(3) = 0 [pid 6478] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6478] memfd_create("syzkaller", 0) = 3 [pid 6478] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6478] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6478] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6478] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6478] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6478] close(3) = 0 [pid 6478] mkdir("./file0", 0777) = 0 [pid 6478] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6478] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6478] chdir("./file0") = 0 [pid 6478] ioctl(4, LOOP_CLR_FD) = 0 [pid 6478] close(4) = 0 [pid 6478] exit_group(0) = ? [pid 6478] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6478, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1450", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1450", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1450/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1450/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1450/binderfs") = 0 umount2("./1450/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1450/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1450/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1450/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1450/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1450/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1450") = 0 mkdir("./1451", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6479 ./strace-static-x86_64: Process 6479 attached [pid 6479] chdir("./1451") = 0 [pid 6479] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6479] setpgid(0, 0) = 0 [pid 6479] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6479] write(3, "1000", 4) = 4 [pid 6479] close(3) = 0 [pid 6479] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6479] memfd_create("syzkaller", 0) = 3 [ 165.066752][ T6478] loop0: detected capacity change from 0 to 4096 [ 165.074859][ T6478] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6479] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6479] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6479] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6479] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6479] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6479] close(3) = 0 [pid 6479] mkdir("./file0", 0777) = 0 [pid 6479] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6479] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6479] chdir("./file0") = 0 [pid 6479] ioctl(4, LOOP_CLR_FD) = 0 [pid 6479] close(4) = 0 [pid 6479] exit_group(0) = ? [pid 6479] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6479, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1451", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1451", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1451/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1451/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1451/binderfs") = 0 umount2("./1451/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1451/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1451/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1451/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1451/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1451/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1451") = 0 mkdir("./1452", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6480 ./strace-static-x86_64: Process 6480 attached [pid 6480] chdir("./1452") = 0 [ 165.151110][ T6479] loop0: detected capacity change from 0 to 4096 [ 165.159525][ T6479] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6480] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6480] setpgid(0, 0) = 0 [pid 6480] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6480] write(3, "1000", 4) = 4 [pid 6480] close(3) = 0 [pid 6480] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6480] memfd_create("syzkaller", 0) = 3 [pid 6480] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6480] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6480] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6480] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6480] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6480] close(3) = 0 [pid 6480] mkdir("./file0", 0777) = 0 [pid 6480] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6480] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6480] chdir("./file0") = 0 [pid 6480] ioctl(4, LOOP_CLR_FD) = 0 [pid 6480] close(4) = 0 [pid 6480] exit_group(0) = ? [pid 6480] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6480, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1452", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1452", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1452/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1452/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1452/binderfs") = 0 umount2("./1452/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1452/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1452/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1452/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1452/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1452/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1452") = 0 mkdir("./1453", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6481 ./strace-static-x86_64: Process 6481 attached [pid 6481] chdir("./1453") = 0 [pid 6481] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6481] setpgid(0, 0) = 0 [pid 6481] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6481] write(3, "1000", 4) = 4 [pid 6481] close(3) = 0 [pid 6481] symlink("/dev/binderfs", "./binderfs") = 0 [ 165.240067][ T6480] loop0: detected capacity change from 0 to 4096 [ 165.248837][ T6480] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6481] memfd_create("syzkaller", 0) = 3 [pid 6481] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6481] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6481] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6481] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6481] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6481] close(3) = 0 [pid 6481] mkdir("./file0", 0777) = 0 [pid 6481] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6481] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6481] chdir("./file0") = 0 [pid 6481] ioctl(4, LOOP_CLR_FD) = 0 [pid 6481] close(4) = 0 [pid 6481] exit_group(0) = ? [pid 6481] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6481, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1453", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1453", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1453/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1453/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1453/binderfs") = 0 umount2("./1453/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1453/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1453/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1453/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1453/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1453/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1453") = 0 mkdir("./1454", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6482 ./strace-static-x86_64: Process 6482 attached [pid 6482] chdir("./1454") = 0 [pid 6482] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6482] setpgid(0, 0) = 0 [pid 6482] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6482] write(3, "1000", 4) = 4 [pid 6482] close(3) = 0 [ 165.324348][ T6481] loop0: detected capacity change from 0 to 4096 [ 165.332749][ T6481] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6482] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6482] memfd_create("syzkaller", 0) = 3 [pid 6482] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6482] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6482] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6482] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6482] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6482] close(3) = 0 [pid 6482] mkdir("./file0", 0777) = 0 [pid 6482] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6482] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6482] chdir("./file0") = 0 [pid 6482] ioctl(4, LOOP_CLR_FD) = 0 [pid 6482] close(4) = 0 [pid 6482] exit_group(0) = ? [pid 6482] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6482, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1454", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1454", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1454/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1454/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1454/binderfs") = 0 umount2("./1454/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1454/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1454/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1454/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1454/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1454/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1454") = 0 mkdir("./1455", 0777) = 0 [ 165.409381][ T6482] loop0: detected capacity change from 0 to 4096 [ 165.418360][ T6482] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6483 ./strace-static-x86_64: Process 6483 attached [pid 6483] chdir("./1455") = 0 [pid 6483] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6483] setpgid(0, 0) = 0 [pid 6483] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6483] write(3, "1000", 4) = 4 [pid 6483] close(3) = 0 [pid 6483] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6483] memfd_create("syzkaller", 0) = 3 [pid 6483] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6483] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6483] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6483] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6483] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6483] close(3) = 0 [pid 6483] mkdir("./file0", 0777) = 0 [pid 6483] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6483] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6483] chdir("./file0") = 0 [pid 6483] ioctl(4, LOOP_CLR_FD) = 0 [pid 6483] close(4) = 0 [pid 6483] exit_group(0) = ? [pid 6483] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6483, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1455", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1455", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1455/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1455/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1455/binderfs") = 0 umount2("./1455/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1455/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1455/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1455/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1455/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1455/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1455") = 0 mkdir("./1456", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6484 ./strace-static-x86_64: Process 6484 attached [pid 6484] chdir("./1456") = 0 [pid 6484] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6484] setpgid(0, 0) = 0 [pid 6484] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6484] write(3, "1000", 4) = 4 [pid 6484] close(3) = 0 [pid 6484] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6484] memfd_create("syzkaller", 0) = 3 [pid 6484] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 165.498567][ T6483] loop0: detected capacity change from 0 to 4096 [ 165.507309][ T6483] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6484] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6484] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6484] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6484] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6484] close(3) = 0 [pid 6484] mkdir("./file0", 0777) = 0 [pid 6484] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6484] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6484] chdir("./file0") = 0 [pid 6484] ioctl(4, LOOP_CLR_FD) = 0 [pid 6484] close(4) = 0 [pid 6484] exit_group(0) = ? [pid 6484] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6484, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1456", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1456", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1456/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1456/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1456/binderfs") = 0 umount2("./1456/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1456/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1456/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1456/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1456/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1456/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1456") = 0 mkdir("./1457", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6485 ./strace-static-x86_64: Process 6485 attached [pid 6485] chdir("./1457") = 0 [pid 6485] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6485] setpgid(0, 0) = 0 [pid 6485] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6485] write(3, "1000", 4) = 4 [pid 6485] close(3) = 0 [pid 6485] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6485] memfd_create("syzkaller", 0) = 3 [pid 6485] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 165.573603][ T6484] loop0: detected capacity change from 0 to 4096 [ 165.582583][ T6484] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6485] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6485] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6485] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6485] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6485] close(3) = 0 [pid 6485] mkdir("./file0", 0777) = 0 [pid 6485] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6485] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6485] chdir("./file0") = 0 [pid 6485] ioctl(4, LOOP_CLR_FD) = 0 [pid 6485] close(4) = 0 [pid 6485] exit_group(0) = ? [pid 6485] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6485, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1457", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1457", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1457/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1457/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1457/binderfs") = 0 umount2("./1457/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1457/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1457/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1457/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1457/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1457/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1457") = 0 mkdir("./1458", 0777) = 0 [ 165.651698][ T6485] loop0: detected capacity change from 0 to 4096 [ 165.660544][ T6485] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6486 ./strace-static-x86_64: Process 6486 attached [pid 6486] chdir("./1458") = 0 [pid 6486] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6486] setpgid(0, 0) = 0 [pid 6486] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6486] write(3, "1000", 4) = 4 [pid 6486] close(3) = 0 [pid 6486] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6486] memfd_create("syzkaller", 0) = 3 [pid 6486] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6486] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6486] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6486] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6486] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6486] close(3) = 0 [pid 6486] mkdir("./file0", 0777) = 0 [pid 6486] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6486] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6486] chdir("./file0") = 0 [pid 6486] ioctl(4, LOOP_CLR_FD) = 0 [pid 6486] close(4) = 0 [pid 6486] exit_group(0) = ? [pid 6486] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6486, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1458", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1458", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1458/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1458/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1458/binderfs") = 0 umount2("./1458/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1458/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1458/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1458/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1458/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1458/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1458") = 0 mkdir("./1459", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6487 attached , child_tidptr=0x5555568435d0) = 6487 [pid 6487] chdir("./1459") = 0 [pid 6487] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6487] setpgid(0, 0) = 0 [pid 6487] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6487] write(3, "1000", 4) = 4 [pid 6487] close(3) = 0 [pid 6487] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6487] memfd_create("syzkaller", 0) = 3 [ 165.741724][ T6486] loop0: detected capacity change from 0 to 4096 [ 165.750392][ T6486] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6487] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6487] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6487] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6487] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6487] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6487] close(3) = 0 [pid 6487] mkdir("./file0", 0777) = 0 [pid 6487] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6487] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6487] chdir("./file0") = 0 [pid 6487] ioctl(4, LOOP_CLR_FD) = 0 [pid 6487] close(4) = 0 [pid 6487] exit_group(0) = ? [pid 6487] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6487, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1459", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1459", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1459/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1459/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1459/binderfs") = 0 umount2("./1459/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1459/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1459/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1459/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1459/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1459/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1459") = 0 mkdir("./1460", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 165.827410][ T6487] loop0: detected capacity change from 0 to 4096 [ 165.835842][ T6487] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6488 ./strace-static-x86_64: Process 6488 attached [pid 6488] chdir("./1460") = 0 [pid 6488] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6488] setpgid(0, 0) = 0 [pid 6488] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6488] write(3, "1000", 4) = 4 [pid 6488] close(3) = 0 [pid 6488] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6488] memfd_create("syzkaller", 0) = 3 [pid 6488] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6488] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6488] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6488] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6488] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6488] close(3) = 0 [pid 6488] mkdir("./file0", 0777) = 0 [pid 6488] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6488] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6488] chdir("./file0") = 0 [pid 6488] ioctl(4, LOOP_CLR_FD) = 0 [pid 6488] close(4) = 0 [pid 6488] exit_group(0) = ? [pid 6488] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6488, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1460", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1460", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1460/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1460/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1460/binderfs") = 0 umount2("./1460/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1460/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1460/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1460/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1460/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1460/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1460") = 0 mkdir("./1461", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6489 ./strace-static-x86_64: Process 6489 attached [pid 6489] chdir("./1461") = 0 [pid 6489] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6489] setpgid(0, 0) = 0 [pid 6489] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6489] write(3, "1000", 4) = 4 [pid 6489] close(3) = 0 [ 165.913216][ T6488] loop0: detected capacity change from 0 to 4096 [ 165.922202][ T6488] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6489] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6489] memfd_create("syzkaller", 0) = 3 [pid 6489] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6489] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6489] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6489] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6489] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6489] close(3) = 0 [pid 6489] mkdir("./file0", 0777) = 0 [pid 6489] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6489] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6489] chdir("./file0") = 0 [pid 6489] ioctl(4, LOOP_CLR_FD) = 0 [pid 6489] close(4) = 0 [pid 6489] exit_group(0) = ? [pid 6489] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6489, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1461", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1461", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1461/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1461/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1461/binderfs") = 0 umount2("./1461/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1461/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1461/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1461/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1461/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1461/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1461") = 0 mkdir("./1462", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6490 ./strace-static-x86_64: Process 6490 attached [pid 6490] chdir("./1462") = 0 [pid 6490] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6490] setpgid(0, 0) = 0 [pid 6490] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6490] write(3, "1000", 4) = 4 [pid 6490] close(3) = 0 [pid 6490] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6490] memfd_create("syzkaller", 0) = 3 [pid 6490] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 165.994569][ T6489] loop0: detected capacity change from 0 to 4096 [ 166.003078][ T6489] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6490] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6490] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6490] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6490] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6490] close(3) = 0 [pid 6490] mkdir("./file0", 0777) = 0 [pid 6490] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6490] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6490] chdir("./file0") = 0 [pid 6490] ioctl(4, LOOP_CLR_FD) = 0 [pid 6490] close(4) = 0 [pid 6490] exit_group(0) = ? [pid 6490] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6490, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1462", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1462", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1462/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1462/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1462/binderfs") = 0 umount2("./1462/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1462/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1462/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1462/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1462/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1462/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1462") = 0 mkdir("./1463", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6491 ./strace-static-x86_64: Process 6491 attached [pid 6491] chdir("./1463") = 0 [pid 6491] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6491] setpgid(0, 0) = 0 [ 166.078556][ T6490] loop0: detected capacity change from 0 to 4096 [ 166.087699][ T6490] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6491] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6491] write(3, "1000", 4) = 4 [pid 6491] close(3) = 0 [pid 6491] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6491] memfd_create("syzkaller", 0) = 3 [pid 6491] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6491] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6491] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6491] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6491] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6491] close(3) = 0 [pid 6491] mkdir("./file0", 0777) = 0 [pid 6491] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6491] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6491] chdir("./file0") = 0 [pid 6491] ioctl(4, LOOP_CLR_FD) = 0 [pid 6491] close(4) = 0 [pid 6491] exit_group(0) = ? [pid 6491] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6491, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1463", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1463", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1463/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1463/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1463/binderfs") = 0 umount2("./1463/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1463/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1463/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1463/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1463/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1463/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1463") = 0 mkdir("./1464", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 166.161589][ T6491] loop0: detected capacity change from 0 to 4096 [ 166.170187][ T6491] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6492 ./strace-static-x86_64: Process 6492 attached [pid 6492] chdir("./1464") = 0 [pid 6492] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6492] setpgid(0, 0) = 0 [pid 6492] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6492] write(3, "1000", 4) = 4 [pid 6492] close(3) = 0 [pid 6492] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6492] memfd_create("syzkaller", 0) = 3 [pid 6492] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6492] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6492] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6492] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6492] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6492] close(3) = 0 [pid 6492] mkdir("./file0", 0777) = 0 [pid 6492] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6492] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6492] chdir("./file0") = 0 [pid 6492] ioctl(4, LOOP_CLR_FD) = 0 [pid 6492] close(4) = 0 [pid 6492] exit_group(0) = ? [pid 6492] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6492, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1464", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1464", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1464/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1464/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1464/binderfs") = 0 umount2("./1464/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1464/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1464/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1464/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1464/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1464/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1464") = 0 [ 166.253819][ T6492] loop0: detected capacity change from 0 to 4096 [ 166.261867][ T6492] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). mkdir("./1465", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6493 attached , child_tidptr=0x5555568435d0) = 6493 [pid 6493] chdir("./1465") = 0 [pid 6493] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6493] setpgid(0, 0) = 0 [pid 6493] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6493] write(3, "1000", 4) = 4 [pid 6493] close(3) = 0 [pid 6493] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6493] memfd_create("syzkaller", 0) = 3 [pid 6493] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6493] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6493] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6493] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6493] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6493] close(3) = 0 [pid 6493] mkdir("./file0", 0777) = 0 [pid 6493] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6493] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6493] chdir("./file0") = 0 [pid 6493] ioctl(4, LOOP_CLR_FD) = 0 [pid 6493] close(4) = 0 [pid 6493] exit_group(0) = ? [pid 6493] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6493, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1465", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1465", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1465/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1465/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1465/binderfs") = 0 umount2("./1465/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1465/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1465/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1465/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1465/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1465/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1465") = 0 mkdir("./1466", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6494 ./strace-static-x86_64: Process 6494 attached [pid 6494] chdir("./1466") = 0 [pid 6494] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6494] setpgid(0, 0) = 0 [pid 6494] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6494] write(3, "1000", 4) = 4 [pid 6494] close(3) = 0 [pid 6494] symlink("/dev/binderfs", "./binderfs") = 0 [ 166.348276][ T6493] loop0: detected capacity change from 0 to 4096 [ 166.356880][ T6493] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6494] memfd_create("syzkaller", 0) = 3 [pid 6494] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6494] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6494] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6494] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6494] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6494] close(3) = 0 [pid 6494] mkdir("./file0", 0777) = 0 [pid 6494] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6494] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6494] chdir("./file0") = 0 [pid 6494] ioctl(4, LOOP_CLR_FD) = 0 [pid 6494] close(4) = 0 [pid 6494] exit_group(0) = ? [pid 6494] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6494, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1466", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1466", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1466/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1466/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1466/binderfs") = 0 umount2("./1466/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1466/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1466/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1466/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1466/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1466/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1466") = 0 mkdir("./1467", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 166.433621][ T6494] loop0: detected capacity change from 0 to 4096 [ 166.441977][ T6494] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6495 ./strace-static-x86_64: Process 6495 attached [pid 6495] chdir("./1467") = 0 [pid 6495] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6495] setpgid(0, 0) = 0 [pid 6495] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6495] write(3, "1000", 4) = 4 [pid 6495] close(3) = 0 [pid 6495] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6495] memfd_create("syzkaller", 0) = 3 [pid 6495] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6495] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6495] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6495] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6495] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6495] close(3) = 0 [pid 6495] mkdir("./file0", 0777) = 0 [pid 6495] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6495] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6495] chdir("./file0") = 0 [pid 6495] ioctl(4, LOOP_CLR_FD) = 0 [pid 6495] close(4) = 0 [pid 6495] exit_group(0) = ? [pid 6495] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6495, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1467", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1467", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1467/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1467/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1467/binderfs") = 0 umount2("./1467/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1467/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1467/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1467/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1467/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1467/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1467") = 0 mkdir("./1468", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6496 ./strace-static-x86_64: Process 6496 attached [pid 6496] chdir("./1468") = 0 [pid 6496] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6496] setpgid(0, 0) = 0 [pid 6496] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6496] write(3, "1000", 4) = 4 [pid 6496] close(3) = 0 [ 166.521850][ T6495] loop0: detected capacity change from 0 to 4096 [ 166.530718][ T6495] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6496] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6496] memfd_create("syzkaller", 0) = 3 [pid 6496] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6496] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6496] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6496] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6496] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6496] close(3) = 0 [pid 6496] mkdir("./file0", 0777) = 0 [pid 6496] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6496] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6496] chdir("./file0") = 0 [pid 6496] ioctl(4, LOOP_CLR_FD) = 0 [pid 6496] close(4) = 0 [pid 6496] exit_group(0) = ? [pid 6496] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6496, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1468", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1468", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1468/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1468/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1468/binderfs") = 0 umount2("./1468/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1468/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1468/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1468/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1468/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1468/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1468") = 0 mkdir("./1469", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6497 ./strace-static-x86_64: Process 6497 attached [pid 6497] chdir("./1469") = 0 [pid 6497] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 166.608459][ T6496] loop0: detected capacity change from 0 to 4096 [ 166.617148][ T6496] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6497] setpgid(0, 0) = 0 [pid 6497] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6497] write(3, "1000", 4) = 4 [pid 6497] close(3) = 0 [pid 6497] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6497] memfd_create("syzkaller", 0) = 3 [pid 6497] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6497] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6497] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6497] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6497] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6497] close(3) = 0 [pid 6497] mkdir("./file0", 0777) = 0 [pid 6497] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6497] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6497] chdir("./file0") = 0 [pid 6497] ioctl(4, LOOP_CLR_FD) = 0 [pid 6497] close(4) = 0 [pid 6497] exit_group(0) = ? [pid 6497] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6497, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1469", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1469", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1469/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1469/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1469/binderfs") = 0 umount2("./1469/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1469/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1469/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1469/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1469/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1469/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1469") = 0 mkdir("./1470", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6498 ./strace-static-x86_64: Process 6498 attached [pid 6498] chdir("./1470") = 0 [pid 6498] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6498] setpgid(0, 0) = 0 [pid 6498] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6498] write(3, "1000", 4) = 4 [pid 6498] close(3) = 0 [pid 6498] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6498] memfd_create("syzkaller", 0) = 3 [ 166.697576][ T6497] loop0: detected capacity change from 0 to 4096 [ 166.705879][ T6497] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6498] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6498] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6498] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6498] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6498] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6498] close(3) = 0 [pid 6498] mkdir("./file0", 0777) = 0 [pid 6498] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6498] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6498] chdir("./file0") = 0 [pid 6498] ioctl(4, LOOP_CLR_FD) = 0 [pid 6498] close(4) = 0 [pid 6498] exit_group(0) = ? [pid 6498] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6498, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1470", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1470", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1470/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1470/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1470/binderfs") = 0 umount2("./1470/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1470/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1470/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1470/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1470/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1470/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1470") = 0 mkdir("./1471", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 166.777462][ T6498] loop0: detected capacity change from 0 to 4096 [ 166.786245][ T6498] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6499 ./strace-static-x86_64: Process 6499 attached [pid 6499] chdir("./1471") = 0 [pid 6499] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6499] setpgid(0, 0) = 0 [pid 6499] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6499] write(3, "1000", 4) = 4 [pid 6499] close(3) = 0 [pid 6499] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6499] memfd_create("syzkaller", 0) = 3 [pid 6499] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6499] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6499] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6499] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6499] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6499] close(3) = 0 [pid 6499] mkdir("./file0", 0777) = 0 [pid 6499] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6499] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6499] chdir("./file0") = 0 [pid 6499] ioctl(4, LOOP_CLR_FD) = 0 [pid 6499] close(4) = 0 [pid 6499] exit_group(0) = ? [pid 6499] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6499, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1471", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1471", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1471/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1471/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1471/binderfs") = 0 umount2("./1471/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1471/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1471/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1471/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1471/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1471/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1471") = 0 mkdir("./1472", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 166.864213][ T6499] loop0: detected capacity change from 0 to 4096 [ 166.873150][ T6499] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6500 ./strace-static-x86_64: Process 6500 attached [pid 6500] chdir("./1472") = 0 [pid 6500] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6500] setpgid(0, 0) = 0 [pid 6500] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6500] write(3, "1000", 4) = 4 [pid 6500] close(3) = 0 [pid 6500] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6500] memfd_create("syzkaller", 0) = 3 [pid 6500] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6500] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6500] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6500] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6500] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6500] close(3) = 0 [pid 6500] mkdir("./file0", 0777) = 0 [pid 6500] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6500] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6500] chdir("./file0") = 0 [pid 6500] ioctl(4, LOOP_CLR_FD) = 0 [pid 6500] close(4) = 0 [pid 6500] exit_group(0) = ? [pid 6500] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6500, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1472", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1472", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1472/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1472/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1472/binderfs") = 0 umount2("./1472/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1472/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1472/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1472/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1472/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1472/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1472") = 0 mkdir("./1473", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6501 ./strace-static-x86_64: Process 6501 attached [pid 6501] chdir("./1473") = 0 [pid 6501] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6501] setpgid(0, 0) = 0 [pid 6501] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6501] write(3, "1000", 4) = 4 [pid 6501] close(3) = 0 [pid 6501] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6501] memfd_create("syzkaller", 0) = 3 [ 166.946884][ T6500] loop0: detected capacity change from 0 to 4096 [ 166.955356][ T6500] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6501] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6501] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6501] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6501] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6501] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6501] close(3) = 0 [pid 6501] mkdir("./file0", 0777) = 0 [pid 6501] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6501] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6501] chdir("./file0") = 0 [pid 6501] ioctl(4, LOOP_CLR_FD) = 0 [pid 6501] close(4) = 0 [pid 6501] exit_group(0) = ? [pid 6501] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6501, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1473", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1473", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1473/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1473/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1473/binderfs") = 0 umount2("./1473/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1473/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1473/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1473/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1473/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1473/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1473") = 0 mkdir("./1474", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6502 ./strace-static-x86_64: Process 6502 attached [pid 6502] chdir("./1474") = 0 [pid 6502] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6502] setpgid(0, 0) = 0 [pid 6502] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6502] write(3, "1000", 4) = 4 [pid 6502] close(3) = 0 [pid 6502] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6502] memfd_create("syzkaller", 0) = 3 [pid 6502] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 167.030397][ T6501] loop0: detected capacity change from 0 to 4096 [ 167.039292][ T6501] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6502] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6502] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6502] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6502] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6502] close(3) = 0 [pid 6502] mkdir("./file0", 0777) = 0 [pid 6502] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6502] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6502] chdir("./file0") = 0 [pid 6502] ioctl(4, LOOP_CLR_FD) = 0 [pid 6502] close(4) = 0 [pid 6502] exit_group(0) = ? [pid 6502] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6502, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1474", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1474", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1474/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1474/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1474/binderfs") = 0 umount2("./1474/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1474/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1474/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1474/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1474/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1474/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1474") = 0 mkdir("./1475", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6503 ./strace-static-x86_64: Process 6503 attached [ 167.111504][ T6502] loop0: detected capacity change from 0 to 4096 [ 167.120252][ T6502] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6503] chdir("./1475") = 0 [pid 6503] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6503] setpgid(0, 0) = 0 [pid 6503] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6503] write(3, "1000", 4) = 4 [pid 6503] close(3) = 0 [pid 6503] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6503] memfd_create("syzkaller", 0) = 3 [pid 6503] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6503] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6503] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6503] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6503] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6503] close(3) = 0 [pid 6503] mkdir("./file0", 0777) = 0 [pid 6503] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6503] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6503] chdir("./file0") = 0 [pid 6503] ioctl(4, LOOP_CLR_FD) = 0 [pid 6503] close(4) = 0 [pid 6503] exit_group(0) = ? [pid 6503] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6503, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1475", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1475", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1475/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1475/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1475/binderfs") = 0 umount2("./1475/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1475/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1475/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1475/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1475/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1475/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1475") = 0 mkdir("./1476", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6504 ./strace-static-x86_64: Process 6504 attached [pid 6504] chdir("./1476") = 0 [pid 6504] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6504] setpgid(0, 0) = 0 [pid 6504] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6504] write(3, "1000", 4) = 4 [pid 6504] close(3) = 0 [ 167.194701][ T6503] loop0: detected capacity change from 0 to 4096 [ 167.203002][ T6503] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6504] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6504] memfd_create("syzkaller", 0) = 3 [pid 6504] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6504] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6504] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6504] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6504] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6504] close(3) = 0 [pid 6504] mkdir("./file0", 0777) = 0 [pid 6504] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6504] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6504] chdir("./file0") = 0 [pid 6504] ioctl(4, LOOP_CLR_FD) = 0 [pid 6504] close(4) = 0 [pid 6504] exit_group(0) = ? [pid 6504] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6504, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1476", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1476", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1476/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1476/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1476/binderfs") = 0 umount2("./1476/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1476/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1476/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1476/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1476/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1476/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1476") = 0 mkdir("./1477", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6505 ./strace-static-x86_64: Process 6505 attached [pid 6505] chdir("./1477") = 0 [pid 6505] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6505] setpgid(0, 0) = 0 [pid 6505] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 167.276409][ T6504] loop0: detected capacity change from 0 to 4096 [ 167.284781][ T6504] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6505] write(3, "1000", 4) = 4 [pid 6505] close(3) = 0 [pid 6505] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6505] memfd_create("syzkaller", 0) = 3 [pid 6505] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6505] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6505] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6505] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6505] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6505] close(3) = 0 [pid 6505] mkdir("./file0", 0777) = 0 [pid 6505] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6505] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6505] chdir("./file0") = 0 [pid 6505] ioctl(4, LOOP_CLR_FD) = 0 [pid 6505] close(4) = 0 [pid 6505] exit_group(0) = ? [pid 6505] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6505, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1477", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1477", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1477/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1477/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1477/binderfs") = 0 umount2("./1477/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1477/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1477/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1477/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1477/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1477/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1477") = 0 mkdir("./1478", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6506 ./strace-static-x86_64: Process 6506 attached [pid 6506] chdir("./1478") = 0 [pid 6506] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 167.358740][ T6505] loop0: detected capacity change from 0 to 4096 [ 167.367226][ T6505] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6506] setpgid(0, 0) = 0 [pid 6506] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6506] write(3, "1000", 4) = 4 [pid 6506] close(3) = 0 [pid 6506] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6506] memfd_create("syzkaller", 0) = 3 [pid 6506] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6506] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6506] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6506] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6506] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6506] close(3) = 0 [pid 6506] mkdir("./file0", 0777) = 0 [pid 6506] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6506] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6506] chdir("./file0") = 0 [pid 6506] ioctl(4, LOOP_CLR_FD) = 0 [pid 6506] close(4) = 0 [pid 6506] exit_group(0) = ? [pid 6506] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6506, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1478", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1478", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1478/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1478/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1478/binderfs") = 0 umount2("./1478/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1478/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1478/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1478/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1478/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1478/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1478") = 0 mkdir("./1479", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6507 attached , child_tidptr=0x5555568435d0) = 6507 [pid 6507] chdir("./1479") = 0 [pid 6507] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6507] setpgid(0, 0) = 0 [pid 6507] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6507] write(3, "1000", 4) = 4 [pid 6507] close(3) = 0 [pid 6507] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6507] memfd_create("syzkaller", 0) = 3 [pid 6507] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 167.444941][ T6506] loop0: detected capacity change from 0 to 4096 [ 167.454332][ T6506] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6507] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6507] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6507] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6507] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6507] close(3) = 0 [pid 6507] mkdir("./file0", 0777) = 0 [pid 6507] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6507] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6507] chdir("./file0") = 0 [pid 6507] ioctl(4, LOOP_CLR_FD) = 0 [pid 6507] close(4) = 0 [pid 6507] exit_group(0) = ? [pid 6507] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6507, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1479", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1479", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1479/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1479/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1479/binderfs") = 0 umount2("./1479/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1479/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1479/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1479/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1479/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1479/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1479") = 0 mkdir("./1480", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 167.529568][ T6507] loop0: detected capacity change from 0 to 4096 [ 167.538660][ T6507] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6508 ./strace-static-x86_64: Process 6508 attached [pid 6508] chdir("./1480") = 0 [pid 6508] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6508] setpgid(0, 0) = 0 [pid 6508] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6508] write(3, "1000", 4) = 4 [pid 6508] close(3) = 0 [pid 6508] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6508] memfd_create("syzkaller", 0) = 3 [pid 6508] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6508] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6508] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6508] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6508] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6508] close(3) = 0 [pid 6508] mkdir("./file0", 0777) = 0 [pid 6508] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6508] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6508] chdir("./file0") = 0 [pid 6508] ioctl(4, LOOP_CLR_FD) = 0 [pid 6508] close(4) = 0 [pid 6508] exit_group(0) = ? [pid 6508] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6508, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1480", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1480", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1480/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1480/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1480/binderfs") = 0 umount2("./1480/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1480/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1480/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1480/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1480/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1480/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1480") = 0 mkdir("./1481", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6509 attached , child_tidptr=0x5555568435d0) = 6509 [ 167.619354][ T6508] loop0: detected capacity change from 0 to 4096 [ 167.628390][ T6508] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6509] chdir("./1481") = 0 [pid 6509] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6509] setpgid(0, 0) = 0 [pid 6509] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6509] write(3, "1000", 4) = 4 [pid 6509] close(3) = 0 [pid 6509] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6509] memfd_create("syzkaller", 0) = 3 [pid 6509] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6509] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6509] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6509] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6509] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6509] close(3) = 0 [pid 6509] mkdir("./file0", 0777) = 0 [pid 6509] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6509] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6509] chdir("./file0") = 0 [pid 6509] ioctl(4, LOOP_CLR_FD) = 0 [pid 6509] close(4) = 0 [pid 6509] exit_group(0) = ? [pid 6509] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6509, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1481", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1481", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1481/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1481/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1481/binderfs") = 0 umount2("./1481/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1481/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1481/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1481/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1481/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1481/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1481") = 0 mkdir("./1482", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6510 ./strace-static-x86_64: Process 6510 attached [pid 6510] chdir("./1482") = 0 [pid 6510] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6510] setpgid(0, 0) = 0 [pid 6510] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6510] write(3, "1000", 4) = 4 [pid 6510] close(3) = 0 [pid 6510] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6510] memfd_create("syzkaller", 0) = 3 [pid 6510] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 167.702235][ T6509] loop0: detected capacity change from 0 to 4096 [ 167.711440][ T6509] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6510] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6510] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6510] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6510] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6510] close(3) = 0 [pid 6510] mkdir("./file0", 0777) = 0 [pid 6510] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6510] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6510] chdir("./file0") = 0 [pid 6510] ioctl(4, LOOP_CLR_FD) = 0 [pid 6510] close(4) = 0 [pid 6510] exit_group(0) = ? [pid 6510] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6510, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1482", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1482", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1482/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1482/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1482/binderfs") = 0 umount2("./1482/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1482/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1482/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1482/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1482/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1482/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1482") = 0 mkdir("./1483", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6511 ./strace-static-x86_64: Process 6511 attached [pid 6511] chdir("./1483") = 0 [pid 6511] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6511] setpgid(0, 0) = 0 [pid 6511] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6511] write(3, "1000", 4) = 4 [pid 6511] close(3) = 0 [pid 6511] symlink("/dev/binderfs", "./binderfs") = 0 [ 167.784523][ T6510] loop0: detected capacity change from 0 to 4096 [ 167.793521][ T6510] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6511] memfd_create("syzkaller", 0) = 3 [pid 6511] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6511] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6511] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6511] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6511] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6511] close(3) = 0 [pid 6511] mkdir("./file0", 0777) = 0 [pid 6511] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6511] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6511] chdir("./file0") = 0 [pid 6511] ioctl(4, LOOP_CLR_FD) = 0 [pid 6511] close(4) = 0 [pid 6511] exit_group(0) = ? [pid 6511] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6511, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1483", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1483", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1483/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1483/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1483/binderfs") = 0 umount2("./1483/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1483/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1483/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1483/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1483/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1483/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1483") = 0 mkdir("./1484", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6512 ./strace-static-x86_64: Process 6512 attached [pid 6512] chdir("./1484") = 0 [pid 6512] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6512] setpgid(0, 0) = 0 [pid 6512] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6512] write(3, "1000", 4) = 4 [pid 6512] close(3) = 0 [pid 6512] symlink("/dev/binderfs", "./binderfs") = 0 [ 167.866738][ T6511] loop0: detected capacity change from 0 to 4096 [ 167.875068][ T6511] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6512] memfd_create("syzkaller", 0) = 3 [pid 6512] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6512] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6512] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6512] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6512] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6512] close(3) = 0 [pid 6512] mkdir("./file0", 0777) = 0 [pid 6512] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6512] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6512] chdir("./file0") = 0 [pid 6512] ioctl(4, LOOP_CLR_FD) = 0 [pid 6512] close(4) = 0 [pid 6512] exit_group(0) = ? [pid 6512] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6512, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1484", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1484", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1484/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1484/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1484/binderfs") = 0 umount2("./1484/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1484/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1484/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1484/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1484/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1484/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1484") = 0 mkdir("./1485", 0777) = 0 [ 167.947248][ T6512] loop0: detected capacity change from 0 to 4096 [ 167.955773][ T6512] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6513 ./strace-static-x86_64: Process 6513 attached [pid 6513] chdir("./1485") = 0 [pid 6513] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6513] setpgid(0, 0) = 0 [pid 6513] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6513] write(3, "1000", 4) = 4 [pid 6513] close(3) = 0 [pid 6513] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6513] memfd_create("syzkaller", 0) = 3 [pid 6513] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6513] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6513] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6513] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6513] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6513] close(3) = 0 [pid 6513] mkdir("./file0", 0777) = 0 [pid 6513] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6513] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6513] chdir("./file0") = 0 [pid 6513] ioctl(4, LOOP_CLR_FD) = 0 [pid 6513] close(4) = 0 [pid 6513] exit_group(0) = ? [pid 6513] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6513, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1485", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1485", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1485/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1485/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1485/binderfs") = 0 umount2("./1485/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1485/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1485/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1485/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1485/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1485/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1485") = 0 mkdir("./1486", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6514 ./strace-static-x86_64: Process 6514 attached [pid 6514] chdir("./1486") = 0 [pid 6514] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6514] setpgid(0, 0) = 0 [ 168.036996][ T6513] loop0: detected capacity change from 0 to 4096 [ 168.046401][ T6513] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6514] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6514] write(3, "1000", 4) = 4 [pid 6514] close(3) = 0 [pid 6514] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6514] memfd_create("syzkaller", 0) = 3 [pid 6514] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6514] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6514] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6514] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6514] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6514] close(3) = 0 [pid 6514] mkdir("./file0", 0777) = 0 [pid 6514] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6514] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6514] chdir("./file0") = 0 [pid 6514] ioctl(4, LOOP_CLR_FD) = 0 [pid 6514] close(4) = 0 [pid 6514] exit_group(0) = ? [pid 6514] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6514, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1486", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1486", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1486/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1486/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1486/binderfs") = 0 umount2("./1486/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1486/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1486/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1486/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1486/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1486/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1486") = 0 mkdir("./1487", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6515 ./strace-static-x86_64: Process 6515 attached [pid 6515] chdir("./1487") = 0 [pid 6515] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6515] setpgid(0, 0) = 0 [pid 6515] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6515] write(3, "1000", 4) = 4 [pid 6515] close(3) = 0 [pid 6515] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6515] memfd_create("syzkaller", 0) = 3 [pid 6515] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 168.125384][ T6514] loop0: detected capacity change from 0 to 4096 [ 168.133795][ T6514] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6515] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6515] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6515] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6515] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6515] close(3) = 0 [pid 6515] mkdir("./file0", 0777) = 0 [pid 6515] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6515] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6515] chdir("./file0") = 0 [pid 6515] ioctl(4, LOOP_CLR_FD) = 0 [pid 6515] close(4) = 0 [pid 6515] exit_group(0) = ? [pid 6515] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6515, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1487", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1487", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1487/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1487/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1487/binderfs") = 0 umount2("./1487/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1487/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1487/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1487/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1487/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1487/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1487") = 0 mkdir("./1488", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6516 ./strace-static-x86_64: Process 6516 attached [pid 6516] chdir("./1488") = 0 [pid 6516] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6516] setpgid(0, 0) = 0 [pid 6516] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6516] write(3, "1000", 4) = 4 [pid 6516] close(3) = 0 [ 168.207888][ T6515] loop0: detected capacity change from 0 to 4096 [ 168.216630][ T6515] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6516] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6516] memfd_create("syzkaller", 0) = 3 [pid 6516] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6516] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6516] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6516] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6516] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6516] close(3) = 0 [pid 6516] mkdir("./file0", 0777) = 0 [pid 6516] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6516] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6516] chdir("./file0") = 0 [pid 6516] ioctl(4, LOOP_CLR_FD) = 0 [pid 6516] close(4) = 0 [pid 6516] exit_group(0) = ? [pid 6516] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6516, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- umount2("./1488", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1488", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1488/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1488/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1488/binderfs") = 0 umount2("./1488/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1488/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1488/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1488/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1488/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1488/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1488") = 0 mkdir("./1489", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6517 ./strace-static-x86_64: Process 6517 attached [pid 6517] chdir("./1489") = 0 [pid 6517] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6517] setpgid(0, 0) = 0 [pid 6517] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6517] write(3, "1000", 4) = 4 [pid 6517] close(3) = 0 [ 168.297340][ T6516] loop0: detected capacity change from 0 to 4096 [ 168.306330][ T6516] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6517] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6517] memfd_create("syzkaller", 0) = 3 [pid 6517] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6517] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6517] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6517] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6517] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6517] close(3) = 0 [pid 6517] mkdir("./file0", 0777) = 0 [pid 6517] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6517] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6517] chdir("./file0") = 0 [pid 6517] ioctl(4, LOOP_CLR_FD) = 0 [pid 6517] close(4) = 0 [pid 6517] exit_group(0) = ? [pid 6517] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6517, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1489", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1489", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1489/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1489/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1489/binderfs") = 0 umount2("./1489/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1489/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1489/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1489/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1489/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1489/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1489") = 0 mkdir("./1490", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6518 ./strace-static-x86_64: Process 6518 attached [pid 6518] chdir("./1490") = 0 [pid 6518] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6518] setpgid(0, 0) = 0 [pid 6518] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6518] write(3, "1000", 4) = 4 [pid 6518] close(3) = 0 [pid 6518] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6518] memfd_create("syzkaller", 0) = 3 [pid 6518] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 168.379166][ T6517] loop0: detected capacity change from 0 to 4096 [ 168.387733][ T6517] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6518] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6518] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6518] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6518] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6518] close(3) = 0 [pid 6518] mkdir("./file0", 0777) = 0 [pid 6518] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6518] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6518] chdir("./file0") = 0 [pid 6518] ioctl(4, LOOP_CLR_FD) = 0 [pid 6518] close(4) = 0 [pid 6518] exit_group(0) = ? [pid 6518] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6518, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1490", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1490", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1490/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1490/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1490/binderfs") = 0 umount2("./1490/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1490/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1490/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1490/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1490/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1490/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1490") = 0 mkdir("./1491", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6519 ./strace-static-x86_64: Process 6519 attached [ 168.458282][ T6518] loop0: detected capacity change from 0 to 4096 [ 168.467432][ T6518] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6519] chdir("./1491") = 0 [pid 6519] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6519] setpgid(0, 0) = 0 [pid 6519] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6519] write(3, "1000", 4) = 4 [pid 6519] close(3) = 0 [pid 6519] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6519] memfd_create("syzkaller", 0) = 3 [pid 6519] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6519] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6519] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6519] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6519] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6519] close(3) = 0 [pid 6519] mkdir("./file0", 0777) = 0 [pid 6519] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6519] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6519] chdir("./file0") = 0 [pid 6519] ioctl(4, LOOP_CLR_FD) = 0 [pid 6519] close(4) = 0 [pid 6519] exit_group(0) = ? [pid 6519] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6519, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1491", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1491", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1491/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1491/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1491/binderfs") = 0 umount2("./1491/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1491/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1491/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1491/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1491/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1491/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1491") = 0 mkdir("./1492", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6520 ./strace-static-x86_64: Process 6520 attached [pid 6520] chdir("./1492") = 0 [pid 6520] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6520] setpgid(0, 0) = 0 [pid 6520] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6520] write(3, "1000", 4) = 4 [pid 6520] close(3) = 0 [ 168.548279][ T6519] loop0: detected capacity change from 0 to 4096 [ 168.557129][ T6519] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6520] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6520] memfd_create("syzkaller", 0) = 3 [pid 6520] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6520] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6520] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6520] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6520] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6520] close(3) = 0 [pid 6520] mkdir("./file0", 0777) = 0 [pid 6520] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6520] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6520] chdir("./file0") = 0 [pid 6520] ioctl(4, LOOP_CLR_FD) = 0 [pid 6520] close(4) = 0 [pid 6520] exit_group(0) = ? [pid 6520] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6520, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1492", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1492", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1492/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1492/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1492/binderfs") = 0 umount2("./1492/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1492/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1492/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1492/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1492/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1492/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1492") = 0 mkdir("./1493", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6521 attached , child_tidptr=0x5555568435d0) = 6521 [pid 6521] chdir("./1493") = 0 [pid 6521] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 168.631770][ T6520] loop0: detected capacity change from 0 to 4096 [ 168.640539][ T6520] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6521] setpgid(0, 0) = 0 [pid 6521] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6521] write(3, "1000", 4) = 4 [pid 6521] close(3) = 0 [pid 6521] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6521] memfd_create("syzkaller", 0) = 3 [pid 6521] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6521] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6521] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6521] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6521] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6521] close(3) = 0 [pid 6521] mkdir("./file0", 0777) = 0 [pid 6521] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6521] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6521] chdir("./file0") = 0 [pid 6521] ioctl(4, LOOP_CLR_FD) = 0 [pid 6521] close(4) = 0 [pid 6521] exit_group(0) = ? [pid 6521] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6521, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1493", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1493", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1493/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1493/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1493/binderfs") = 0 umount2("./1493/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1493/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1493/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1493/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1493/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1493/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1493") = 0 mkdir("./1494", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6522 ./strace-static-x86_64: Process 6522 attached [pid 6522] chdir("./1494") = 0 [pid 6522] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6522] setpgid(0, 0) = 0 [pid 6522] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6522] write(3, "1000", 4) = 4 [pid 6522] close(3) = 0 [pid 6522] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6522] memfd_create("syzkaller", 0) = 3 [pid 6522] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 168.714057][ T6521] loop0: detected capacity change from 0 to 4096 [ 168.722784][ T6521] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6522] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6522] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6522] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6522] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6522] close(3) = 0 [pid 6522] mkdir("./file0", 0777) = 0 [pid 6522] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6522] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6522] chdir("./file0") = 0 [pid 6522] ioctl(4, LOOP_CLR_FD) = 0 [pid 6522] close(4) = 0 [pid 6522] exit_group(0) = ? [pid 6522] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6522, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- umount2("./1494", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1494", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1494/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1494/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1494/binderfs") = 0 umount2("./1494/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1494/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1494/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1494/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1494/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1494/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1494") = 0 mkdir("./1495", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6523 ./strace-static-x86_64: Process 6523 attached [pid 6523] chdir("./1495") = 0 [pid 6523] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6523] setpgid(0, 0) = 0 [pid 6523] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6523] write(3, "1000", 4) = 4 [pid 6523] close(3) = 0 [pid 6523] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6523] memfd_create("syzkaller", 0) = 3 [ 168.795661][ T6522] loop0: detected capacity change from 0 to 4096 [ 168.804032][ T6522] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6523] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6523] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6523] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6523] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6523] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6523] close(3) = 0 [pid 6523] mkdir("./file0", 0777) = 0 [pid 6523] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6523] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6523] chdir("./file0") = 0 [pid 6523] ioctl(4, LOOP_CLR_FD) = 0 [pid 6523] close(4) = 0 [pid 6523] exit_group(0) = ? [pid 6523] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6523, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1495", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1495", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1495/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1495/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1495/binderfs") = 0 umount2("./1495/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1495/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1495/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1495/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1495/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1495/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1495") = 0 mkdir("./1496", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6524 ./strace-static-x86_64: Process 6524 attached [pid 6524] chdir("./1496") = 0 [pid 6524] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6524] setpgid(0, 0) = 0 [pid 6524] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6524] write(3, "1000", 4) = 4 [pid 6524] close(3) = 0 [pid 6524] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6524] memfd_create("syzkaller", 0) = 3 [pid 6524] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 168.878372][ T6523] loop0: detected capacity change from 0 to 4096 [ 168.887273][ T6523] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6524] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6524] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6524] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6524] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6524] close(3) = 0 [pid 6524] mkdir("./file0", 0777) = 0 [pid 6524] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6524] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6524] chdir("./file0") = 0 [pid 6524] ioctl(4, LOOP_CLR_FD) = 0 [pid 6524] close(4) = 0 [pid 6524] exit_group(0) = ? [pid 6524] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6524, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1496", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1496", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1496/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1496/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1496/binderfs") = 0 umount2("./1496/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1496/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1496/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1496/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1496/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1496/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1496") = 0 mkdir("./1497", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6525 ./strace-static-x86_64: Process 6525 attached [pid 6525] chdir("./1497") = 0 [pid 6525] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6525] setpgid(0, 0) = 0 [pid 6525] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6525] write(3, "1000", 4) = 4 [pid 6525] close(3) = 0 [pid 6525] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6525] memfd_create("syzkaller", 0) = 3 [pid 6525] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 168.950955][ T6524] loop0: detected capacity change from 0 to 4096 [ 168.959433][ T6524] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6525] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6525] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6525] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6525] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6525] close(3) = 0 [pid 6525] mkdir("./file0", 0777) = 0 [pid 6525] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6525] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6525] chdir("./file0") = 0 [pid 6525] ioctl(4, LOOP_CLR_FD) = 0 [pid 6525] close(4) = 0 [pid 6525] exit_group(0) = ? [pid 6525] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6525, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1497", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1497", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1497/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1497/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1497/binderfs") = 0 umount2("./1497/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1497/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1497/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1497/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1497/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1497/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1497") = 0 mkdir("./1498", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 169.028344][ T6525] loop0: detected capacity change from 0 to 4096 [ 169.037359][ T6525] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6526 ./strace-static-x86_64: Process 6526 attached [pid 6526] chdir("./1498") = 0 [pid 6526] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6526] setpgid(0, 0) = 0 [pid 6526] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6526] write(3, "1000", 4) = 4 [pid 6526] close(3) = 0 [pid 6526] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6526] memfd_create("syzkaller", 0) = 3 [pid 6526] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6526] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6526] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6526] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6526] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6526] close(3) = 0 [pid 6526] mkdir("./file0", 0777) = 0 [pid 6526] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6526] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6526] chdir("./file0") = 0 [pid 6526] ioctl(4, LOOP_CLR_FD) = 0 [pid 6526] close(4) = 0 [pid 6526] exit_group(0) = ? [pid 6526] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6526, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1498", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1498", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1498/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1498/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1498/binderfs") = 0 umount2("./1498/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1498/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1498/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1498/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1498/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1498/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1498") = 0 mkdir("./1499", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6527 ./strace-static-x86_64: Process 6527 attached [pid 6527] chdir("./1499") = 0 [pid 6527] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6527] setpgid(0, 0) = 0 [pid 6527] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6527] write(3, "1000", 4) = 4 [pid 6527] close(3) = 0 [pid 6527] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6527] memfd_create("syzkaller", 0) = 3 [ 169.115416][ T6526] loop0: detected capacity change from 0 to 4096 [ 169.124480][ T6526] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6527] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6527] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6527] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6527] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6527] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6527] close(3) = 0 [pid 6527] mkdir("./file0", 0777) = 0 [pid 6527] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6527] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6527] chdir("./file0") = 0 [pid 6527] ioctl(4, LOOP_CLR_FD) = 0 [pid 6527] close(4) = 0 [pid 6527] exit_group(0) = ? [pid 6527] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6527, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1499", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1499", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1499/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1499/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1499/binderfs") = 0 umount2("./1499/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1499/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1499/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1499/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1499/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1499/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1499") = 0 mkdir("./1500", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6528 ./strace-static-x86_64: Process 6528 attached [pid 6528] chdir("./1500") = 0 [ 169.200543][ T6527] loop0: detected capacity change from 0 to 4096 [ 169.209721][ T6527] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6528] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6528] setpgid(0, 0) = 0 [pid 6528] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6528] write(3, "1000", 4) = 4 [pid 6528] close(3) = 0 [pid 6528] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6528] memfd_create("syzkaller", 0) = 3 [pid 6528] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6528] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6528] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6528] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6528] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6528] close(3) = 0 [pid 6528] mkdir("./file0", 0777) = 0 [pid 6528] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6528] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6528] chdir("./file0") = 0 [pid 6528] ioctl(4, LOOP_CLR_FD) = 0 [pid 6528] close(4) = 0 [pid 6528] exit_group(0) = ? [pid 6528] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6528, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1500", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1500", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1500/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1500/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1500/binderfs") = 0 umount2("./1500/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1500/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1500/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1500/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1500/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1500/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1500") = 0 mkdir("./1501", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6529 ./strace-static-x86_64: Process 6529 attached [pid 6529] chdir("./1501") = 0 [pid 6529] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6529] setpgid(0, 0) = 0 [pid 6529] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6529] write(3, "1000", 4) = 4 [pid 6529] close(3) = 0 [ 169.287797][ T6528] loop0: detected capacity change from 0 to 4096 [ 169.296698][ T6528] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6529] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6529] memfd_create("syzkaller", 0) = 3 [pid 6529] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6529] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6529] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6529] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6529] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6529] close(3) = 0 [pid 6529] mkdir("./file0", 0777) = 0 [pid 6529] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6529] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6529] chdir("./file0") = 0 [pid 6529] ioctl(4, LOOP_CLR_FD) = 0 [pid 6529] close(4) = 0 [pid 6529] exit_group(0) = ? [pid 6529] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6529, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1501", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1501", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1501/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1501/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1501/binderfs") = 0 umount2("./1501/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1501/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1501/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1501/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1501/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1501/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1501") = 0 mkdir("./1502", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6530 ./strace-static-x86_64: Process 6530 attached [pid 6530] chdir("./1502") = 0 [pid 6530] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6530] setpgid(0, 0) = 0 [pid 6530] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6530] write(3, "1000", 4) = 4 [pid 6530] close(3) = 0 [pid 6530] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6530] memfd_create("syzkaller", 0) = 3 [pid 6530] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 169.368656][ T6529] loop0: detected capacity change from 0 to 4096 [ 169.377526][ T6529] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6530] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6530] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6530] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6530] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6530] close(3) = 0 [pid 6530] mkdir("./file0", 0777) = 0 [pid 6530] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6530] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6530] chdir("./file0") = 0 [pid 6530] ioctl(4, LOOP_CLR_FD) = 0 [pid 6530] close(4) = 0 [pid 6530] exit_group(0) = ? [pid 6530] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6530, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1502", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1502", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1502/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1502/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1502/binderfs") = 0 umount2("./1502/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1502/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1502/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1502/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1502/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 [ 169.448844][ T6530] loop0: detected capacity change from 0 to 4096 [ 169.457461][ T6530] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(4) = 0 rmdir("./1502/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1502") = 0 mkdir("./1503", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6531 ./strace-static-x86_64: Process 6531 attached [pid 6531] chdir("./1503") = 0 [pid 6531] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6531] setpgid(0, 0) = 0 [pid 6531] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6531] write(3, "1000", 4) = 4 [pid 6531] close(3) = 0 [pid 6531] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6531] memfd_create("syzkaller", 0) = 3 [pid 6531] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6531] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6531] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6531] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6531] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6531] close(3) = 0 [pid 6531] mkdir("./file0", 0777) = 0 [pid 6531] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6531] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6531] chdir("./file0") = 0 [pid 6531] ioctl(4, LOOP_CLR_FD) = 0 [pid 6531] close(4) = 0 [pid 6531] exit_group(0) = ? [pid 6531] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6531, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1503", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1503", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1503/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1503/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1503/binderfs") = 0 umount2("./1503/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1503/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1503/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1503/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1503/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1503/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1503") = 0 mkdir("./1504", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6532 ./strace-static-x86_64: Process 6532 attached [pid 6532] chdir("./1504") = 0 [pid 6532] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6532] setpgid(0, 0) = 0 [ 169.544833][ T6531] loop0: detected capacity change from 0 to 4096 [ 169.554192][ T6531] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6532] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6532] write(3, "1000", 4) = 4 [pid 6532] close(3) = 0 [pid 6532] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6532] memfd_create("syzkaller", 0) = 3 [pid 6532] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6532] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6532] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6532] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6532] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6532] close(3) = 0 [pid 6532] mkdir("./file0", 0777) = 0 [pid 6532] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6532] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6532] chdir("./file0") = 0 [pid 6532] ioctl(4, LOOP_CLR_FD) = 0 [pid 6532] close(4) = 0 [pid 6532] exit_group(0) = ? [pid 6532] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6532, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1504", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1504", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1504/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1504/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1504/binderfs") = 0 umount2("./1504/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1504/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1504/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1504/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1504/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1504/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1504") = 0 mkdir("./1505", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6533 ./strace-static-x86_64: Process 6533 attached [pid 6533] chdir("./1505") = 0 [pid 6533] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6533] setpgid(0, 0) = 0 [pid 6533] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6533] write(3, "1000", 4) = 4 [pid 6533] close(3) = 0 [pid 6533] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6533] memfd_create("syzkaller", 0) = 3 [pid 6533] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 169.631099][ T6532] loop0: detected capacity change from 0 to 4096 [ 169.650160][ T6532] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6533] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6533] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6533] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6533] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6533] close(3) = 0 [pid 6533] mkdir("./file0", 0777) = 0 [pid 6533] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6533] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6533] chdir("./file0") = 0 [pid 6533] ioctl(4, LOOP_CLR_FD) = 0 [pid 6533] close(4) = 0 [pid 6533] exit_group(0) = ? [pid 6533] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6533, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1505", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1505", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1505/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1505/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1505/binderfs") = 0 umount2("./1505/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1505/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1505/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1505/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1505/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1505/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1505") = 0 mkdir("./1506", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6534 ./strace-static-x86_64: Process 6534 attached [ 169.727468][ T6533] loop0: detected capacity change from 0 to 4096 [ 169.736889][ T6533] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6534] chdir("./1506") = 0 [pid 6534] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6534] setpgid(0, 0) = 0 [pid 6534] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6534] write(3, "1000", 4) = 4 [pid 6534] close(3) = 0 [pid 6534] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6534] memfd_create("syzkaller", 0) = 3 [pid 6534] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6534] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6534] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6534] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6534] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6534] close(3) = 0 [pid 6534] mkdir("./file0", 0777) = 0 [pid 6534] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6534] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6534] chdir("./file0") = 0 [pid 6534] ioctl(4, LOOP_CLR_FD) = 0 [pid 6534] close(4) = 0 [pid 6534] exit_group(0) = ? [pid 6534] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6534, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1506", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1506", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1506/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1506/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1506/binderfs") = 0 umount2("./1506/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1506/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1506/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1506/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1506/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1506/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1506") = 0 mkdir("./1507", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 169.815687][ T6534] loop0: detected capacity change from 0 to 4096 [ 169.825141][ T6534] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6535 ./strace-static-x86_64: Process 6535 attached [pid 6535] chdir("./1507") = 0 [pid 6535] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6535] setpgid(0, 0) = 0 [pid 6535] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6535] write(3, "1000", 4) = 4 [pid 6535] close(3) = 0 [pid 6535] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6535] memfd_create("syzkaller", 0) = 3 [pid 6535] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6535] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6535] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6535] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6535] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6535] close(3) = 0 [pid 6535] mkdir("./file0", 0777) = 0 [pid 6535] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6535] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6535] chdir("./file0") = 0 [pid 6535] ioctl(4, LOOP_CLR_FD) = 0 [pid 6535] close(4) = 0 [pid 6535] exit_group(0) = ? [pid 6535] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6535, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1507", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1507", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1507/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1507/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1507/binderfs") = 0 umount2("./1507/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1507/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1507/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1507/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1507/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1507/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1507") = 0 mkdir("./1508", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6536 ./strace-static-x86_64: Process 6536 attached [pid 6536] chdir("./1508") = 0 [pid 6536] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6536] setpgid(0, 0) = 0 [pid 6536] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6536] write(3, "1000", 4) = 4 [pid 6536] close(3) = 0 [pid 6536] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6536] memfd_create("syzkaller", 0) = 3 [pid 6536] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 169.931079][ T6535] loop0: detected capacity change from 0 to 4096 [ 169.939765][ T6535] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6536] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6536] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6536] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6536] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6536] close(3) = 0 [pid 6536] mkdir("./file0", 0777) = 0 [pid 6536] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6536] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6536] chdir("./file0") = 0 [pid 6536] ioctl(4, LOOP_CLR_FD) = 0 [pid 6536] close(4) = 0 [pid 6536] exit_group(0) = ? [pid 6536] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6536, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1508", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1508", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1508/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1508/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1508/binderfs") = 0 umount2("./1508/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1508/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1508/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1508/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1508/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1508/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1508") = 0 mkdir("./1509", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6537 ./strace-static-x86_64: Process 6537 attached [pid 6537] chdir("./1509") = 0 [pid 6537] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6537] setpgid(0, 0) = 0 [pid 6537] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6537] write(3, "1000", 4) = 4 [pid 6537] close(3) = 0 [pid 6537] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6537] memfd_create("syzkaller", 0) = 3 [pid 6537] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 170.011880][ T6536] loop0: detected capacity change from 0 to 4096 [ 170.020380][ T6536] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6537] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6537] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6537] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6537] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6537] close(3) = 0 [pid 6537] mkdir("./file0", 0777) = 0 [pid 6537] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6537] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6537] chdir("./file0") = 0 [pid 6537] ioctl(4, LOOP_CLR_FD) = 0 [pid 6537] close(4) = 0 [pid 6537] exit_group(0) = ? [pid 6537] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6537, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1509", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1509", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1509/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1509/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1509/binderfs") = 0 umount2("./1509/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1509/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1509/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1509/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1509/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1509/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1509") = 0 mkdir("./1510", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 170.089587][ T6537] loop0: detected capacity change from 0 to 4096 [ 170.098463][ T6537] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6538 ./strace-static-x86_64: Process 6538 attached [pid 6538] chdir("./1510") = 0 [pid 6538] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6538] setpgid(0, 0) = 0 [pid 6538] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6538] write(3, "1000", 4) = 4 [pid 6538] close(3) = 0 [pid 6538] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6538] memfd_create("syzkaller", 0) = 3 [pid 6538] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6538] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6538] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6538] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6538] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6538] close(3) = 0 [pid 6538] mkdir("./file0", 0777) = 0 [pid 6538] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6538] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6538] chdir("./file0") = 0 [pid 6538] ioctl(4, LOOP_CLR_FD) = 0 [pid 6538] close(4) = 0 [pid 6538] exit_group(0) = ? [pid 6538] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6538, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1510", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1510", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1510/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1510/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1510/binderfs") = 0 umount2("./1510/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1510/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1510/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1510/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1510/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1510/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1510") = 0 mkdir("./1511", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6539 [ 170.178326][ T6538] loop0: detected capacity change from 0 to 4096 [ 170.187308][ T6538] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ./strace-static-x86_64: Process 6539 attached [pid 6539] chdir("./1511") = 0 [pid 6539] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6539] setpgid(0, 0) = 0 [pid 6539] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6539] write(3, "1000", 4) = 4 [pid 6539] close(3) = 0 [pid 6539] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6539] memfd_create("syzkaller", 0) = 3 [pid 6539] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6539] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6539] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6539] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6539] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6539] close(3) = 0 [pid 6539] mkdir("./file0", 0777) = 0 [pid 6539] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6539] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6539] chdir("./file0") = 0 [pid 6539] ioctl(4, LOOP_CLR_FD) = 0 [pid 6539] close(4) = 0 [pid 6539] exit_group(0) = ? [pid 6539] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6539, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1511", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1511", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1511/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1511/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1511/binderfs") = 0 umount2("./1511/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1511/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1511/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1511/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1511/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1511/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1511") = 0 mkdir("./1512", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6540 attached , child_tidptr=0x5555568435d0) = 6540 [pid 6540] chdir("./1512") = 0 [pid 6540] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6540] setpgid(0, 0) = 0 [pid 6540] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6540] write(3, "1000", 4) = 4 [pid 6540] close(3) = 0 [pid 6540] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6540] memfd_create("syzkaller", 0) = 3 [ 170.272256][ T6539] loop0: detected capacity change from 0 to 4096 [ 170.280382][ T6539] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6540] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6540] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6540] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6540] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6540] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6540] close(3) = 0 [pid 6540] mkdir("./file0", 0777) = 0 [pid 6540] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6540] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6540] chdir("./file0") = 0 [pid 6540] ioctl(4, LOOP_CLR_FD) = 0 [pid 6540] close(4) = 0 [pid 6540] exit_group(0) = ? [pid 6540] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6540, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1512", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1512", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1512/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1512/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1512/binderfs") = 0 umount2("./1512/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1512/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1512/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1512/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1512/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1512/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1512") = 0 mkdir("./1513", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6541 ./strace-static-x86_64: Process 6541 attached [pid 6541] chdir("./1513") = 0 [pid 6541] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6541] setpgid(0, 0) = 0 [pid 6541] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6541] write(3, "1000", 4) = 4 [pid 6541] close(3) = 0 [pid 6541] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6541] memfd_create("syzkaller", 0) = 3 [pid 6541] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 170.357359][ T6540] loop0: detected capacity change from 0 to 4096 [ 170.366287][ T6540] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6541] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6541] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6541] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6541] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6541] close(3) = 0 [pid 6541] mkdir("./file0", 0777) = 0 [pid 6541] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6541] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6541] chdir("./file0") = 0 [pid 6541] ioctl(4, LOOP_CLR_FD) = 0 [pid 6541] close(4) = 0 [pid 6541] exit_group(0) = ? [pid 6541] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6541, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1513", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1513", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1513/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1513/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1513/binderfs") = 0 umount2("./1513/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1513/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1513/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1513/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1513/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1513/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1513") = 0 mkdir("./1514", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6542 ./strace-static-x86_64: Process 6542 attached [pid 6542] chdir("./1514") = 0 [pid 6542] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6542] setpgid(0, 0) = 0 [pid 6542] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6542] write(3, "1000", 4) = 4 [pid 6542] close(3) = 0 [pid 6542] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6542] memfd_create("syzkaller", 0) = 3 [pid 6542] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 170.440542][ T6541] loop0: detected capacity change from 0 to 4096 [ 170.449504][ T6541] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6542] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6542] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6542] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6542] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6542] close(3) = 0 [pid 6542] mkdir("./file0", 0777) = 0 [pid 6542] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6542] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6542] chdir("./file0") = 0 [pid 6542] ioctl(4, LOOP_CLR_FD) = 0 [pid 6542] close(4) = 0 [pid 6542] exit_group(0) = ? [pid 6542] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6542, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- umount2("./1514", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1514", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1514/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1514/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1514/binderfs") = 0 umount2("./1514/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1514/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1514/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1514/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1514/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1514/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1514") = 0 mkdir("./1515", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6543 ./strace-static-x86_64: Process 6543 attached [pid 6543] chdir("./1515") = 0 [pid 6543] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6543] setpgid(0, 0) = 0 [pid 6543] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6543] write(3, "1000", 4) = 4 [pid 6543] close(3) = 0 [pid 6543] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6543] memfd_create("syzkaller", 0) = 3 [pid 6543] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 170.521641][ T6542] loop0: detected capacity change from 0 to 4096 [ 170.530373][ T6542] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6543] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6543] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6543] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6543] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6543] close(3) = 0 [pid 6543] mkdir("./file0", 0777) = 0 [pid 6543] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6543] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6543] chdir("./file0") = 0 [pid 6543] ioctl(4, LOOP_CLR_FD) = 0 [pid 6543] close(4) = 0 [pid 6543] exit_group(0) = ? [pid 6543] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6543, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1515", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1515", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1515/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1515/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1515/binderfs") = 0 umount2("./1515/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1515/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1515/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1515/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1515/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1515/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1515") = 0 mkdir("./1516", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6544 ./strace-static-x86_64: Process 6544 attached [pid 6544] chdir("./1516") = 0 [pid 6544] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6544] setpgid(0, 0) = 0 [pid 6544] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6544] write(3, "1000", 4) = 4 [pid 6544] close(3) = 0 [pid 6544] symlink("/dev/binderfs", "./binderfs") = 0 [ 170.604403][ T6543] loop0: detected capacity change from 0 to 4096 [ 170.613341][ T6543] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6544] memfd_create("syzkaller", 0) = 3 [pid 6544] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6544] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6544] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6544] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6544] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6544] close(3) = 0 [pid 6544] mkdir("./file0", 0777) = 0 [pid 6544] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6544] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6544] chdir("./file0") = 0 [pid 6544] ioctl(4, LOOP_CLR_FD) = 0 [pid 6544] close(4) = 0 [pid 6544] exit_group(0) = ? [pid 6544] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6544, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1516", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1516", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1516/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1516/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1516/binderfs") = 0 umount2("./1516/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1516/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1516/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1516/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1516/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1516/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 [ 170.690575][ T6544] loop0: detected capacity change from 0 to 4096 [ 170.699335][ T6544] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). rmdir("./1516") = 0 mkdir("./1517", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6545 ./strace-static-x86_64: Process 6545 attached [pid 6545] chdir("./1517") = 0 [pid 6545] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6545] setpgid(0, 0) = 0 [pid 6545] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6545] write(3, "1000", 4) = 4 [pid 6545] close(3) = 0 [pid 6545] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6545] memfd_create("syzkaller", 0) = 3 [pid 6545] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6545] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6545] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6545] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6545] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6545] close(3) = 0 [pid 6545] mkdir("./file0", 0777) = 0 [pid 6545] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6545] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6545] chdir("./file0") = 0 [pid 6545] ioctl(4, LOOP_CLR_FD) = 0 [pid 6545] close(4) = 0 [pid 6545] exit_group(0) = ? [pid 6545] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6545, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1517", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1517", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1517/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1517/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1517/binderfs") = 0 umount2("./1517/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1517/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1517/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1517/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1517/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1517/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1517") = 0 mkdir("./1518", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6546 ./strace-static-x86_64: Process 6546 attached [pid 6546] chdir("./1518") = 0 [pid 6546] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6546] setpgid(0, 0) = 0 [pid 6546] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 170.788106][ T6545] loop0: detected capacity change from 0 to 4096 [ 170.797302][ T6545] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6546] write(3, "1000", 4) = 4 [pid 6546] close(3) = 0 [pid 6546] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6546] memfd_create("syzkaller", 0) = 3 [pid 6546] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6546] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6546] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6546] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6546] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6546] close(3) = 0 [pid 6546] mkdir("./file0", 0777) = 0 [pid 6546] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6546] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6546] chdir("./file0") = 0 [pid 6546] ioctl(4, LOOP_CLR_FD) = 0 [pid 6546] close(4) = 0 [pid 6546] exit_group(0) = ? [pid 6546] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6546, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1518", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1518", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1518/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1518/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1518/binderfs") = 0 umount2("./1518/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1518/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1518/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1518/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1518/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1518/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1518") = 0 mkdir("./1519", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6547 attached , child_tidptr=0x5555568435d0) = 6547 [pid 6547] chdir("./1519") = 0 [pid 6547] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6547] setpgid(0, 0) = 0 [pid 6547] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6547] write(3, "1000", 4) = 4 [pid 6547] close(3) = 0 [pid 6547] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6547] memfd_create("syzkaller", 0) = 3 [pid 6547] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 170.874373][ T6546] loop0: detected capacity change from 0 to 4096 [ 170.883483][ T6546] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6547] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6547] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6547] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6547] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6547] close(3) = 0 [pid 6547] mkdir("./file0", 0777) = 0 [pid 6547] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6547] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6547] chdir("./file0") = 0 [pid 6547] ioctl(4, LOOP_CLR_FD) = 0 [pid 6547] close(4) = 0 [pid 6547] exit_group(0) = ? [pid 6547] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6547, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- umount2("./1519", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1519", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1519/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1519/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1519/binderfs") = 0 umount2("./1519/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1519/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1519/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1519/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1519/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1519/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1519") = 0 mkdir("./1520", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6548 ./strace-static-x86_64: Process 6548 attached [pid 6548] chdir("./1520") = 0 [pid 6548] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6548] setpgid(0, 0) = 0 [pid 6548] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6548] write(3, "1000", 4) = 4 [pid 6548] close(3) = 0 [pid 6548] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6548] memfd_create("syzkaller", 0) = 3 [pid 6548] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 170.961970][ T6547] loop0: detected capacity change from 0 to 4096 [ 170.970940][ T6547] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6548] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6548] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6548] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6548] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6548] close(3) = 0 [pid 6548] mkdir("./file0", 0777) = 0 [pid 6548] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6548] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6548] chdir("./file0") = 0 [pid 6548] ioctl(4, LOOP_CLR_FD) = 0 [pid 6548] close(4) = 0 [pid 6548] exit_group(0) = ? [pid 6548] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6548, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1520", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1520", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1520/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1520/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1520/binderfs") = 0 umount2("./1520/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1520/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1520/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1520/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1520/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1520/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1520") = 0 mkdir("./1521", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6549 ./strace-static-x86_64: Process 6549 attached [pid 6549] chdir("./1521") = 0 [pid 6549] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6549] setpgid(0, 0) = 0 [pid 6549] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6549] write(3, "1000", 4) = 4 [pid 6549] close(3) = 0 [ 171.048263][ T6548] loop0: detected capacity change from 0 to 4096 [ 171.056888][ T6548] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6549] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6549] memfd_create("syzkaller", 0) = 3 [pid 6549] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6549] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6549] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6549] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6549] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6549] close(3) = 0 [pid 6549] mkdir("./file0", 0777) = 0 [pid 6549] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6549] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6549] chdir("./file0") = 0 [pid 6549] ioctl(4, LOOP_CLR_FD) = 0 [pid 6549] close(4) = 0 [pid 6549] exit_group(0) = ? [pid 6549] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6549, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1521", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1521", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1521/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1521/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1521/binderfs") = 0 umount2("./1521/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1521/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1521/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1521/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1521/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1521/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1521") = 0 mkdir("./1522", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6550 ./strace-static-x86_64: Process 6550 attached [pid 6550] chdir("./1522") = 0 [pid 6550] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6550] setpgid(0, 0) = 0 [pid 6550] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6550] write(3, "1000", 4) = 4 [ 171.131474][ T6549] loop0: detected capacity change from 0 to 4096 [ 171.140126][ T6549] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6550] close(3) = 0 [pid 6550] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6550] memfd_create("syzkaller", 0) = 3 [pid 6550] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6550] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6550] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6550] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6550] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6550] close(3) = 0 [pid 6550] mkdir("./file0", 0777) = 0 [pid 6550] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6550] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6550] chdir("./file0") = 0 [pid 6550] ioctl(4, LOOP_CLR_FD) = 0 [pid 6550] close(4) = 0 [pid 6550] exit_group(0) = ? [pid 6550] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6550, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1522", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1522", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1522/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1522/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1522/binderfs") = 0 umount2("./1522/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1522/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1522/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1522/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1522/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1522/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1522") = 0 mkdir("./1523", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6551 ./strace-static-x86_64: Process 6551 attached [pid 6551] chdir("./1523") = 0 [pid 6551] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6551] setpgid(0, 0) = 0 [pid 6551] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6551] write(3, "1000", 4) = 4 [pid 6551] close(3) = 0 [pid 6551] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6551] memfd_create("syzkaller", 0) = 3 [pid 6551] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 171.221356][ T6550] loop0: detected capacity change from 0 to 4096 [ 171.230728][ T6550] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6551] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6551] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6551] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6551] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6551] close(3) = 0 [pid 6551] mkdir("./file0", 0777) = 0 [pid 6551] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6551] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6551] chdir("./file0") = 0 [pid 6551] ioctl(4, LOOP_CLR_FD) = 0 [pid 6551] close(4) = 0 [pid 6551] exit_group(0) = ? [pid 6551] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6551, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1523", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1523", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1523/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1523/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1523/binderfs") = 0 umount2("./1523/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1523/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1523/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1523/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1523/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1523/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1523") = 0 mkdir("./1524", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6552 ./strace-static-x86_64: Process 6552 attached [pid 6552] chdir("./1524") = 0 [pid 6552] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6552] setpgid(0, 0) = 0 [pid 6552] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 171.303398][ T6551] loop0: detected capacity change from 0 to 4096 [ 171.312255][ T6551] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6552] write(3, "1000", 4) = 4 [pid 6552] close(3) = 0 [pid 6552] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6552] memfd_create("syzkaller", 0) = 3 [pid 6552] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6552] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6552] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6552] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6552] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6552] close(3) = 0 [pid 6552] mkdir("./file0", 0777) = 0 [pid 6552] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6552] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6552] chdir("./file0") = 0 [pid 6552] ioctl(4, LOOP_CLR_FD) = 0 [pid 6552] close(4) = 0 [pid 6552] exit_group(0) = ? [pid 6552] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6552, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1524", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1524", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1524/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1524/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1524/binderfs") = 0 umount2("./1524/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1524/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1524/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1524/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1524/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1524/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1524") = 0 mkdir("./1525", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6553 attached , child_tidptr=0x5555568435d0) = 6553 [pid 6553] chdir("./1525") = 0 [pid 6553] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6553] setpgid(0, 0) = 0 [pid 6553] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6553] write(3, "1000", 4) = 4 [pid 6553] close(3) = 0 [pid 6553] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6553] memfd_create("syzkaller", 0) = 3 [pid 6553] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 171.388366][ T6552] loop0: detected capacity change from 0 to 4096 [ 171.397037][ T6552] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6553] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6553] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6553] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6553] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6553] close(3) = 0 [pid 6553] mkdir("./file0", 0777) = 0 [pid 6553] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6553] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6553] chdir("./file0") = 0 [pid 6553] ioctl(4, LOOP_CLR_FD) = 0 [pid 6553] close(4) = 0 [pid 6553] exit_group(0) = ? [pid 6553] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6553, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1525", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1525", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1525/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1525/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1525/binderfs") = 0 umount2("./1525/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1525/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1525/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1525/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1525/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1525/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 [ 171.470081][ T6553] loop0: detected capacity change from 0 to 4096 [ 171.479395][ T6553] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). rmdir("./1525") = 0 mkdir("./1526", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6554 ./strace-static-x86_64: Process 6554 attached [pid 6554] chdir("./1526") = 0 [pid 6554] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6554] setpgid(0, 0) = 0 [pid 6554] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6554] write(3, "1000", 4) = 4 [pid 6554] close(3) = 0 [pid 6554] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6554] memfd_create("syzkaller", 0) = 3 [pid 6554] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6554] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6554] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6554] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6554] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6554] close(3) = 0 [pid 6554] mkdir("./file0", 0777) = 0 [pid 6554] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6554] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6554] chdir("./file0") = 0 [pid 6554] ioctl(4, LOOP_CLR_FD) = 0 [pid 6554] close(4) = 0 [pid 6554] exit_group(0) = ? [pid 6554] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6554, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1526", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1526", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1526/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1526/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1526/binderfs") = 0 umount2("./1526/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1526/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1526/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1526/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1526/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1526/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1526") = 0 mkdir("./1527", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 171.565640][ T6554] loop0: detected capacity change from 0 to 4096 [ 171.574310][ T6554] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6555 ./strace-static-x86_64: Process 6555 attached [pid 6555] chdir("./1527") = 0 [pid 6555] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6555] setpgid(0, 0) = 0 [pid 6555] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6555] write(3, "1000", 4) = 4 [pid 6555] close(3) = 0 [pid 6555] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6555] memfd_create("syzkaller", 0) = 3 [pid 6555] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6555] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6555] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6555] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6555] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6555] close(3) = 0 [pid 6555] mkdir("./file0", 0777) = 0 [pid 6555] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6555] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6555] chdir("./file0") = 0 [pid 6555] ioctl(4, LOOP_CLR_FD) = 0 [pid 6555] close(4) = 0 [pid 6555] exit_group(0) = ? [pid 6555] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6555, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1527", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1527", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1527/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1527/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1527/binderfs") = 0 umount2("./1527/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1527/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1527/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1527/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1527/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1527/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1527") = 0 mkdir("./1528", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6556 ./strace-static-x86_64: Process 6556 attached [pid 6556] chdir("./1528") = 0 [pid 6556] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6556] setpgid(0, 0) = 0 [pid 6556] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6556] write(3, "1000", 4) = 4 [pid 6556] close(3) = 0 [pid 6556] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6556] memfd_create("syzkaller", 0) = 3 [ 171.651279][ T6555] loop0: detected capacity change from 0 to 4096 [ 171.659902][ T6555] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6556] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6556] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6556] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6556] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6556] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6556] close(3) = 0 [pid 6556] mkdir("./file0", 0777) = 0 [pid 6556] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6556] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6556] chdir("./file0") = 0 [pid 6556] ioctl(4, LOOP_CLR_FD) = 0 [pid 6556] close(4) = 0 [pid 6556] exit_group(0) = ? [pid 6556] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6556, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1528", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1528", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1528/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1528/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1528/binderfs") = 0 umount2("./1528/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1528/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1528/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1528/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1528/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1528/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1528") = 0 mkdir("./1529", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 171.738847][ T6556] loop0: detected capacity change from 0 to 4096 [ 171.747584][ T6556] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6557 ./strace-static-x86_64: Process 6557 attached [pid 6557] chdir("./1529") = 0 [pid 6557] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6557] setpgid(0, 0) = 0 [pid 6557] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6557] write(3, "1000", 4) = 4 [pid 6557] close(3) = 0 [pid 6557] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6557] memfd_create("syzkaller", 0) = 3 [pid 6557] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6557] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6557] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6557] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6557] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6557] close(3) = 0 [pid 6557] mkdir("./file0", 0777) = 0 [pid 6557] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6557] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6557] chdir("./file0") = 0 [pid 6557] ioctl(4, LOOP_CLR_FD) = 0 [pid 6557] close(4) = 0 [pid 6557] exit_group(0) = ? [pid 6557] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6557, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1529", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1529", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1529/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1529/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1529/binderfs") = 0 umount2("./1529/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1529/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1529/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1529/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1529/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1529/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1529") = 0 mkdir("./1530", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6558 ./strace-static-x86_64: Process 6558 attached [pid 6558] chdir("./1530") = 0 [pid 6558] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6558] setpgid(0, 0) = 0 [pid 6558] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6558] write(3, "1000", 4) = 4 [pid 6558] close(3) = 0 [ 171.825017][ T6557] loop0: detected capacity change from 0 to 4096 [ 171.834095][ T6557] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6558] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6558] memfd_create("syzkaller", 0) = 3 [pid 6558] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6558] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6558] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6558] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6558] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6558] close(3) = 0 [pid 6558] mkdir("./file0", 0777) = 0 [pid 6558] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6558] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6558] chdir("./file0") = 0 [pid 6558] ioctl(4, LOOP_CLR_FD) = 0 [pid 6558] close(4) = 0 [pid 6558] exit_group(0) = ? [pid 6558] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6558, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1530", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1530", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1530/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1530/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1530/binderfs") = 0 umount2("./1530/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1530/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1530/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1530/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1530/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1530/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1530") = 0 mkdir("./1531", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6559 ./strace-static-x86_64: Process 6559 attached [pid 6559] chdir("./1531") = 0 [pid 6559] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6559] setpgid(0, 0) = 0 [pid 6559] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6559] write(3, "1000", 4) = 4 [pid 6559] close(3) = 0 [ 171.911622][ T6558] loop0: detected capacity change from 0 to 4096 [ 171.920383][ T6558] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6559] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6559] memfd_create("syzkaller", 0) = 3 [pid 6559] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6559] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6559] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6559] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6559] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6559] close(3) = 0 [pid 6559] mkdir("./file0", 0777) = 0 [pid 6559] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6559] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6559] chdir("./file0") = 0 [pid 6559] ioctl(4, LOOP_CLR_FD) = 0 [pid 6559] close(4) = 0 [pid 6559] exit_group(0) = ? [pid 6559] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6559, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1531", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1531", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1531/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1531/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1531/binderfs") = 0 umount2("./1531/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1531/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1531/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1531/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1531/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1531/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1531") = 0 mkdir("./1532", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 171.993629][ T6559] loop0: detected capacity change from 0 to 4096 [ 172.002563][ T6559] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6560 ./strace-static-x86_64: Process 6560 attached [pid 6560] chdir("./1532") = 0 [pid 6560] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6560] setpgid(0, 0) = 0 [pid 6560] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6560] write(3, "1000", 4) = 4 [pid 6560] close(3) = 0 [pid 6560] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6560] memfd_create("syzkaller", 0) = 3 [pid 6560] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6560] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6560] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6560] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6560] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6560] close(3) = 0 [pid 6560] mkdir("./file0", 0777) = 0 [pid 6560] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6560] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6560] chdir("./file0") = 0 [pid 6560] ioctl(4, LOOP_CLR_FD) = 0 [pid 6560] close(4) = 0 [pid 6560] exit_group(0) = ? [pid 6560] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6560, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1532", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1532", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1532/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1532/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1532/binderfs") = 0 umount2("./1532/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1532/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1532/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1532/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1532/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1532/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1532") = 0 mkdir("./1533", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6561 attached , child_tidptr=0x5555568435d0) = 6561 [pid 6561] chdir("./1533") = 0 [pid 6561] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6561] setpgid(0, 0) = 0 [pid 6561] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6561] write(3, "1000", 4) = 4 [pid 6561] close(3) = 0 [pid 6561] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6561] memfd_create("syzkaller", 0) = 3 [pid 6561] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 172.085469][ T6560] loop0: detected capacity change from 0 to 4096 [ 172.094058][ T6560] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6561] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6561] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6561] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6561] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6561] close(3) = 0 [pid 6561] mkdir("./file0", 0777) = 0 [pid 6561] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6561] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6561] chdir("./file0") = 0 [pid 6561] ioctl(4, LOOP_CLR_FD) = 0 [pid 6561] close(4) = 0 [pid 6561] exit_group(0) = ? [pid 6561] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6561, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1533", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1533", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1533/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1533/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1533/binderfs") = 0 umount2("./1533/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1533/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1533/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1533/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1533/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1533/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1533") = 0 mkdir("./1534", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6562 ./strace-static-x86_64: Process 6562 attached [pid 6562] chdir("./1534") = 0 [pid 6562] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6562] setpgid(0, 0) = 0 [pid 6562] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6562] write(3, "1000", 4) = 4 [pid 6562] close(3) = 0 [pid 6562] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6562] memfd_create("syzkaller", 0) = 3 [pid 6562] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 172.160424][ T6561] loop0: detected capacity change from 0 to 4096 [ 172.168983][ T6561] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6562] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6562] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6562] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6562] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6562] close(3) = 0 [pid 6562] mkdir("./file0", 0777) = 0 [pid 6562] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6562] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6562] chdir("./file0") = 0 [pid 6562] ioctl(4, LOOP_CLR_FD) = 0 [pid 6562] close(4) = 0 [pid 6562] exit_group(0) = ? [pid 6562] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6562, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1534", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1534", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1534/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1534/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1534/binderfs") = 0 umount2("./1534/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1534/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1534/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1534/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1534/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1534/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1534") = 0 mkdir("./1535", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6563 ./strace-static-x86_64: Process 6563 attached [pid 6563] chdir("./1535") = 0 [pid 6563] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6563] setpgid(0, 0) = 0 [ 172.233897][ T6562] loop0: detected capacity change from 0 to 4096 [ 172.242161][ T6562] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6563] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6563] write(3, "1000", 4) = 4 [pid 6563] close(3) = 0 [pid 6563] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6563] memfd_create("syzkaller", 0) = 3 [pid 6563] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6563] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6563] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6563] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6563] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6563] close(3) = 0 [pid 6563] mkdir("./file0", 0777) = 0 [pid 6563] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6563] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6563] chdir("./file0") = 0 [pid 6563] ioctl(4, LOOP_CLR_FD) = 0 [pid 6563] close(4) = 0 [pid 6563] exit_group(0) = ? [pid 6563] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6563, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1535", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1535", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1535/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1535/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1535/binderfs") = 0 umount2("./1535/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1535/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1535/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1535/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1535/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1535/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1535") = 0 mkdir("./1536", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6564 ./strace-static-x86_64: Process 6564 attached [pid 6564] chdir("./1536") = 0 [pid 6564] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6564] setpgid(0, 0) = 0 [pid 6564] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6564] write(3, "1000", 4) = 4 [pid 6564] close(3) = 0 [pid 6564] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6564] memfd_create("syzkaller", 0) = 3 [ 172.322761][ T6563] loop0: detected capacity change from 0 to 4096 [ 172.331908][ T6563] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6564] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6564] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6564] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6564] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6564] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6564] close(3) = 0 [pid 6564] mkdir("./file0", 0777) = 0 [pid 6564] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6564] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6564] chdir("./file0") = 0 [pid 6564] ioctl(4, LOOP_CLR_FD) = 0 [pid 6564] close(4) = 0 [pid 6564] exit_group(0) = ? [pid 6564] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6564, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1536", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1536", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1536/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1536/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1536/binderfs") = 0 umount2("./1536/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1536/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1536/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1536/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1536/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1536/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1536") = 0 mkdir("./1537", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6565 ./strace-static-x86_64: Process 6565 attached [pid 6565] chdir("./1537") = 0 [pid 6565] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6565] setpgid(0, 0) = 0 [pid 6565] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6565] write(3, "1000", 4) = 4 [pid 6565] close(3) = 0 [pid 6565] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6565] memfd_create("syzkaller", 0) = 3 [pid 6565] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 172.402212][ T6564] loop0: detected capacity change from 0 to 4096 [ 172.410672][ T6564] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6565] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6565] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6565] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6565] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6565] close(3) = 0 [pid 6565] mkdir("./file0", 0777) = 0 [pid 6565] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6565] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6565] chdir("./file0") = 0 [pid 6565] ioctl(4, LOOP_CLR_FD) = 0 [pid 6565] close(4) = 0 [pid 6565] exit_group(0) = ? [pid 6565] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6565, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- umount2("./1537", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1537", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1537/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1537/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1537/binderfs") = 0 umount2("./1537/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1537/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1537/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1537/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1537/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1537/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1537") = 0 mkdir("./1538", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6566 ./strace-static-x86_64: Process 6566 attached [pid 6566] chdir("./1538") = 0 [pid 6566] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6566] setpgid(0, 0) = 0 [pid 6566] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6566] write(3, "1000", 4) = 4 [ 172.481527][ T6565] loop0: detected capacity change from 0 to 4096 [ 172.491106][ T6565] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6566] close(3) = 0 [pid 6566] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6566] memfd_create("syzkaller", 0) = 3 [pid 6566] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6566] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6566] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6566] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6566] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6566] close(3) = 0 [pid 6566] mkdir("./file0", 0777) = 0 [pid 6566] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6566] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6566] chdir("./file0") = 0 [pid 6566] ioctl(4, LOOP_CLR_FD) = 0 [pid 6566] close(4) = 0 [pid 6566] exit_group(0) = ? [pid 6566] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6566, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1538", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1538", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1538/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1538/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1538/binderfs") = 0 umount2("./1538/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1538/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1538/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1538/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1538/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1538/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1538") = 0 mkdir("./1539", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6567 ./strace-static-x86_64: Process 6567 attached [pid 6567] chdir("./1539") = 0 [pid 6567] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6567] setpgid(0, 0) = 0 [pid 6567] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6567] write(3, "1000", 4) = 4 [pid 6567] close(3) = 0 [pid 6567] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6567] memfd_create("syzkaller", 0) = 3 [pid 6567] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 172.570359][ T6566] loop0: detected capacity change from 0 to 4096 [ 172.579524][ T6566] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6567] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6567] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6567] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6567] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6567] close(3) = 0 [pid 6567] mkdir("./file0", 0777) = 0 [pid 6567] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6567] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6567] chdir("./file0") = 0 [pid 6567] ioctl(4, LOOP_CLR_FD) = 0 [pid 6567] close(4) = 0 [pid 6567] exit_group(0) = ? [pid 6567] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6567, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- umount2("./1539", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1539", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1539/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1539/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1539/binderfs") = 0 umount2("./1539/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1539/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1539/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1539/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1539/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1539/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1539") = 0 mkdir("./1540", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6568 ./strace-static-x86_64: Process 6568 attached [pid 6568] chdir("./1540") = 0 [ 172.653444][ T6567] loop0: detected capacity change from 0 to 4096 [ 172.662032][ T6567] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6568] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6568] setpgid(0, 0) = 0 [pid 6568] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6568] write(3, "1000", 4) = 4 [pid 6568] close(3) = 0 [pid 6568] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6568] memfd_create("syzkaller", 0) = 3 [pid 6568] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6568] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6568] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6568] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6568] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6568] close(3) = 0 [pid 6568] mkdir("./file0", 0777) = 0 [pid 6568] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6568] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6568] chdir("./file0") = 0 [pid 6568] ioctl(4, LOOP_CLR_FD) = 0 [pid 6568] close(4) = 0 [pid 6568] exit_group(0) = ? [pid 6568] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6568, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1540", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1540", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1540/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1540/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1540/binderfs") = 0 umount2("./1540/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1540/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1540/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1540/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1540/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1540/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1540") = 0 mkdir("./1541", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6569 ./strace-static-x86_64: Process 6569 attached [pid 6569] chdir("./1541") = 0 [pid 6569] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6569] setpgid(0, 0) = 0 [pid 6569] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6569] write(3, "1000", 4) = 4 [ 172.740003][ T6568] loop0: detected capacity change from 0 to 4096 [ 172.748839][ T6568] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6569] close(3) = 0 [pid 6569] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6569] memfd_create("syzkaller", 0) = 3 [pid 6569] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6569] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6569] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6569] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6569] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6569] close(3) = 0 [pid 6569] mkdir("./file0", 0777) = 0 [pid 6569] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6569] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6569] chdir("./file0") = 0 [pid 6569] ioctl(4, LOOP_CLR_FD) = 0 [pid 6569] close(4) = 0 [pid 6569] exit_group(0) = ? [pid 6569] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6569, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1541", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1541", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1541/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1541/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1541/binderfs") = 0 umount2("./1541/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1541/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1541/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1541/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1541/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1541/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1541") = 0 mkdir("./1542", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6570 ./strace-static-x86_64: Process 6570 attached [pid 6570] chdir("./1542") = 0 [pid 6570] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6570] setpgid(0, 0) = 0 [pid 6570] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6570] write(3, "1000", 4) = 4 [pid 6570] close(3) = 0 [pid 6570] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6570] memfd_create("syzkaller", 0) = 3 [pid 6570] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 172.830829][ T6569] loop0: detected capacity change from 0 to 4096 [ 172.840275][ T6569] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6570] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6570] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6570] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6570] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6570] close(3) = 0 [pid 6570] mkdir("./file0", 0777) = 0 [pid 6570] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6570] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6570] chdir("./file0") = 0 [pid 6570] ioctl(4, LOOP_CLR_FD) = 0 [pid 6570] close(4) = 0 [pid 6570] exit_group(0) = ? [pid 6570] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6570, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1542", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1542", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1542/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1542/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1542/binderfs") = 0 umount2("./1542/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1542/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1542/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1542/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1542/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1542/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1542") = 0 mkdir("./1543", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 172.909322][ T6570] loop0: detected capacity change from 0 to 4096 [ 172.918128][ T6570] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6571 ./strace-static-x86_64: Process 6571 attached [pid 6571] chdir("./1543") = 0 [pid 6571] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6571] setpgid(0, 0) = 0 [pid 6571] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6571] write(3, "1000", 4) = 4 [pid 6571] close(3) = 0 [pid 6571] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6571] memfd_create("syzkaller", 0) = 3 [pid 6571] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6571] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6571] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6571] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6571] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6571] close(3) = 0 [pid 6571] mkdir("./file0", 0777) = 0 [pid 6571] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6571] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6571] chdir("./file0") = 0 [pid 6571] ioctl(4, LOOP_CLR_FD) = 0 [pid 6571] close(4) = 0 [pid 6571] exit_group(0) = ? [pid 6571] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6571, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1543", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1543", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1543/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1543/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1543/binderfs") = 0 umount2("./1543/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1543/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1543/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1543/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1543/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 [ 173.001267][ T6571] loop0: detected capacity change from 0 to 4096 [ 173.010038][ T6571] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1543/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1543") = 0 mkdir("./1544", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6572 ./strace-static-x86_64: Process 6572 attached [pid 6572] chdir("./1544") = 0 [pid 6572] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6572] setpgid(0, 0) = 0 [pid 6572] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6572] write(3, "1000", 4) = 4 [pid 6572] close(3) = 0 [pid 6572] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6572] memfd_create("syzkaller", 0) = 3 [pid 6572] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6572] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6572] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6572] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6572] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6572] close(3) = 0 [pid 6572] mkdir("./file0", 0777) = 0 [pid 6572] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6572] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6572] chdir("./file0") = 0 [pid 6572] ioctl(4, LOOP_CLR_FD) = 0 [pid 6572] close(4) = 0 [pid 6572] exit_group(0) = ? [pid 6572] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6572, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1544", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1544", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1544/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1544/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1544/binderfs") = 0 umount2("./1544/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1544/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1544/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1544/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1544/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1544/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1544") = 0 mkdir("./1545", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6573 ./strace-static-x86_64: Process 6573 attached [pid 6573] chdir("./1545") = 0 [pid 6573] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6573] setpgid(0, 0) = 0 [pid 6573] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6573] write(3, "1000", 4) = 4 [pid 6573] close(3) = 0 [pid 6573] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6573] memfd_create("syzkaller", 0) = 3 [pid 6573] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 173.098393][ T6572] loop0: detected capacity change from 0 to 4096 [ 173.107220][ T6572] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6573] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6573] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6573] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6573] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6573] close(3) = 0 [pid 6573] mkdir("./file0", 0777) = 0 [pid 6573] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6573] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6573] chdir("./file0") = 0 [pid 6573] ioctl(4, LOOP_CLR_FD) = 0 [pid 6573] close(4) = 0 [pid 6573] exit_group(0) = ? [pid 6573] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6573, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1545", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1545", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1545/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1545/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1545/binderfs") = 0 umount2("./1545/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1545/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1545/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1545/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1545/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1545/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1545") = 0 mkdir("./1546", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6574 ./strace-static-x86_64: Process 6574 attached [pid 6574] chdir("./1546") = 0 [pid 6574] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6574] setpgid(0, 0) = 0 [pid 6574] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6574] write(3, "1000", 4) = 4 [pid 6574] close(3) = 0 [pid 6574] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6574] memfd_create("syzkaller", 0) = 3 [pid 6574] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 173.176751][ T6573] loop0: detected capacity change from 0 to 4096 [ 173.185665][ T6573] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6574] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6574] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6574] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6574] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6574] close(3) = 0 [pid 6574] mkdir("./file0", 0777) = 0 [pid 6574] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6574] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6574] chdir("./file0") = 0 [pid 6574] ioctl(4, LOOP_CLR_FD) = 0 [pid 6574] close(4) = 0 [pid 6574] exit_group(0) = ? [pid 6574] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6574, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1546", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1546", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1546/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1546/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1546/binderfs") = 0 umount2("./1546/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1546/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1546/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1546/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1546/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1546/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1546") = 0 mkdir("./1547", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6575 ./strace-static-x86_64: Process 6575 attached [pid 6575] chdir("./1547") = 0 [pid 6575] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6575] setpgid(0, 0) = 0 [pid 6575] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6575] write(3, "1000", 4) = 4 [pid 6575] close(3) = 0 [pid 6575] symlink("/dev/binderfs", "./binderfs") = 0 [ 173.262752][ T6574] loop0: detected capacity change from 0 to 4096 [ 173.271403][ T6574] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6575] memfd_create("syzkaller", 0) = 3 [pid 6575] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6575] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6575] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6575] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6575] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6575] close(3) = 0 [pid 6575] mkdir("./file0", 0777) = 0 [pid 6575] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6575] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6575] chdir("./file0") = 0 [pid 6575] ioctl(4, LOOP_CLR_FD) = 0 [pid 6575] close(4) = 0 [pid 6575] exit_group(0) = ? [pid 6575] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6575, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1547", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1547", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1547/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1547/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1547/binderfs") = 0 umount2("./1547/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1547/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1547/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1547/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1547/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1547/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 [ 173.344100][ T6575] loop0: detected capacity change from 0 to 4096 [ 173.353148][ T6575] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 rmdir("./1547") = 0 mkdir("./1548", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6576 ./strace-static-x86_64: Process 6576 attached [pid 6576] chdir("./1548") = 0 [pid 6576] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6576] setpgid(0, 0) = 0 [pid 6576] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6576] write(3, "1000", 4) = 4 [pid 6576] close(3) = 0 [pid 6576] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6576] memfd_create("syzkaller", 0) = 3 [pid 6576] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6576] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6576] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6576] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6576] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6576] close(3) = 0 [pid 6576] mkdir("./file0", 0777) = 0 [pid 6576] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6576] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6576] chdir("./file0") = 0 [pid 6576] ioctl(4, LOOP_CLR_FD) = 0 [pid 6576] close(4) = 0 [pid 6576] exit_group(0) = ? [pid 6576] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6576, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1548", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1548", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1548/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1548/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1548/binderfs") = 0 umount2("./1548/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1548/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1548/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1548/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1548/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1548/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1548") = 0 mkdir("./1549", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6577 ./strace-static-x86_64: Process 6577 attached [pid 6577] chdir("./1549") = 0 [pid 6577] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6577] setpgid(0, 0) = 0 [pid 6577] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6577] write(3, "1000", 4) = 4 [ 173.438118][ T6576] loop0: detected capacity change from 0 to 4096 [ 173.446736][ T6576] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6577] close(3) = 0 [pid 6577] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6577] memfd_create("syzkaller", 0) = 3 [pid 6577] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6577] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6577] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6577] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6577] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6577] close(3) = 0 [pid 6577] mkdir("./file0", 0777) = 0 [pid 6577] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6577] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6577] chdir("./file0") = 0 [pid 6577] ioctl(4, LOOP_CLR_FD) = 0 [pid 6577] close(4) = 0 [pid 6577] exit_group(0) = ? [pid 6577] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6577, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1549", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1549", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1549/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1549/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1549/binderfs") = 0 umount2("./1549/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1549/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1549/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1549/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1549/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1549/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1549") = 0 mkdir("./1550", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6578 ./strace-static-x86_64: Process 6578 attached [pid 6578] chdir("./1550") = 0 [pid 6578] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6578] setpgid(0, 0) = 0 [pid 6578] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6578] write(3, "1000", 4) = 4 [pid 6578] close(3) = 0 [pid 6578] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6578] memfd_create("syzkaller", 0) = 3 [pid 6578] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 173.525725][ T6577] loop0: detected capacity change from 0 to 4096 [ 173.535750][ T6577] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6578] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6578] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6578] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6578] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6578] close(3) = 0 [pid 6578] mkdir("./file0", 0777) = 0 [pid 6578] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6578] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6578] chdir("./file0") = 0 [pid 6578] ioctl(4, LOOP_CLR_FD) = 0 [pid 6578] close(4) = 0 [pid 6578] exit_group(0) = ? [pid 6578] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6578, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1550", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1550", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1550/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1550/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1550/binderfs") = 0 umount2("./1550/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1550/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1550/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1550/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1550/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1550/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1550") = 0 mkdir("./1551", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6579 ./strace-static-x86_64: Process 6579 attached [pid 6579] chdir("./1551") = 0 [pid 6579] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6579] setpgid(0, 0) = 0 [pid 6579] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6579] write(3, "1000", 4) = 4 [pid 6579] close(3) = 0 [pid 6579] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6579] memfd_create("syzkaller", 0) = 3 [pid 6579] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 173.608746][ T6578] loop0: detected capacity change from 0 to 4096 [ 173.618000][ T6578] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6579] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6579] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6579] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6579] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6579] close(3) = 0 [pid 6579] mkdir("./file0", 0777) = 0 [pid 6579] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6579] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6579] chdir("./file0") = 0 [pid 6579] ioctl(4, LOOP_CLR_FD) = 0 [pid 6579] close(4) = 0 [pid 6579] exit_group(0) = ? [pid 6579] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6579, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1551", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1551", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1551/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1551/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1551/binderfs") = 0 umount2("./1551/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1551/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1551/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1551/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1551/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1551/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1551") = 0 mkdir("./1552", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6580 ./strace-static-x86_64: Process 6580 attached [pid 6580] chdir("./1552") = 0 [pid 6580] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6580] setpgid(0, 0) = 0 [pid 6580] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6580] write(3, "1000", 4) = 4 [pid 6580] close(3) = 0 [pid 6580] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6580] memfd_create("syzkaller", 0) = 3 [pid 6580] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 173.688439][ T6579] loop0: detected capacity change from 0 to 4096 [ 173.697109][ T6579] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6580] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6580] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6580] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6580] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6580] close(3) = 0 [pid 6580] mkdir("./file0", 0777) = 0 [pid 6580] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6580] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6580] chdir("./file0") = 0 [pid 6580] ioctl(4, LOOP_CLR_FD) = 0 [pid 6580] close(4) = 0 [pid 6580] exit_group(0) = ? [pid 6580] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6580, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1552", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1552", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1552/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1552/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1552/binderfs") = 0 umount2("./1552/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1552/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1552/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1552/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1552/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1552/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1552") = 0 mkdir("./1553", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6581 ./strace-static-x86_64: Process 6581 attached [pid 6581] chdir("./1553") = 0 [pid 6581] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6581] setpgid(0, 0) = 0 [pid 6581] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6581] write(3, "1000", 4) = 4 [pid 6581] close(3) = 0 [pid 6581] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6581] memfd_create("syzkaller", 0) = 3 [pid 6581] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 173.768240][ T6580] loop0: detected capacity change from 0 to 4096 [ 173.777350][ T6580] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6581] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6581] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6581] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6581] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6581] close(3) = 0 [pid 6581] mkdir("./file0", 0777) = 0 [pid 6581] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6581] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6581] chdir("./file0") = 0 [pid 6581] ioctl(4, LOOP_CLR_FD) = 0 [pid 6581] close(4) = 0 [pid 6581] exit_group(0) = ? [pid 6581] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6581, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- umount2("./1553", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1553", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1553/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1553/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1553/binderfs") = 0 umount2("./1553/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1553/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1553/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1553/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1553/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1553/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1553") = 0 mkdir("./1554", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6582 ./strace-static-x86_64: Process 6582 attached [pid 6582] chdir("./1554") = 0 [pid 6582] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6582] setpgid(0, 0) = 0 [pid 6582] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6582] write(3, "1000", 4) = 4 [pid 6582] close(3) = 0 [pid 6582] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6582] memfd_create("syzkaller", 0) = 3 [pid 6582] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 173.850520][ T6581] loop0: detected capacity change from 0 to 4096 [ 173.860051][ T6581] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6582] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6582] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6582] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6582] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6582] close(3) = 0 [pid 6582] mkdir("./file0", 0777) = 0 [pid 6582] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6582] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6582] chdir("./file0") = 0 [pid 6582] ioctl(4, LOOP_CLR_FD) = 0 [pid 6582] close(4) = 0 [pid 6582] exit_group(0) = ? [pid 6582] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6582, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1554", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1554", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1554/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1554/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1554/binderfs") = 0 umount2("./1554/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1554/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1554/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1554/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1554/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1554/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1554") = 0 mkdir("./1555", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6583 ./strace-static-x86_64: Process 6583 attached [pid 6583] chdir("./1555") = 0 [ 173.931671][ T6582] loop0: detected capacity change from 0 to 4096 [ 173.941613][ T6582] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6583] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6583] setpgid(0, 0) = 0 [pid 6583] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6583] write(3, "1000", 4) = 4 [pid 6583] close(3) = 0 [pid 6583] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6583] memfd_create("syzkaller", 0) = 3 [pid 6583] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6583] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6583] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6583] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6583] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6583] close(3) = 0 [pid 6583] mkdir("./file0", 0777) = 0 [pid 6583] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6583] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6583] chdir("./file0") = 0 [pid 6583] ioctl(4, LOOP_CLR_FD) = 0 [pid 6583] close(4) = 0 [pid 6583] exit_group(0) = ? [pid 6583] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6583, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1555", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1555", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1555/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1555/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1555/binderfs") = 0 umount2("./1555/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1555/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1555/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1555/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1555/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1555/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 [ 174.022942][ T6583] loop0: detected capacity change from 0 to 4096 [ 174.031722][ T6583] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). rmdir("./1555") = 0 mkdir("./1556", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6584 attached , child_tidptr=0x5555568435d0) = 6584 [pid 6584] chdir("./1556") = 0 [pid 6584] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6584] setpgid(0, 0) = 0 [pid 6584] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6584] write(3, "1000", 4) = 4 [pid 6584] close(3) = 0 [pid 6584] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6584] memfd_create("syzkaller", 0) = 3 [pid 6584] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6584] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6584] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6584] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6584] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6584] close(3) = 0 [pid 6584] mkdir("./file0", 0777) = 0 [pid 6584] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6584] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6584] chdir("./file0") = 0 [pid 6584] ioctl(4, LOOP_CLR_FD) = 0 [pid 6584] close(4) = 0 [pid 6584] exit_group(0) = ? [pid 6584] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6584, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1556", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1556", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1556/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1556/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1556/binderfs") = 0 umount2("./1556/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1556/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1556/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1556/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1556/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1556/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1556") = 0 mkdir("./1557", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6585 ./strace-static-x86_64: Process 6585 attached [pid 6585] chdir("./1557") = 0 [pid 6585] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6585] setpgid(0, 0) = 0 [pid 6585] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6585] write(3, "1000", 4) = 4 [ 174.122814][ T6584] loop0: detected capacity change from 0 to 4096 [ 174.132226][ T6584] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6585] close(3) = 0 [pid 6585] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6585] memfd_create("syzkaller", 0) = 3 [pid 6585] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6585] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6585] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6585] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6585] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6585] close(3) = 0 [pid 6585] mkdir("./file0", 0777) = 0 [pid 6585] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6585] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6585] chdir("./file0") = 0 [pid 6585] ioctl(4, LOOP_CLR_FD) = 0 [pid 6585] close(4) = 0 [pid 6585] exit_group(0) = ? [pid 6585] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6585, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1557", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1557", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1557/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1557/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1557/binderfs") = 0 umount2("./1557/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1557/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1557/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1557/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1557/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1557/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1557") = 0 mkdir("./1558", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6586 ./strace-static-x86_64: Process 6586 attached [pid 6586] chdir("./1558") = 0 [pid 6586] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6586] setpgid(0, 0) = 0 [pid 6586] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6586] write(3, "1000", 4) = 4 [pid 6586] close(3) = 0 [pid 6586] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6586] memfd_create("syzkaller", 0) = 3 [pid 6586] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 174.205739][ T6585] loop0: detected capacity change from 0 to 4096 [ 174.215082][ T6585] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6586] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6586] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6586] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6586] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6586] close(3) = 0 [pid 6586] mkdir("./file0", 0777) = 0 [pid 6586] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6586] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6586] chdir("./file0") = 0 [pid 6586] ioctl(4, LOOP_CLR_FD) = 0 [pid 6586] close(4) = 0 [pid 6586] exit_group(0) = ? [pid 6586] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6586, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1558", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1558", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1558/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1558/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1558/binderfs") = 0 umount2("./1558/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1558/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1558/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1558/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1558/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1558/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1558") = 0 mkdir("./1559", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6587 attached , child_tidptr=0x5555568435d0) = 6587 [pid 6587] chdir("./1559") = 0 [pid 6587] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6587] setpgid(0, 0) = 0 [ 174.280799][ T6586] loop0: detected capacity change from 0 to 4096 [ 174.290018][ T6586] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6587] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6587] write(3, "1000", 4) = 4 [pid 6587] close(3) = 0 [pid 6587] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6587] memfd_create("syzkaller", 0) = 3 [pid 6587] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6587] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6587] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6587] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6587] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6587] close(3) = 0 [pid 6587] mkdir("./file0", 0777) = 0 [pid 6587] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6587] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6587] chdir("./file0") = 0 [pid 6587] ioctl(4, LOOP_CLR_FD) = 0 [pid 6587] close(4) = 0 [pid 6587] exit_group(0) = ? [pid 6587] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6587, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1559", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1559", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1559/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1559/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1559/binderfs") = 0 umount2("./1559/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1559/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1559/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1559/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1559/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1559/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1559") = 0 mkdir("./1560", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6588 ./strace-static-x86_64: Process 6588 attached [pid 6588] chdir("./1560") = 0 [pid 6588] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6588] setpgid(0, 0) = 0 [ 174.370446][ T6587] loop0: detected capacity change from 0 to 4096 [ 174.379216][ T6587] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6588] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6588] write(3, "1000", 4) = 4 [pid 6588] close(3) = 0 [pid 6588] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6588] memfd_create("syzkaller", 0) = 3 [pid 6588] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6588] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6588] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6588] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6588] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6588] close(3) = 0 [pid 6588] mkdir("./file0", 0777) = 0 [pid 6588] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6588] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6588] chdir("./file0") = 0 [pid 6588] ioctl(4, LOOP_CLR_FD) = 0 [pid 6588] close(4) = 0 [pid 6588] exit_group(0) = ? [pid 6588] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6588, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1560", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1560", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1560/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1560/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1560/binderfs") = 0 umount2("./1560/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1560/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1560/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1560/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1560/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1560/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1560") = 0 mkdir("./1561", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6589 ./strace-static-x86_64: Process 6589 attached [pid 6589] chdir("./1561") = 0 [pid 6589] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6589] setpgid(0, 0) = 0 [pid 6589] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6589] write(3, "1000", 4) = 4 [pid 6589] close(3) = 0 [pid 6589] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6589] memfd_create("syzkaller", 0) = 3 [pid 6589] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 174.455460][ T6588] loop0: detected capacity change from 0 to 4096 [ 174.464015][ T6588] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6589] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6589] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6589] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6589] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6589] close(3) = 0 [pid 6589] mkdir("./file0", 0777) = 0 [pid 6589] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6589] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6589] chdir("./file0") = 0 [pid 6589] ioctl(4, LOOP_CLR_FD) = 0 [pid 6589] close(4) = 0 [pid 6589] exit_group(0) = ? [pid 6589] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6589, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1561", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1561", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1561/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1561/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1561/binderfs") = 0 umount2("./1561/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1561/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1561/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1561/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1561/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1561/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1561") = 0 mkdir("./1562", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6590 ./strace-static-x86_64: Process 6590 attached [pid 6590] chdir("./1562") = 0 [pid 6590] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6590] setpgid(0, 0) = 0 [ 174.537052][ T6589] loop0: detected capacity change from 0 to 4096 [ 174.545378][ T6589] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6590] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6590] write(3, "1000", 4) = 4 [pid 6590] close(3) = 0 [pid 6590] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6590] memfd_create("syzkaller", 0) = 3 [pid 6590] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6590] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6590] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6590] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6590] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6590] close(3) = 0 [pid 6590] mkdir("./file0", 0777) = 0 [pid 6590] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6590] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6590] chdir("./file0") = 0 [pid 6590] ioctl(4, LOOP_CLR_FD) = 0 [pid 6590] close(4) = 0 [pid 6590] exit_group(0) = ? [pid 6590] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6590, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1562", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1562", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1562/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1562/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1562/binderfs") = 0 umount2("./1562/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1562/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1562/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1562/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1562/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1562/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1562") = 0 mkdir("./1563", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 174.622111][ T6590] loop0: detected capacity change from 0 to 4096 [ 174.630772][ T6590] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6591 ./strace-static-x86_64: Process 6591 attached [pid 6591] chdir("./1563") = 0 [pid 6591] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6591] setpgid(0, 0) = 0 [pid 6591] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6591] write(3, "1000", 4) = 4 [pid 6591] close(3) = 0 [pid 6591] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6591] memfd_create("syzkaller", 0) = 3 [pid 6591] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6591] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6591] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6591] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6591] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6591] close(3) = 0 [pid 6591] mkdir("./file0", 0777) = 0 [pid 6591] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6591] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6591] chdir("./file0") = 0 [pid 6591] ioctl(4, LOOP_CLR_FD) = 0 [pid 6591] close(4) = 0 [pid 6591] exit_group(0) = ? [pid 6591] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6591, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1563", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1563", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1563/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1563/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1563/binderfs") = 0 umount2("./1563/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1563/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1563/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1563/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1563/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1563/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1563") = 0 mkdir("./1564", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6592 attached , child_tidptr=0x5555568435d0) = 6592 [pid 6592] chdir("./1564") = 0 [pid 6592] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6592] setpgid(0, 0) = 0 [pid 6592] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6592] write(3, "1000", 4) = 4 [pid 6592] close(3) = 0 [pid 6592] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6592] memfd_create("syzkaller", 0) = 3 [pid 6592] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 174.718690][ T6591] loop0: detected capacity change from 0 to 4096 [ 174.727988][ T6591] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6592] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6592] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6592] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6592] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6592] close(3) = 0 [pid 6592] mkdir("./file0", 0777) = 0 [pid 6592] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6592] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6592] chdir("./file0") = 0 [pid 6592] ioctl(4, LOOP_CLR_FD) = 0 [pid 6592] close(4) = 0 [pid 6592] exit_group(0) = ? [pid 6592] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6592, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1564", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1564", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1564/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1564/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1564/binderfs") = 0 umount2("./1564/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1564/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1564/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1564/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1564/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1564/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1564") = 0 mkdir("./1565", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6593 ./strace-static-x86_64: Process 6593 attached [pid 6593] chdir("./1565") = 0 [pid 6593] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6593] setpgid(0, 0) = 0 [pid 6593] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6593] write(3, "1000", 4) = 4 [pid 6593] close(3) = 0 [pid 6593] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6593] memfd_create("syzkaller", 0) = 3 [pid 6593] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 174.800613][ T6592] loop0: detected capacity change from 0 to 4096 [ 174.809661][ T6592] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6593] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6593] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6593] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6593] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6593] close(3) = 0 [pid 6593] mkdir("./file0", 0777) = 0 [pid 6593] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6593] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6593] chdir("./file0") = 0 [pid 6593] ioctl(4, LOOP_CLR_FD) = 0 [pid 6593] close(4) = 0 [pid 6593] exit_group(0) = ? [pid 6593] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6593, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1565", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1565", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1565/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1565/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1565/binderfs") = 0 umount2("./1565/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1565/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1565/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1565/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1565/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1565/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1565") = 0 mkdir("./1566", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6594 ./strace-static-x86_64: Process 6594 attached [pid 6594] chdir("./1566") = 0 [pid 6594] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6594] setpgid(0, 0) = 0 [pid 6594] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6594] write(3, "1000", 4) = 4 [pid 6594] close(3) = 0 [pid 6594] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6594] memfd_create("syzkaller", 0) = 3 [pid 6594] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 174.884959][ T6593] loop0: detected capacity change from 0 to 4096 [ 174.894181][ T6593] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6594] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6594] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6594] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6594] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6594] close(3) = 0 [pid 6594] mkdir("./file0", 0777) = 0 [pid 6594] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6594] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6594] chdir("./file0") = 0 [pid 6594] ioctl(4, LOOP_CLR_FD) = 0 [pid 6594] close(4) = 0 [pid 6594] exit_group(0) = ? [pid 6594] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6594, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1566", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1566", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1566/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1566/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1566/binderfs") = 0 umount2("./1566/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1566/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1566/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1566/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1566/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1566/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1566") = 0 mkdir("./1567", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6595 ./strace-static-x86_64: Process 6595 attached [pid 6595] chdir("./1567") = 0 [pid 6595] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6595] setpgid(0, 0) = 0 [pid 6595] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 174.967666][ T6594] loop0: detected capacity change from 0 to 4096 [ 174.976487][ T6594] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6595] write(3, "1000", 4) = 4 [pid 6595] close(3) = 0 [pid 6595] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6595] memfd_create("syzkaller", 0) = 3 [pid 6595] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6595] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6595] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6595] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6595] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6595] close(3) = 0 [pid 6595] mkdir("./file0", 0777) = 0 [pid 6595] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6595] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6595] chdir("./file0") = 0 [pid 6595] ioctl(4, LOOP_CLR_FD) = 0 [pid 6595] close(4) = 0 [pid 6595] exit_group(0) = ? [pid 6595] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6595, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1567", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1567", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1567/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1567/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1567/binderfs") = 0 umount2("./1567/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1567/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1567/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1567/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1567/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1567/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1567") = 0 mkdir("./1568", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6596 ./strace-static-x86_64: Process 6596 attached [pid 6596] chdir("./1568") = 0 [pid 6596] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6596] setpgid(0, 0) = 0 [pid 6596] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6596] write(3, "1000", 4) = 4 [pid 6596] close(3) = 0 [pid 6596] symlink("/dev/binderfs", "./binderfs") = 0 [ 175.057753][ T6595] loop0: detected capacity change from 0 to 4096 [ 175.066187][ T6595] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6596] memfd_create("syzkaller", 0) = 3 [pid 6596] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6596] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6596] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6596] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6596] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6596] close(3) = 0 [pid 6596] mkdir("./file0", 0777) = 0 [pid 6596] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6596] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6596] chdir("./file0") = 0 [pid 6596] ioctl(4, LOOP_CLR_FD) = 0 [pid 6596] close(4) = 0 [pid 6596] exit_group(0) = ? [pid 6596] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6596, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1568", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1568", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1568/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1568/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1568/binderfs") = 0 umount2("./1568/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1568/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1568/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1568/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1568/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1568/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1568") = 0 mkdir("./1569", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6597 attached , child_tidptr=0x5555568435d0) = 6597 [pid 6597] chdir("./1569") = 0 [pid 6597] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6597] setpgid(0, 0) = 0 [pid 6597] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6597] write(3, "1000", 4) = 4 [pid 6597] close(3) = 0 [pid 6597] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6597] memfd_create("syzkaller", 0) = 3 [pid 6597] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 175.142475][ T6596] loop0: detected capacity change from 0 to 4096 [ 175.151144][ T6596] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6597] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6597] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6597] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6597] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6597] close(3) = 0 [pid 6597] mkdir("./file0", 0777) = 0 [pid 6597] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6597] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6597] chdir("./file0") = 0 [pid 6597] ioctl(4, LOOP_CLR_FD) = 0 [pid 6597] close(4) = 0 [pid 6597] exit_group(0) = ? [pid 6597] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6597, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1569", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1569", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1569/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1569/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1569/binderfs") = 0 umount2("./1569/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1569/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1569/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1569/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1569/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1569/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1569") = 0 mkdir("./1570", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6598 ./strace-static-x86_64: Process 6598 attached [pid 6598] chdir("./1570") = 0 [pid 6598] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6598] setpgid(0, 0) = 0 [pid 6598] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6598] write(3, "1000", 4) = 4 [pid 6598] close(3) = 0 [pid 6598] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6598] memfd_create("syzkaller", 0) = 3 [pid 6598] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 175.223966][ T6597] loop0: detected capacity change from 0 to 4096 [ 175.233409][ T6597] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6598] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6598] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6598] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6598] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6598] close(3) = 0 [pid 6598] mkdir("./file0", 0777) = 0 [pid 6598] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6598] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6598] chdir("./file0") = 0 [pid 6598] ioctl(4, LOOP_CLR_FD) = 0 [pid 6598] close(4) = 0 [pid 6598] exit_group(0) = ? [pid 6598] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6598, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1570", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1570", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1570/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1570/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1570/binderfs") = 0 umount2("./1570/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1570/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1570/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1570/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1570/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1570/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1570") = 0 mkdir("./1571", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6599 ./strace-static-x86_64: Process 6599 attached [pid 6599] chdir("./1571") = 0 [pid 6599] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6599] setpgid(0, 0) = 0 [ 175.297811][ T6598] loop0: detected capacity change from 0 to 4096 [ 175.307201][ T6598] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6599] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6599] write(3, "1000", 4) = 4 [pid 6599] close(3) = 0 [pid 6599] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6599] memfd_create("syzkaller", 0) = 3 [pid 6599] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6599] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6599] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6599] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6599] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6599] close(3) = 0 [pid 6599] mkdir("./file0", 0777) = 0 [pid 6599] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6599] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6599] chdir("./file0") = 0 [pid 6599] ioctl(4, LOOP_CLR_FD) = 0 [pid 6599] close(4) = 0 [pid 6599] exit_group(0) = ? [pid 6599] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6599, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1571", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1571", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1571/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1571/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1571/binderfs") = 0 umount2("./1571/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1571/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1571/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1571/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1571/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1571/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1571") = 0 mkdir("./1572", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6600 ./strace-static-x86_64: Process 6600 attached [pid 6600] chdir("./1572") = 0 [pid 6600] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6600] setpgid(0, 0) = 0 [pid 6600] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6600] write(3, "1000", 4) = 4 [pid 6600] close(3) = 0 [pid 6600] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6600] memfd_create("syzkaller", 0) = 3 [pid 6600] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 175.385596][ T6599] loop0: detected capacity change from 0 to 4096 [ 175.394597][ T6599] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6600] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6600] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6600] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6600] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6600] close(3) = 0 [pid 6600] mkdir("./file0", 0777) = 0 [pid 6600] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6600] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6600] chdir("./file0") = 0 [pid 6600] ioctl(4, LOOP_CLR_FD) = 0 [pid 6600] close(4) = 0 [pid 6600] exit_group(0) = ? [pid 6600] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6600, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1572", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1572", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1572/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1572/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1572/binderfs") = 0 umount2("./1572/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1572/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1572/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1572/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1572/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1572/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1572") = 0 mkdir("./1573", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6601 ./strace-static-x86_64: Process 6601 attached [pid 6601] chdir("./1573") = 0 [pid 6601] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6601] setpgid(0, 0) = 0 [pid 6601] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6601] write(3, "1000", 4) = 4 [pid 6601] close(3) = 0 [pid 6601] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6601] memfd_create("syzkaller", 0) = 3 [pid 6601] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 175.461208][ T6600] loop0: detected capacity change from 0 to 4096 [ 175.470595][ T6600] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6601] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6601] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6601] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6601] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6601] close(3) = 0 [pid 6601] mkdir("./file0", 0777) = 0 [pid 6601] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6601] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6601] chdir("./file0") = 0 [pid 6601] ioctl(4, LOOP_CLR_FD) = 0 [pid 6601] close(4) = 0 [pid 6601] exit_group(0) = ? [pid 6601] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6601, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- umount2("./1573", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1573", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1573/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1573/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1573/binderfs") = 0 umount2("./1573/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1573/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1573/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1573/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1573/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1573/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1573") = 0 mkdir("./1574", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6602 ./strace-static-x86_64: Process 6602 attached [ 175.539042][ T6601] loop0: detected capacity change from 0 to 4096 [ 175.547774][ T6601] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6602] chdir("./1574") = 0 [pid 6602] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6602] setpgid(0, 0) = 0 [pid 6602] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6602] write(3, "1000", 4) = 4 [pid 6602] close(3) = 0 [pid 6602] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6602] memfd_create("syzkaller", 0) = 3 [pid 6602] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6602] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6602] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6602] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6602] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6602] close(3) = 0 [pid 6602] mkdir("./file0", 0777) = 0 [pid 6602] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6602] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6602] chdir("./file0") = 0 [pid 6602] ioctl(4, LOOP_CLR_FD) = 0 [pid 6602] close(4) = 0 [pid 6602] exit_group(0) = ? [pid 6602] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6602, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1574", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1574", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1574/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1574/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1574/binderfs") = 0 umount2("./1574/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1574/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1574/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1574/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1574/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1574/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1574") = 0 mkdir("./1575", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6603 ./strace-static-x86_64: Process 6603 attached [pid 6603] chdir("./1575") = 0 [ 175.630312][ T6602] loop0: detected capacity change from 0 to 4096 [ 175.638999][ T6602] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6603] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6603] setpgid(0, 0) = 0 [pid 6603] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6603] write(3, "1000", 4) = 4 [pid 6603] close(3) = 0 [pid 6603] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6603] memfd_create("syzkaller", 0) = 3 [pid 6603] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6603] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6603] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6603] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6603] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6603] close(3) = 0 [pid 6603] mkdir("./file0", 0777) = 0 [pid 6603] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6603] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6603] chdir("./file0") = 0 [pid 6603] ioctl(4, LOOP_CLR_FD) = 0 [pid 6603] close(4) = 0 [pid 6603] exit_group(0) = ? [pid 6603] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6603, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./1575", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1575", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1575/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1575/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1575/binderfs") = 0 [ 175.717301][ T6603] loop0: detected capacity change from 0 to 4096 [ 175.725549][ T6603] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). umount2("./1575/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1575/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1575/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1575/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1575/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1575/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1575") = 0 mkdir("./1576", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6604 ./strace-static-x86_64: Process 6604 attached [pid 6604] chdir("./1576") = 0 [pid 6604] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6604] setpgid(0, 0) = 0 [pid 6604] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6604] write(3, "1000", 4) = 4 [pid 6604] close(3) = 0 [pid 6604] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6604] memfd_create("syzkaller", 0) = 3 [pid 6604] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6604] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6604] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6604] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6604] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6604] close(3) = 0 [pid 6604] mkdir("./file0", 0777) = 0 [pid 6604] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6604] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6604] chdir("./file0") = 0 [pid 6604] ioctl(4, LOOP_CLR_FD) = 0 [pid 6604] close(4) = 0 [pid 6604] exit_group(0) = ? [pid 6604] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6604, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1576", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1576", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1576/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1576/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1576/binderfs") = 0 umount2("./1576/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1576/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1576/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1576/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1576/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1576/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1576") = 0 mkdir("./1577", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6605 attached , child_tidptr=0x5555568435d0) = 6605 [pid 6605] chdir("./1577") = 0 [pid 6605] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6605] setpgid(0, 0) = 0 [pid 6605] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6605] write(3, "1000", 4) = 4 [pid 6605] close(3) = 0 [pid 6605] symlink("/dev/binderfs", "./binderfs") = 0 [ 175.815681][ T6604] loop0: detected capacity change from 0 to 4096 [ 175.824247][ T6604] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6605] memfd_create("syzkaller", 0) = 3 [pid 6605] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6605] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6605] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6605] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6605] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6605] close(3) = 0 [pid 6605] mkdir("./file0", 0777) = 0 [pid 6605] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6605] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6605] chdir("./file0") = 0 [pid 6605] ioctl(4, LOOP_CLR_FD) = 0 [pid 6605] close(4) = 0 [pid 6605] exit_group(0) = ? [pid 6605] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6605, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1577", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1577", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1577/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1577/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1577/binderfs") = 0 umount2("./1577/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1577/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1577/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1577/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1577/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1577/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1577") = 0 mkdir("./1578", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 175.898795][ T6605] loop0: detected capacity change from 0 to 4096 [ 175.907695][ T6605] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6606 ./strace-static-x86_64: Process 6606 attached [pid 6606] chdir("./1578") = 0 [pid 6606] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6606] setpgid(0, 0) = 0 [pid 6606] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6606] write(3, "1000", 4) = 4 [pid 6606] close(3) = 0 [pid 6606] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6606] memfd_create("syzkaller", 0) = 3 [pid 6606] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6606] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6606] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6606] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6606] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6606] close(3) = 0 [pid 6606] mkdir("./file0", 0777) = 0 [pid 6606] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6606] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6606] chdir("./file0") = 0 [pid 6606] ioctl(4, LOOP_CLR_FD) = 0 [pid 6606] close(4) = 0 [pid 6606] exit_group(0) = ? [pid 6606] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6606, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1578", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1578", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1578/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1578/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1578/binderfs") = 0 umount2("./1578/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1578/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1578/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1578/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1578/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1578/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1578") = 0 mkdir("./1579", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6607 ./strace-static-x86_64: Process 6607 attached [pid 6607] chdir("./1579") = 0 [pid 6607] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6607] setpgid(0, 0) = 0 [pid 6607] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6607] write(3, "1000", 4) = 4 [pid 6607] close(3) = 0 [pid 6607] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6607] memfd_create("syzkaller", 0) = 3 [pid 6607] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 175.987056][ T6606] loop0: detected capacity change from 0 to 4096 [ 175.995269][ T6606] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6607] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6607] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6607] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6607] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6607] close(3) = 0 [pid 6607] mkdir("./file0", 0777) = 0 [pid 6607] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6607] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6607] chdir("./file0") = 0 [pid 6607] ioctl(4, LOOP_CLR_FD) = 0 [pid 6607] close(4) = 0 [pid 6607] exit_group(0) = ? [pid 6607] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6607, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1579", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1579", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1579/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1579/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1579/binderfs") = 0 umount2("./1579/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1579/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1579/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1579/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1579/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1579/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1579") = 0 mkdir("./1580", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6608 ./strace-static-x86_64: Process 6608 attached [pid 6608] chdir("./1580") = 0 [pid 6608] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6608] setpgid(0, 0) = 0 [pid 6608] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6608] write(3, "1000", 4) = 4 [pid 6608] close(3) = 0 [pid 6608] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6608] memfd_create("syzkaller", 0) = 3 [pid 6608] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 176.064367][ T6607] loop0: detected capacity change from 0 to 4096 [ 176.072865][ T6607] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6608] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6608] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6608] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6608] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6608] close(3) = 0 [pid 6608] mkdir("./file0", 0777) = 0 [pid 6608] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6608] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6608] chdir("./file0") = 0 [pid 6608] ioctl(4, LOOP_CLR_FD) = 0 [pid 6608] close(4) = 0 [pid 6608] exit_group(0) = ? [pid 6608] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6608, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1580", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1580", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1580/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1580/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1580/binderfs") = 0 umount2("./1580/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1580/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1580/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1580/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1580/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1580/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1580") = 0 mkdir("./1581", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6609 ./strace-static-x86_64: Process 6609 attached [pid 6609] chdir("./1581") = 0 [pid 6609] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6609] setpgid(0, 0) = 0 [pid 6609] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6609] write(3, "1000", 4) = 4 [pid 6609] close(3) = 0 [pid 6609] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6609] memfd_create("syzkaller", 0) = 3 [pid 6609] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 176.147002][ T6608] loop0: detected capacity change from 0 to 4096 [ 176.155408][ T6608] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6609] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6609] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6609] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6609] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6609] close(3) = 0 [pid 6609] mkdir("./file0", 0777) = 0 [pid 6609] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6609] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6609] chdir("./file0") = 0 [pid 6609] ioctl(4, LOOP_CLR_FD) = 0 [pid 6609] close(4) = 0 [pid 6609] exit_group(0) = ? [pid 6609] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6609, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- umount2("./1581", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1581", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1581/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1581/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1581/binderfs") = 0 umount2("./1581/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1581/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1581/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1581/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1581/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1581/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1581") = 0 mkdir("./1582", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6610 ./strace-static-x86_64: Process 6610 attached [pid 6610] chdir("./1582") = 0 [ 176.230596][ T6609] loop0: detected capacity change from 0 to 4096 [ 176.239788][ T6609] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6610] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6610] setpgid(0, 0) = 0 [pid 6610] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6610] write(3, "1000", 4) = 4 [pid 6610] close(3) = 0 [pid 6610] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6610] memfd_create("syzkaller", 0) = 3 [pid 6610] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6610] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6610] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6610] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6610] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6610] close(3) = 0 [pid 6610] mkdir("./file0", 0777) = 0 [pid 6610] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6610] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6610] chdir("./file0") = 0 [pid 6610] ioctl(4, LOOP_CLR_FD) = 0 [pid 6610] close(4) = 0 [pid 6610] exit_group(0) = ? [pid 6610] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6610, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1582", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1582", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1582/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1582/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1582/binderfs") = 0 umount2("./1582/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1582/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1582/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1582/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1582/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1582/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1582") = 0 mkdir("./1583", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6611 ./strace-static-x86_64: Process 6611 attached [pid 6611] chdir("./1583") = 0 [pid 6611] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6611] setpgid(0, 0) = 0 [pid 6611] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6611] write(3, "1000", 4) = 4 [pid 6611] close(3) = 0 [pid 6611] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6611] memfd_create("syzkaller", 0) = 3 [pid 6611] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 176.319885][ T6610] loop0: detected capacity change from 0 to 4096 [ 176.328749][ T6610] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6611] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6611] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6611] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6611] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6611] close(3) = 0 [pid 6611] mkdir("./file0", 0777) = 0 [pid 6611] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6611] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6611] chdir("./file0") = 0 [pid 6611] ioctl(4, LOOP_CLR_FD) = 0 [pid 6611] close(4) = 0 [pid 6611] exit_group(0) = ? [pid 6611] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6611, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1583", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1583", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1583/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1583/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1583/binderfs") = 0 umount2("./1583/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1583/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1583/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1583/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1583/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1583/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1583") = 0 mkdir("./1584", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6612 ./strace-static-x86_64: Process 6612 attached [pid 6612] chdir("./1584") = 0 [pid 6612] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6612] setpgid(0, 0) = 0 [pid 6612] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6612] write(3, "1000", 4) = 4 [pid 6612] close(3) = 0 [pid 6612] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6612] memfd_create("syzkaller", 0) = 3 [pid 6612] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 176.398355][ T6611] loop0: detected capacity change from 0 to 4096 [ 176.407218][ T6611] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6612] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6612] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6612] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6612] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6612] close(3) = 0 [pid 6612] mkdir("./file0", 0777) = 0 [pid 6612] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6612] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6612] chdir("./file0") = 0 [pid 6612] ioctl(4, LOOP_CLR_FD) = 0 [pid 6612] close(4) = 0 [pid 6612] exit_group(0) = ? [pid 6612] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6612, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1584", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1584", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1584/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1584/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1584/binderfs") = 0 umount2("./1584/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1584/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1584/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1584/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1584/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1584/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1584") = 0 mkdir("./1585", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6613 ./strace-static-x86_64: Process 6613 attached [pid 6613] chdir("./1585") = 0 [pid 6613] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6613] setpgid(0, 0) = 0 [pid 6613] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6613] write(3, "1000", 4) = 4 [pid 6613] close(3) = 0 [pid 6613] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6613] memfd_create("syzkaller", 0) = 3 [pid 6613] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 176.478843][ T6612] loop0: detected capacity change from 0 to 4096 [ 176.487756][ T6612] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6613] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6613] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6613] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6613] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6613] close(3) = 0 [pid 6613] mkdir("./file0", 0777) = 0 [pid 6613] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6613] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6613] chdir("./file0") = 0 [pid 6613] ioctl(4, LOOP_CLR_FD) = 0 [pid 6613] close(4) = 0 [pid 6613] exit_group(0) = ? [pid 6613] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6613, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1585", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1585", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1585/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1585/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1585/binderfs") = 0 umount2("./1585/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1585/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1585/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1585/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1585/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1585/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1585") = 0 mkdir("./1586", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6614 ./strace-static-x86_64: Process 6614 attached [pid 6614] chdir("./1586") = 0 [pid 6614] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6614] setpgid(0, 0) = 0 [pid 6614] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6614] write(3, "1000", 4) = 4 [pid 6614] close(3) = 0 [pid 6614] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6614] memfd_create("syzkaller", 0) = 3 [pid 6614] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 176.555994][ T6613] loop0: detected capacity change from 0 to 4096 [ 176.564998][ T6613] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6614] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6614] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6614] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6614] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6614] close(3) = 0 [pid 6614] mkdir("./file0", 0777) = 0 [pid 6614] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6614] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6614] chdir("./file0") = 0 [pid 6614] ioctl(4, LOOP_CLR_FD) = 0 [pid 6614] close(4) = 0 [pid 6614] exit_group(0) = ? [pid 6614] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6614, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1586", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1586", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1586/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1586/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1586/binderfs") = 0 umount2("./1586/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1586/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1586/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1586/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1586/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1586/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1586") = 0 mkdir("./1587", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6615 attached , child_tidptr=0x5555568435d0) = 6615 [pid 6615] chdir("./1587") = 0 [pid 6615] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6615] setpgid(0, 0) = 0 [pid 6615] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6615] write(3, "1000", 4) = 4 [pid 6615] close(3) = 0 [pid 6615] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6615] memfd_create("syzkaller", 0) = 3 [pid 6615] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 176.642479][ T6614] loop0: detected capacity change from 0 to 4096 [ 176.651186][ T6614] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6615] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6615] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6615] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6615] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6615] close(3) = 0 [pid 6615] mkdir("./file0", 0777) = 0 [pid 6615] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6615] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6615] chdir("./file0") = 0 [pid 6615] ioctl(4, LOOP_CLR_FD) = 0 [pid 6615] close(4) = 0 [pid 6615] exit_group(0) = ? [pid 6615] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6615, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./1587", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1587", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1587/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1587/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1587/binderfs") = 0 umount2("./1587/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1587/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1587/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1587/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1587/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1587/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1587") = 0 mkdir("./1588", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6616 ./strace-static-x86_64: Process 6616 attached [pid 6616] chdir("./1588") = 0 [pid 6616] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6616] setpgid(0, 0) = 0 [pid 6616] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6616] write(3, "1000", 4) = 4 [pid 6616] close(3) = 0 [pid 6616] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6616] memfd_create("syzkaller", 0) = 3 [pid 6616] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 176.726212][ T6615] loop0: detected capacity change from 0 to 4096 [ 176.734378][ T6615] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6616] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6616] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6616] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6616] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6616] close(3) = 0 [pid 6616] mkdir("./file0", 0777) = 0 [pid 6616] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6616] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6616] chdir("./file0") = 0 [pid 6616] ioctl(4, LOOP_CLR_FD) = 0 [pid 6616] close(4) = 0 [pid 6616] exit_group(0) = ? [pid 6616] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6616, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1588", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1588", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1588/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1588/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1588/binderfs") = 0 umount2("./1588/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1588/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1588/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1588/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1588/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1588/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1588") = 0 mkdir("./1589", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6617 ./strace-static-x86_64: Process 6617 attached [ 176.811550][ T6616] loop0: detected capacity change from 0 to 4096 [ 176.819957][ T6616] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6617] chdir("./1589") = 0 [pid 6617] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6617] setpgid(0, 0) = 0 [pid 6617] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6617] write(3, "1000", 4) = 4 [pid 6617] close(3) = 0 [pid 6617] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6617] memfd_create("syzkaller", 0) = 3 [pid 6617] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6617] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6617] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6617] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6617] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6617] close(3) = 0 [pid 6617] mkdir("./file0", 0777) = 0 [pid 6617] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6617] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6617] chdir("./file0") = 0 [pid 6617] ioctl(4, LOOP_CLR_FD) = 0 [pid 6617] close(4) = 0 [pid 6617] exit_group(0) = ? [pid 6617] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6617, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1589", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1589", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1589/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1589/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1589/binderfs") = 0 umount2("./1589/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1589/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1589/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1589/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1589/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1589/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1589") = 0 mkdir("./1590", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6618 ./strace-static-x86_64: Process 6618 attached [pid 6618] chdir("./1590") = 0 [pid 6618] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6618] setpgid(0, 0) = 0 [pid 6618] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6618] write(3, "1000", 4) = 4 [pid 6618] close(3) = 0 [pid 6618] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6618] memfd_create("syzkaller", 0) = 3 [pid 6618] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 176.900420][ T6617] loop0: detected capacity change from 0 to 4096 [ 176.909358][ T6617] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6618] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6618] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6618] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6618] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6618] close(3) = 0 [pid 6618] mkdir("./file0", 0777) = 0 [pid 6618] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6618] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6618] chdir("./file0") = 0 [pid 6618] ioctl(4, LOOP_CLR_FD) = 0 [pid 6618] close(4) = 0 [pid 6618] exit_group(0) = ? [pid 6618] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6618, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1590", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1590", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1590/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1590/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1590/binderfs") = 0 umount2("./1590/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1590/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1590/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1590/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1590/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1590/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1590") = 0 mkdir("./1591", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6619 ./strace-static-x86_64: Process 6619 attached [pid 6619] chdir("./1591") = 0 [pid 6619] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6619] setpgid(0, 0) = 0 [pid 6619] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6619] write(3, "1000", 4) = 4 [pid 6619] close(3) = 0 [pid 6619] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6619] memfd_create("syzkaller", 0) = 3 [pid 6619] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 176.983869][ T6618] loop0: detected capacity change from 0 to 4096 [ 176.993262][ T6618] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6619] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6619] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6619] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6619] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6619] close(3) = 0 [pid 6619] mkdir("./file0", 0777) = 0 [pid 6619] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6619] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6619] chdir("./file0") = 0 [pid 6619] ioctl(4, LOOP_CLR_FD) = 0 [pid 6619] close(4) = 0 [pid 6619] exit_group(0) = ? [pid 6619] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6619, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- umount2("./1591", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1591", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1591/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1591/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1591/binderfs") = 0 umount2("./1591/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1591/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1591/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1591/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1591/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1591/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1591") = 0 mkdir("./1592", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6620 ./strace-static-x86_64: Process 6620 attached [pid 6620] chdir("./1592") = 0 [pid 6620] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6620] setpgid(0, 0) = 0 [pid 6620] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6620] write(3, "1000", 4) = 4 [pid 6620] close(3) = 0 [pid 6620] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6620] memfd_create("syzkaller", 0) = 3 [pid 6620] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 177.061683][ T6619] loop0: detected capacity change from 0 to 4096 [ 177.070441][ T6619] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6620] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6620] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6620] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6620] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6620] close(3) = 0 [pid 6620] mkdir("./file0", 0777) = 0 [pid 6620] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6620] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6620] chdir("./file0") = 0 [pid 6620] ioctl(4, LOOP_CLR_FD) = 0 [pid 6620] close(4) = 0 [pid 6620] exit_group(0) = ? [pid 6620] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6620, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1592", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1592", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1592/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1592/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1592/binderfs") = 0 umount2("./1592/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1592/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1592/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1592/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1592/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1592/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1592") = 0 mkdir("./1593", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6621 attached , child_tidptr=0x5555568435d0) = 6621 [pid 6621] chdir("./1593") = 0 [pid 6621] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6621] setpgid(0, 0) = 0 [pid 6621] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6621] write(3, "1000", 4) = 4 [pid 6621] close(3) = 0 [pid 6621] symlink("/dev/binderfs", "./binderfs") = 0 [ 177.144143][ T6620] loop0: detected capacity change from 0 to 4096 [ 177.152585][ T6620] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6621] memfd_create("syzkaller", 0) = 3 [pid 6621] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6621] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6621] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6621] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6621] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6621] close(3) = 0 [pid 6621] mkdir("./file0", 0777) = 0 [pid 6621] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6621] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6621] chdir("./file0") = 0 [pid 6621] ioctl(4, LOOP_CLR_FD) = 0 [pid 6621] close(4) = 0 [pid 6621] exit_group(0) = ? [pid 6621] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6621, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1593", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1593", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1593/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1593/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1593/binderfs") = 0 umount2("./1593/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1593/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1593/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1593/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1593/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1593/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1593") = 0 mkdir("./1594", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6622 ./strace-static-x86_64: Process 6622 attached [pid 6622] chdir("./1594") = 0 [pid 6622] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6622] setpgid(0, 0) = 0 [pid 6622] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6622] write(3, "1000", 4) = 4 [pid 6622] close(3) = 0 [pid 6622] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6622] memfd_create("syzkaller", 0) = 3 [pid 6622] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 177.228447][ T6621] loop0: detected capacity change from 0 to 4096 [ 177.237438][ T6621] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6622] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6622] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6622] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6622] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6622] close(3) = 0 [pid 6622] mkdir("./file0", 0777) = 0 [pid 6622] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6622] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6622] chdir("./file0") = 0 [pid 6622] ioctl(4, LOOP_CLR_FD) = 0 [pid 6622] close(4) = 0 [pid 6622] exit_group(0) = ? [pid 6622] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6622, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1594", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1594", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1594/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1594/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1594/binderfs") = 0 umount2("./1594/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1594/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1594/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1594/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1594/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1594/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1594") = 0 mkdir("./1595", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6623 ./strace-static-x86_64: Process 6623 attached [pid 6623] chdir("./1595") = 0 [pid 6623] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6623] setpgid(0, 0) = 0 [pid 6623] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6623] write(3, "1000", 4) = 4 [pid 6623] close(3) = 0 [pid 6623] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6623] memfd_create("syzkaller", 0) = 3 [pid 6623] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 177.310833][ T6622] loop0: detected capacity change from 0 to 4096 [ 177.319874][ T6622] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6623] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6623] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6623] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6623] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6623] close(3) = 0 [pid 6623] mkdir("./file0", 0777) = 0 [pid 6623] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6623] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6623] chdir("./file0") = 0 [pid 6623] ioctl(4, LOOP_CLR_FD) = 0 [pid 6623] close(4) = 0 [pid 6623] exit_group(0) = ? [pid 6623] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6623, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1595", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1595", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1595/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1595/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1595/binderfs") = 0 umount2("./1595/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1595/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1595/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1595/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1595/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1595/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1595") = 0 mkdir("./1596", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6624 attached , child_tidptr=0x5555568435d0) = 6624 [pid 6624] chdir("./1596") = 0 [pid 6624] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6624] setpgid(0, 0) = 0 [pid 6624] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6624] write(3, "1000", 4) = 4 [pid 6624] close(3) = 0 [pid 6624] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6624] memfd_create("syzkaller", 0) = 3 [pid 6624] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 177.390866][ T6623] loop0: detected capacity change from 0 to 4096 [ 177.399309][ T6623] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6624] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6624] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6624] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6624] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6624] close(3) = 0 [pid 6624] mkdir("./file0", 0777) = 0 [pid 6624] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6624] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6624] chdir("./file0") = 0 [pid 6624] ioctl(4, LOOP_CLR_FD) = 0 [pid 6624] close(4) = 0 [pid 6624] exit_group(0) = ? [pid 6624] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6624, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1596", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1596", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1596/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1596/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1596/binderfs") = 0 umount2("./1596/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1596/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1596/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1596/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1596/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1596/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1596") = 0 mkdir("./1597", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6625 ./strace-static-x86_64: Process 6625 attached [pid 6625] chdir("./1597") = 0 [pid 6625] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6625] setpgid(0, 0) = 0 [pid 6625] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6625] write(3, "1000", 4) = 4 [pid 6625] close(3) = 0 [pid 6625] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6625] memfd_create("syzkaller", 0) = 3 [pid 6625] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 177.473569][ T6624] loop0: detected capacity change from 0 to 4096 [ 177.482683][ T6624] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6625] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6625] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6625] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6625] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6625] close(3) = 0 [pid 6625] mkdir("./file0", 0777) = 0 [pid 6625] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6625] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6625] chdir("./file0") = 0 [pid 6625] ioctl(4, LOOP_CLR_FD) = 0 [pid 6625] close(4) = 0 [pid 6625] exit_group(0) = ? [pid 6625] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6625, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- umount2("./1597", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1597", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1597/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1597/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1597/binderfs") = 0 umount2("./1597/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1597/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1597/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1597/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1597/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1597/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1597") = 0 mkdir("./1598", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6626 ./strace-static-x86_64: Process 6626 attached [pid 6626] chdir("./1598") = 0 [pid 6626] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6626] setpgid(0, 0) = 0 [pid 6626] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6626] write(3, "1000", 4) = 4 [pid 6626] close(3) = 0 [pid 6626] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6626] memfd_create("syzkaller", 0) = 3 [pid 6626] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 177.555694][ T6625] loop0: detected capacity change from 0 to 4096 [ 177.564956][ T6625] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6626] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6626] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6626] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6626] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6626] close(3) = 0 [pid 6626] mkdir("./file0", 0777) = 0 [pid 6626] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6626] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6626] chdir("./file0") = 0 [pid 6626] ioctl(4, LOOP_CLR_FD) = 0 [pid 6626] close(4) = 0 [pid 6626] exit_group(0) = ? [pid 6626] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6626, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1598", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1598", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1598/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1598/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1598/binderfs") = 0 umount2("./1598/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1598/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1598/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1598/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1598/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1598/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1598") = 0 mkdir("./1599", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 177.632619][ T6626] loop0: detected capacity change from 0 to 4096 [ 177.640878][ T6626] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6627 ./strace-static-x86_64: Process 6627 attached [pid 6627] chdir("./1599") = 0 [pid 6627] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6627] setpgid(0, 0) = 0 [pid 6627] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6627] write(3, "1000", 4) = 4 [pid 6627] close(3) = 0 [pid 6627] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6627] memfd_create("syzkaller", 0) = 3 [pid 6627] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6627] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6627] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6627] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6627] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6627] close(3) = 0 [pid 6627] mkdir("./file0", 0777) = 0 [pid 6627] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6627] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6627] chdir("./file0") = 0 [pid 6627] ioctl(4, LOOP_CLR_FD) = 0 [pid 6627] close(4) = 0 [pid 6627] exit_group(0) = ? [pid 6627] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6627, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./1599", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1599", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1599/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1599/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1599/binderfs") = 0 umount2("./1599/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1599/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1599/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1599/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1599/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1599/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1599") = 0 mkdir("./1600", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6628 ./strace-static-x86_64: Process 6628 attached [pid 6628] chdir("./1600") = 0 [pid 6628] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6628] setpgid(0, 0) = 0 [pid 6628] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6628] write(3, "1000", 4) = 4 [pid 6628] close(3) = 0 [pid 6628] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6628] memfd_create("syzkaller", 0) = 3 [pid 6628] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 177.721356][ T6627] loop0: detected capacity change from 0 to 4096 [ 177.730172][ T6627] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6628] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6628] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6628] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6628] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6628] close(3) = 0 [pid 6628] mkdir("./file0", 0777) = 0 [pid 6628] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6628] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6628] chdir("./file0") = 0 [pid 6628] ioctl(4, LOOP_CLR_FD) = 0 [pid 6628] close(4) = 0 [pid 6628] exit_group(0) = ? [pid 6628] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6628, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- umount2("./1600", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1600", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1600/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1600/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1600/binderfs") = 0 umount2("./1600/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1600/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1600/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1600/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1600/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1600/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1600") = 0 mkdir("./1601", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6629 ./strace-static-x86_64: Process 6629 attached [pid 6629] chdir("./1601") = 0 [pid 6629] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6629] setpgid(0, 0) = 0 [pid 6629] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6629] write(3, "1000", 4) = 4 [ 177.804474][ T6628] loop0: detected capacity change from 0 to 4096 [ 177.813788][ T6628] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6629] close(3) = 0 [pid 6629] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6629] memfd_create("syzkaller", 0) = 3 [pid 6629] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6629] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6629] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6629] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6629] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6629] close(3) = 0 [pid 6629] mkdir("./file0", 0777) = 0 [pid 6629] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6629] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6629] chdir("./file0") = 0 [pid 6629] ioctl(4, LOOP_CLR_FD) = 0 [pid 6629] close(4) = 0 [pid 6629] exit_group(0) = ? [pid 6629] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6629, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- umount2("./1601", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1601", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1601/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1601/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1601/binderfs") = 0 umount2("./1601/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1601/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1601/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1601/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1601/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1601/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1601") = 0 mkdir("./1602", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6630 ./strace-static-x86_64: Process 6630 attached [pid 6630] chdir("./1602") = 0 [pid 6630] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6630] setpgid(0, 0) = 0 [pid 6630] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6630] write(3, "1000", 4) = 4 [pid 6630] close(3) = 0 [pid 6630] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6630] memfd_create("syzkaller", 0) = 3 [pid 6630] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 177.887388][ T6629] loop0: detected capacity change from 0 to 4096 [ 177.896160][ T6629] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6630] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6630] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6630] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6630] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6630] close(3) = 0 [pid 6630] mkdir("./file0", 0777) = 0 [pid 6630] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6630] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6630] chdir("./file0") = 0 [pid 6630] ioctl(4, LOOP_CLR_FD) = 0 [pid 6630] close(4) = 0 [pid 6630] exit_group(0) = ? [pid 6630] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6630, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1602", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1602", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1602/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1602/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1602/binderfs") = 0 umount2("./1602/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1602/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1602/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1602/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1602/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1602/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1602") = 0 mkdir("./1603", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6631 ./strace-static-x86_64: Process 6631 attached [pid 6631] chdir("./1603") = 0 [pid 6631] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6631] setpgid(0, 0) = 0 [pid 6631] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6631] write(3, "1000", 4) = 4 [pid 6631] close(3) = 0 [pid 6631] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6631] memfd_create("syzkaller", 0) = 3 [ 177.971073][ T6630] loop0: detected capacity change from 0 to 4096 [ 177.979626][ T6630] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6631] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6631] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6631] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6631] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6631] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6631] close(3) = 0 [pid 6631] mkdir("./file0", 0777) = 0 [pid 6631] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6631] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6631] chdir("./file0") = 0 [pid 6631] ioctl(4, LOOP_CLR_FD) = 0 [pid 6631] close(4) = 0 [pid 6631] exit_group(0) = ? [pid 6631] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6631, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- umount2("./1603", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1603", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1603/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1603/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1603/binderfs") = 0 umount2("./1603/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1603/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1603/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1603/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1603/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1603/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1603") = 0 mkdir("./1604", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6632 ./strace-static-x86_64: Process 6632 attached [pid 6632] chdir("./1604") = 0 [pid 6632] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6632] setpgid(0, 0) = 0 [pid 6632] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6632] write(3, "1000", 4) = 4 [pid 6632] close(3) = 0 [pid 6632] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6632] memfd_create("syzkaller", 0) = 3 [pid 6632] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 178.054990][ T6631] loop0: detected capacity change from 0 to 4096 [ 178.064357][ T6631] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6632] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6632] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6632] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6632] close(3) = 0 [pid 6632] mkdir("./file0", 0777) = 0 [pid 6632] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6632] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6632] chdir("./file0") = 0 [pid 6632] ioctl(4, LOOP_CLR_FD) = 0 [pid 6632] close(4) = 0 [pid 6632] exit_group(0) = ? [pid 6632] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6632, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1604", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1604", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1604/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1604/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1604/binderfs") = 0 umount2("./1604/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1604/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1604/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1604/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1604/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1604/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1604") = 0 mkdir("./1605", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6633 ./strace-static-x86_64: Process 6633 attached [pid 6633] chdir("./1605") = 0 [pid 6633] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6633] setpgid(0, 0) = 0 [pid 6633] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6633] write(3, "1000", 4) = 4 [pid 6633] close(3) = 0 [pid 6633] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6633] memfd_create("syzkaller", 0) = 3 [pid 6633] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 178.139700][ T6632] loop0: detected capacity change from 0 to 4096 [ 178.148642][ T6632] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6633] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6633] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6633] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6633] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6633] close(3) = 0 [pid 6633] mkdir("./file0", 0777) = 0 [pid 6633] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6633] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6633] chdir("./file0") = 0 [pid 6633] ioctl(4, LOOP_CLR_FD) = 0 [pid 6633] close(4) = 0 [pid 6633] exit_group(0) = ? [pid 6633] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6633, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1605", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1605", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1605/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1605/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1605/binderfs") = 0 umount2("./1605/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1605/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1605/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1605/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1605/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1605/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1605") = 0 mkdir("./1606", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 178.222499][ T6633] loop0: detected capacity change from 0 to 4096 [ 178.231665][ T6633] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6634 ./strace-static-x86_64: Process 6634 attached [pid 6634] chdir("./1606") = 0 [pid 6634] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6634] setpgid(0, 0) = 0 [pid 6634] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6634] write(3, "1000", 4) = 4 [pid 6634] close(3) = 0 [pid 6634] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6634] memfd_create("syzkaller", 0) = 3 [pid 6634] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6634] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6634] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6634] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6634] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6634] close(3) = 0 [pid 6634] mkdir("./file0", 0777) = 0 [pid 6634] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6634] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6634] chdir("./file0") = 0 [pid 6634] ioctl(4, LOOP_CLR_FD) = 0 [pid 6634] close(4) = 0 [pid 6634] exit_group(0) = ? [pid 6634] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6634, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1606", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1606", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1606/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1606/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1606/binderfs") = 0 umount2("./1606/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1606/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1606/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1606/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1606/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1606/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1606") = 0 mkdir("./1607", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6635 ./strace-static-x86_64: Process 6635 attached [pid 6635] chdir("./1607") = 0 [pid 6635] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 178.353867][ T6634] loop0: detected capacity change from 0 to 4096 [ 178.362322][ T6634] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6635] setpgid(0, 0) = 0 [pid 6635] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6635] write(3, "1000", 4) = 4 [pid 6635] close(3) = 0 [pid 6635] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6635] memfd_create("syzkaller", 0) = 3 [pid 6635] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6635] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6635] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6635] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6635] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6635] close(3) = 0 [pid 6635] mkdir("./file0", 0777) = 0 [pid 6635] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6635] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6635] chdir("./file0") = 0 [pid 6635] ioctl(4, LOOP_CLR_FD) = 0 [pid 6635] close(4) = 0 [pid 6635] exit_group(0) = ? [pid 6635] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6635, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- umount2("./1607", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1607", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1607/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1607/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1607/binderfs") = 0 umount2("./1607/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1607/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1607/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1607/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1607/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1607/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1607") = 0 mkdir("./1608", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6636 ./strace-static-x86_64: Process 6636 attached [ 178.440798][ T6635] loop0: detected capacity change from 0 to 4096 [ 178.449082][ T6635] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6636] chdir("./1608") = 0 [pid 6636] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6636] setpgid(0, 0) = 0 [pid 6636] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6636] write(3, "1000", 4) = 4 [pid 6636] close(3) = 0 [pid 6636] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6636] memfd_create("syzkaller", 0) = 3 [pid 6636] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6636] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6636] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6636] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6636] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6636] close(3) = 0 [pid 6636] mkdir("./file0", 0777) = 0 [pid 6636] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6636] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6636] chdir("./file0") = 0 [pid 6636] ioctl(4, LOOP_CLR_FD) = 0 [pid 6636] close(4) = 0 [pid 6636] exit_group(0) = ? [pid 6636] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6636, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1608", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1608", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1608/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1608/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1608/binderfs") = 0 umount2("./1608/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1608/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1608/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1608/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1608/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1608/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1608") = 0 mkdir("./1609", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6637 ./strace-static-x86_64: Process 6637 attached [pid 6637] chdir("./1609") = 0 [pid 6637] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6637] setpgid(0, 0) = 0 [pid 6637] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6637] write(3, "1000", 4) = 4 [pid 6637] close(3) = 0 [pid 6637] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6637] memfd_create("syzkaller", 0) = 3 [pid 6637] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 178.528492][ T6636] loop0: detected capacity change from 0 to 4096 [ 178.537234][ T6636] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6637] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6637] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6637] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6637] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6637] close(3) = 0 [pid 6637] mkdir("./file0", 0777) = 0 [pid 6637] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6637] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6637] chdir("./file0") = 0 [pid 6637] ioctl(4, LOOP_CLR_FD) = 0 [pid 6637] close(4) = 0 [pid 6637] exit_group(0) = ? [pid 6637] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6637, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1609", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1609", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1609/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1609/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1609/binderfs") = 0 umount2("./1609/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1609/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1609/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1609/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1609/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1609/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1609") = 0 mkdir("./1610", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6638 attached , child_tidptr=0x5555568435d0) = 6638 [pid 6638] chdir("./1610") = 0 [pid 6638] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6638] setpgid(0, 0) = 0 [pid 6638] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6638] write(3, "1000", 4) = 4 [pid 6638] close(3) = 0 [pid 6638] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6638] memfd_create("syzkaller", 0) = 3 [pid 6638] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 178.603516][ T6637] loop0: detected capacity change from 0 to 4096 [ 178.612155][ T6637] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6638] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6638] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6638] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6638] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6638] close(3) = 0 [pid 6638] mkdir("./file0", 0777) = 0 [pid 6638] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6638] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6638] chdir("./file0") = 0 [pid 6638] ioctl(4, LOOP_CLR_FD) = 0 [pid 6638] close(4) = 0 [pid 6638] exit_group(0) = ? [pid 6638] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6638, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1610", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1610", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1610/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1610/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1610/binderfs") = 0 umount2("./1610/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1610/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1610/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1610/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1610/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1610/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1610") = 0 mkdir("./1611", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6639 ./strace-static-x86_64: Process 6639 attached [pid 6639] chdir("./1611") = 0 [pid 6639] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6639] setpgid(0, 0) = 0 [pid 6639] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6639] write(3, "1000", 4) = 4 [pid 6639] close(3) = 0 [pid 6639] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6639] memfd_create("syzkaller", 0) = 3 [ 178.685863][ T6638] loop0: detected capacity change from 0 to 4096 [ 178.694733][ T6638] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6639] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6639] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6639] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6639] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6639] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6639] close(3) = 0 [pid 6639] mkdir("./file0", 0777) = 0 [pid 6639] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6639] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6639] chdir("./file0") = 0 [pid 6639] ioctl(4, LOOP_CLR_FD) = 0 [pid 6639] close(4) = 0 [pid 6639] exit_group(0) = ? [pid 6639] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6639, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1611", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1611", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1611/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1611/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1611/binderfs") = 0 umount2("./1611/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1611/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1611/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1611/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1611/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1611/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1611") = 0 mkdir("./1612", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6640 ./strace-static-x86_64: Process 6640 attached [pid 6640] chdir("./1612") = 0 [pid 6640] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6640] setpgid(0, 0) = 0 [pid 6640] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6640] write(3, "1000", 4) = 4 [ 178.769238][ T6639] loop0: detected capacity change from 0 to 4096 [ 178.777390][ T6639] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6640] close(3) = 0 [pid 6640] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6640] memfd_create("syzkaller", 0) = 3 [pid 6640] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [pid 6640] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6640] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6640] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6640] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6640] close(3) = 0 [pid 6640] mkdir("./file0", 0777) = 0 [pid 6640] mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0 [pid 6640] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6640] chdir("./file0") = 0 [pid 6640] ioctl(4, LOOP_CLR_FD) = 0 [pid 6640] close(4) = 0 [pid 6640] exit_group(0) = ? [pid 6640] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6640, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1612", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1612", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(3, 0x555556844620 /* 4 entries */, 32768) = 112 umount2("./1612/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1612/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 unlink("./1612/binderfs") = 0 umount2("./1612/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 umount2("./1612/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) lstat("./1612/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 umount2("./1612/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1612/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents64(4, 0x55555684c660 /* 2 entries */, 32768) = 48 getdents64(4, 0x55555684c660 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1612/file0") = 0 getdents64(3, 0x555556844620 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1612") = 0 mkdir("./1613", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555568435d0) = 6641 ./strace-static-x86_64: Process 6641 attached [pid 6641] chdir("./1613") = 0 [pid 6641] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6641] setpgid(0, 0) = 0 [pid 6641] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6641] write(3, "1000", 4) = 4 [pid 6641] close(3) = 0 [pid 6641] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6641] memfd_create("syzkaller", 0) = 3 [pid 6641] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6dd1e9000 [ 178.857336][ T6640] loop0: detected capacity change from 0 to 4096 [ 178.865868][ T6640] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 6641] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6641] munmap(0x7fa6dd1e9000, 2097152) = 0 [pid 6641] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6641] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6641] close(3) = 0 [pid 6641] mkdir("./file0", 0777) = 0 [ 178.935160][ T6641] loop0: detected capacity change from 0 to 4096 [ 178.944356][ T6641] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 178.956297][ T6641] Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: __lock_acquire+0x4370/0x5e20 [ 178.967600][ T6641] CPU: 1 PID: 6641 Comm: syz-executor722 Not tainted 6.4.0-syzkaller-12491-gc192ac735768 #0 [ 178.977677][ T6641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/03/2023 [ 178.987724][ T6641] Call Trace: [ 178.991045][ T6641] [ 178.994003][ T6641] dump_stack_lvl+0xd9/0x150 [ 178.998601][ T6641] panic+0x686/0x730 [ 179.002483][ T6641] ? panic_smp_self_stop+0xa0/0xa0 [ 179.007593][ T6641] ? __lock_acquire+0x4370/0x5e20 [ 179.012618][ T6641] __stack_chk_fail+0x19/0x20 [ 179.017289][ T6641] __lock_acquire+0x4370/0x5e20 [ 179.022133][ T6641] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 179.028105][ T6641] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 179.034072][ T6641] ? lock_downgrade+0x690/0x690 [ 179.038912][ T6641] ? do_raw_spin_lock+0x124/0x2b0 [ 179.043928][ T6641] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 179.049901][ T6641] lock_acquire+0x1b1/0x520 [ 179.054397][ T6641] ? inode_wait_for_writeback+0x1e/0x40 [ 179.059938][ T6641] ? lock_sync+0x190/0x190 [ 179.064343][ T6641] ? evict+0x2aa/0x6b0 [ 179.068399][ T6641] ? lock_downgrade+0x690/0x690 [ 179.073236][ T6641] ? do_raw_spin_lock+0x124/0x2b0 [ 179.078249][ T6641] ? spin_bug+0x1c0/0x1c0 [ 179.082565][ T6641] _raw_spin_lock+0x2e/0x40 [ 179.087064][ T6641] ? inode_wait_for_writeback+0x1e/0x40 [ 179.092602][ T6641] inode_wait_for_writeback+0x1e/0x40 [ 179.098141][ T6641] evict+0x2b7/0x6b0 [ 179.102028][ T6641] iput.part.0+0x50a/0x740 [ 179.106437][ T6641] iput+0x5c/0x80 [ 179.110060][ T6641] ntfs_fill_super+0x3682/0x4240 [ 179.114997][ T6641] ? put_ntfs+0x330/0x330 [ 179.119317][ T6641] ? vsprintf+0x30/0x30 [ 179.123461][ T6641] ? set_blocksize+0x2d8/0x370 [ 179.128214][ T6641] get_tree_bdev+0x43e/0x7d0 [ 179.132787][ T6641] ? put_ntfs+0x330/0x330 [ 179.137107][ T6641] vfs_get_tree+0x8d/0x350 [ 179.141510][ T6641] path_mount+0x136e/0x1e70 [ 179.146000][ T6641] ? putname+0x102/0x140 [ 179.150232][ T6641] ? kmem_cache_free+0xf0/0x490 [ 179.155071][ T6641] ? finish_automount+0xa30/0xa30 [ 179.160173][ T6641] ? putname+0x102/0x140 [ 179.164407][ T6641] __x64_sys_mount+0x283/0x300 [ 179.169165][ T6641] ? copy_mnt_ns+0xb30/0xb30 [ 179.173739][ T6641] ? lockdep_hardirqs_on+0x7d/0x100 [ 179.178924][ T6641] ? _raw_spin_unlock_irq+0x2e/0x50 [ 179.184111][ T6641] ? ptrace_notify+0xfe/0x140 [ 179.188775][ T6641] do_syscall_64+0x39/0xb0 [ 179.193187][ T6641] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 179.199098][ T6641] RIP: 0033:0x7fa6e5637d2a [ 179.203509][ T6641] Code: 48 c7 c2 c0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 a8 00 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 179.223126][ T6641] RSP: 002b:00007ffe389f75b8 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 179.231531][ T6641] RAX: ffffffffffffffda RBX: 00005555568432c0 RCX: 00007fa6e5637d2a [ 179.239523][ T6641] RDX: 000000002001f800 RSI: 000000002001f840 RDI: 00007ffe389f7600 [ 179.247482][ T6641] RBP: 0000000000000000 R08: 00007ffe389f7640 R09: 000000000001f7f3 [ 179.255442][ T6641] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000004 [ 179.263402][ T6641] R13: 00007ffe389f7640 R14: 0000000000000003 R15: 00007ffe389f7600 [ 179.271367][ T6641] [ 179.275060][ T6641] Kernel Offset: disabled [ 179.279367][ T6641] Rebooting in 86400 seconds..