./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3804607171
<...>
forked to background, child pid 4641
no interfaces have a carrier
[ 29.564823][ T4642] 8021q: adding VLAN 0 to HW filter on device bond0
[ 29.574047][ T4642] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.1.132' (ECDSA) to the list of known hosts.
execve("./syz-executor3804607171", ["./syz-executor3804607171"], 0x7ffd06c41e00 /* 10 vars */) = 0
brk(NULL) = 0x555556411000
brk(0x555556411c40) = 0x555556411c40
arch_prctl(ARCH_SET_FS, 0x555556411300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor3804607171", 4096) = 28
brk(0x555556432c40) = 0x555556432c40
brk(0x555556433000) = 0x555556433000
mprotect(0x7fe05beb4000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
getpid() = 5074
mkdir("./syzkaller.AH5YIQ", 0700) = 0
chmod("./syzkaller.AH5YIQ", 0777) = 0
chdir("./syzkaller.AH5YIQ") = 0
mkdir("./0", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5075
./strace-static-x86_64: Process 5075 attached
[pid 5075] chdir("./0") = 0
[pid 5075] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5075] setpgid(0, 0) = 0
[pid 5075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5075] write(3, "1000", 4) = 4
[pid 5075] close(3) = 0
[pid 5075] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5075] memfd_create("syzkaller", 0) = 3
[pid 5075] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5075] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5075] munmap(0x7fe0539f9000, 262144) = 0
[pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5075] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5075] close(3) = 0
[pid 5075] mkdir("./file0", 0777) = 0
syzkaller login: [ 53.604693][ T5075] loop0: detected capacity change from 0 to 512
[ 53.614763][ T5075] =======================================================
[ 53.614763][ T5075] WARNING: The mand mount option has been deprecated and
[ 53.614763][ T5075] and is ignored by this kernel. Remove the mand
[ 53.614763][ T5075] option from the mount to silence this warning.
[ 53.614763][ T5075] =======================================================
[pid 5075] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5075] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5075] chdir("./file0") = 0
[pid 5075] ioctl(4, LOOP_CLR_FD) = 0
[pid 5075] close(4) = 0
[pid 5075] exit_group(0) = ?
[ 53.651663][ T5075] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[ 53.667394][ T5075] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.680963][ T5075] EXT4-fs (loop0): 1 truncate cleaned up
[ 53.690135][ T5075] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[pid 5075] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5075, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} ---
umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./0/binderfs") = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./0/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./0") = 0
mkdir("./1", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5078
./strace-static-x86_64: Process 5078 attached
[pid 5078] chdir("./1") = 0
[pid 5078] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5078] setpgid(0, 0) = 0
[pid 5078] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5078] write(3, "1000", 4) = 4
[pid 5078] close(3) = 0
[pid 5078] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5078] memfd_create("syzkaller", 0) = 3
[pid 5078] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5078] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5078] munmap(0x7fe0539f9000, 262144) = 0
[pid 5078] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 53.709048][ T5075] syz-executor380 (5075) used greatest stack depth: 22480 bytes left
[ 53.728187][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5078] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5078] close(3) = 0
[pid 5078] mkdir("./file0", 0777) = 0
[ 53.770810][ T5078] loop0: detected capacity change from 0 to 512
[ 53.776685][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 53.791532][ T5078] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.802263][ T5078] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5078] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5078] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5078] chdir("./file0") = 0
[pid 5078] ioctl(4, LOOP_CLR_FD) = 0
[pid 5078] close(4) = 0
[pid 5078] exit_group(0) = ?
[pid 5078] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5078, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} ---
umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./1/binderfs") = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./1/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./1") = 0
mkdir("./2", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5080
./strace-static-x86_64: Process 5080 attached
[pid 5080] chdir("./2") = 0
[pid 5080] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5080] setpgid(0, 0) = 0
[pid 5080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5080] write(3, "1000", 4) = 4
[pid 5080] close(3) = 0
[pid 5080] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5080] memfd_create("syzkaller", 0) = 3
[pid 5080] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5080] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5080] munmap(0x7fe0539f9000, 262144) = 0
[pid 5080] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 53.809828][ T5078] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 53.834074][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5080] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5080] close(3) = 0
[pid 5080] mkdir("./file0", 0777) = 0
[pid 5080] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5080] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5080] chdir("./file0") = 0
[pid 5080] ioctl(4, LOOP_CLR_FD) = 0
[pid 5080] close(4) = 0
[pid 5080] exit_group(0) = ?
[pid 5080] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5080, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./2/binderfs") = 0
[ 53.875579][ T5080] loop0: detected capacity change from 0 to 512
[ 53.889695][ T5080] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.900138][ T5080] EXT4-fs (loop0): 1 truncate cleaned up
[ 53.906433][ T5080] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./2/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./2") = 0
mkdir("./3", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5082
./strace-static-x86_64: Process 5082 attached
[pid 5082] chdir("./3") = 0
[pid 5082] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5082] setpgid(0, 0) = 0
[pid 5082] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5082] write(3, "1000", 4) = 4
[pid 5082] close(3) = 0
[pid 5082] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5082] memfd_create("syzkaller", 0) = 3
[pid 5082] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5082] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5082] munmap(0x7fe0539f9000, 262144) = 0
[pid 5082] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 53.931143][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5082] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5082] close(3) = 0
[pid 5082] mkdir("./file0", 0777) = 0
[pid 5082] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5082] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5082] chdir("./file0") = 0
[pid 5082] ioctl(4, LOOP_CLR_FD) = 0
[pid 5082] close(4) = 0
[pid 5082] exit_group(0) = ?
[pid 5082] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5082, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./3/binderfs") = 0
[ 53.981101][ T5082] loop0: detected capacity change from 0 to 512
[ 53.994222][ T5082] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.004916][ T5082] EXT4-fs (loop0): 1 truncate cleaned up
[ 54.012336][ T5082] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./3/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./3") = 0
mkdir("./4", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5084
./strace-static-x86_64: Process 5084 attached
[pid 5084] chdir("./4") = 0
[pid 5084] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5084] setpgid(0, 0) = 0
[pid 5084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5084] write(3, "1000", 4) = 4
[pid 5084] close(3) = 0
[pid 5084] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5084] memfd_create("syzkaller", 0) = 3
[pid 5084] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5084] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5084] munmap(0x7fe0539f9000, 262144) = 0
[pid 5084] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 54.036088][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5084] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5084] close(3) = 0
[pid 5084] mkdir("./file0", 0777) = 0
[pid 5084] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5084] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5084] chdir("./file0") = 0
[pid 5084] ioctl(4, LOOP_CLR_FD) = 0
[pid 5084] close(4) = 0
[pid 5084] exit_group(0) = ?
[pid 5084] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5084, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./4/binderfs") = 0
[ 54.090461][ T5084] loop0: detected capacity change from 0 to 512
[ 54.102120][ T5084] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.112147][ T5084] EXT4-fs (loop0): 1 truncate cleaned up
[ 54.120959][ T5084] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./4/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./4") = 0
mkdir("./5", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5087
./strace-static-x86_64: Process 5087 attached
[pid 5087] chdir("./5") = 0
[pid 5087] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5087] setpgid(0, 0) = 0
[pid 5087] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5087] write(3, "1000", 4) = 4
[pid 5087] close(3) = 0
[pid 5087] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5087] memfd_create("syzkaller", 0) = 3
[pid 5087] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5087] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5087] munmap(0x7fe0539f9000, 262144) = 0
[pid 5087] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 54.147844][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5087] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5087] close(3) = 0
[pid 5087] mkdir("./file0", 0777) = 0
[pid 5087] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5087] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5087] chdir("./file0") = 0
[pid 5087] ioctl(4, LOOP_CLR_FD) = 0
[pid 5087] close(4) = 0
[pid 5087] exit_group(0) = ?
[pid 5087] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5087, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./5/binderfs") = 0
[ 54.192158][ T5087] loop0: detected capacity change from 0 to 512
[ 54.204285][ T5087] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.215295][ T5087] EXT4-fs (loop0): 1 truncate cleaned up
[ 54.221796][ T5087] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./5/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./5") = 0
mkdir("./6", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5089
./strace-static-x86_64: Process 5089 attached
[pid 5089] chdir("./6") = 0
[pid 5089] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5089] setpgid(0, 0) = 0
[pid 5089] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5089] write(3, "1000", 4) = 4
[pid 5089] close(3) = 0
[pid 5089] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5089] memfd_create("syzkaller", 0) = 3
[pid 5089] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5089] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5089] munmap(0x7fe0539f9000, 262144) = 0
[pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 54.251575][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5089] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5089] close(3) = 0
[pid 5089] mkdir("./file0", 0777) = 0
[pid 5089] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5089] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5089] chdir("./file0") = 0
[pid 5089] ioctl(4, LOOP_CLR_FD) = 0
[pid 5089] close(4) = 0
[pid 5089] exit_group(0) = ?
[pid 5089] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5089, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./6/binderfs") = 0
[ 54.298387][ T5089] loop0: detected capacity change from 0 to 512
[ 54.310915][ T5089] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.320726][ T5089] EXT4-fs (loop0): 1 truncate cleaned up
[ 54.328677][ T5089] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./6/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./6") = 0
mkdir("./7", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5091
./strace-static-x86_64: Process 5091 attached
[pid 5091] chdir("./7") = 0
[pid 5091] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5091] setpgid(0, 0) = 0
[pid 5091] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5091] write(3, "1000", 4) = 4
[pid 5091] close(3) = 0
[pid 5091] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5091] memfd_create("syzkaller", 0) = 3
[pid 5091] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5091] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5091] munmap(0x7fe0539f9000, 262144) = 0
[pid 5091] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 54.360070][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5091] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5091] close(3) = 0
[pid 5091] mkdir("./file0", 0777) = 0
[pid 5091] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5091] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5091] chdir("./file0") = 0
[pid 5091] ioctl(4, LOOP_CLR_FD) = 0
[pid 5091] close(4) = 0
[pid 5091] exit_group(0) = ?
[pid 5091] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5091, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./7/binderfs") = 0
[ 54.414974][ T5091] loop0: detected capacity change from 0 to 512
[ 54.428057][ T5091] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.438385][ T5091] EXT4-fs (loop0): 1 truncate cleaned up
[ 54.444928][ T5091] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./7/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./7") = 0
mkdir("./8", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5093
./strace-static-x86_64: Process 5093 attached
[pid 5093] chdir("./8") = 0
[pid 5093] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5093] setpgid(0, 0) = 0
[pid 5093] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5093] write(3, "1000", 4) = 4
[pid 5093] close(3) = 0
[pid 5093] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5093] memfd_create("syzkaller", 0) = 3
[pid 5093] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5093] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5093] munmap(0x7fe0539f9000, 262144) = 0
[pid 5093] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5093] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5093] close(3) = 0
[pid 5093] mkdir("./file0", 0777) = 0
[ 54.477044][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 54.514474][ T5093] loop0: detected capacity change from 0 to 512
[pid 5093] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5093] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5093] chdir("./file0") = 0
[pid 5093] ioctl(4, LOOP_CLR_FD) = 0
[pid 5093] close(4) = 0
[pid 5093] exit_group(0) = ?
[pid 5093] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5093, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./8/binderfs") = 0
[ 54.527775][ T5093] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.538309][ T5093] EXT4-fs (loop0): 1 truncate cleaned up
[ 54.546418][ T5093] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./8/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./8") = 0
mkdir("./9", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5095
./strace-static-x86_64: Process 5095 attached
[pid 5095] chdir("./9") = 0
[pid 5095] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5095] setpgid(0, 0) = 0
[pid 5095] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5095] write(3, "1000", 4) = 4
[pid 5095] close(3) = 0
[pid 5095] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5095] memfd_create("syzkaller", 0) = 3
[ 54.572411][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5095] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5095] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5095] munmap(0x7fe0539f9000, 262144) = 0
[pid 5095] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5095] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5095] close(3) = 0
[pid 5095] mkdir("./file0", 0777) = 0
[pid 5095] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5095] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5095] chdir("./file0") = 0
[pid 5095] ioctl(4, LOOP_CLR_FD) = 0
[pid 5095] close(4) = 0
[pid 5095] exit_group(0) = ?
[pid 5095] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5095, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./9/binderfs") = 0
[ 54.638594][ T5095] loop0: detected capacity change from 0 to 512
[ 54.650004][ T5095] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.659933][ T5095] EXT4-fs (loop0): 1 truncate cleaned up
[ 54.666448][ T5095] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./9/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./9") = 0
mkdir("./10", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5097
./strace-static-x86_64: Process 5097 attached
[pid 5097] chdir("./10") = 0
[pid 5097] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5097] setpgid(0, 0) = 0
[pid 5097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5097] write(3, "1000", 4) = 4
[pid 5097] close(3) = 0
[pid 5097] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5097] memfd_create("syzkaller", 0) = 3
[pid 5097] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5097] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5097] munmap(0x7fe0539f9000, 262144) = 0
[pid 5097] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 54.689627][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5097] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5097] close(3) = 0
[pid 5097] mkdir("./file0", 0777) = 0
[pid 5097] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5097] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5097] chdir("./file0") = 0
[pid 5097] ioctl(4, LOOP_CLR_FD) = 0
[pid 5097] close(4) = 0
[pid 5097] exit_group(0) = ?
[pid 5097] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5097, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./10/binderfs") = 0
[ 54.731964][ T5097] loop0: detected capacity change from 0 to 512
[ 54.744575][ T5097] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.755646][ T5097] EXT4-fs (loop0): 1 truncate cleaned up
[ 54.763798][ T5097] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./10/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./10") = 0
mkdir("./11", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5099
./strace-static-x86_64: Process 5099 attached
[pid 5099] chdir("./11") = 0
[pid 5099] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5099] setpgid(0, 0) = 0
[pid 5099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5099] write(3, "1000", 4) = 4
[pid 5099] close(3) = 0
[pid 5099] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5099] memfd_create("syzkaller", 0) = 3
[pid 5099] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5099] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5099] munmap(0x7fe0539f9000, 262144) = 0
[pid 5099] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 54.796023][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5099] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5099] close(3) = 0
[pid 5099] mkdir("./file0", 0777) = 0
[pid 5099] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5099] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5099] chdir("./file0") = 0
[pid 5099] ioctl(4, LOOP_CLR_FD) = 0
[pid 5099] close(4) = 0
[pid 5099] exit_group(0) = ?
[pid 5099] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5099, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./11/binderfs") = 0
[ 54.840551][ T5099] loop0: detected capacity change from 0 to 512
[ 54.853193][ T5099] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.863789][ T5099] EXT4-fs (loop0): 1 truncate cleaned up
[ 54.872295][ T5099] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./11/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./11") = 0
mkdir("./12", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5101
./strace-static-x86_64: Process 5101 attached
[pid 5101] chdir("./12") = 0
[pid 5101] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5101] setpgid(0, 0) = 0
[pid 5101] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5101] write(3, "1000", 4) = 4
[pid 5101] close(3) = 0
[pid 5101] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5101] memfd_create("syzkaller", 0) = 3
[pid 5101] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5101] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5101] munmap(0x7fe0539f9000, 262144) = 0
[pid 5101] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5101] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5101] close(3) = 0
[pid 5101] mkdir("./file0", 0777) = 0
[ 54.896861][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 54.935219][ T5101] loop0: detected capacity change from 0 to 512
[pid 5101] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5101] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5101] chdir("./file0") = 0
[pid 5101] ioctl(4, LOOP_CLR_FD) = 0
[pid 5101] close(4) = 0
[pid 5101] exit_group(0) = ?
[pid 5101] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5101, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./12/binderfs") = 0
[ 54.949144][ T5101] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.960277][ T5101] EXT4-fs (loop0): 1 truncate cleaned up
[ 54.986222][ T5101] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./12/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./12") = 0
mkdir("./13", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5103
./strace-static-x86_64: Process 5103 attached
[pid 5103] chdir("./13") = 0
[pid 5103] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5103] setpgid(0, 0) = 0
[pid 5103] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5103] write(3, "1000", 4) = 4
[pid 5103] close(3) = 0
[pid 5103] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5103] memfd_create("syzkaller", 0) = 3
[pid 5103] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5103] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5103] munmap(0x7fe0539f9000, 262144) = 0
[pid 5103] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 55.019553][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5103] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5103] close(3) = 0
[pid 5103] mkdir("./file0", 0777) = 0
[pid 5103] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5103] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5103] chdir("./file0") = 0
[pid 5103] ioctl(4, LOOP_CLR_FD) = 0
[pid 5103] close(4) = 0
[pid 5103] exit_group(0) = ?
[pid 5103] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5103, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./13/binderfs") = 0
[ 55.067606][ T5103] loop0: detected capacity change from 0 to 512
[ 55.079214][ T5103] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.089429][ T5103] EXT4-fs (loop0): 1 truncate cleaned up
[ 55.098159][ T5103] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./13/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./13") = 0
mkdir("./14", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5105
./strace-static-x86_64: Process 5105 attached
[pid 5105] chdir("./14") = 0
[pid 5105] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5105] setpgid(0, 0) = 0
[pid 5105] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5105] write(3, "1000", 4) = 4
[pid 5105] close(3) = 0
[pid 5105] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5105] memfd_create("syzkaller", 0) = 3
[pid 5105] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5105] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5105] munmap(0x7fe0539f9000, 262144) = 0
[pid 5105] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 55.131227][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5105] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5105] close(3) = 0
[pid 5105] mkdir("./file0", 0777) = 0
[pid 5105] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5105] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5105] chdir("./file0") = 0
[pid 5105] ioctl(4, LOOP_CLR_FD) = 0
[pid 5105] close(4) = 0
[pid 5105] exit_group(0) = ?
[pid 5105] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5105, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./14/binderfs") = 0
[ 55.177085][ T5105] loop0: detected capacity change from 0 to 512
[ 55.189156][ T5105] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.199511][ T5105] EXT4-fs (loop0): 1 truncate cleaned up
[ 55.205913][ T5105] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./14/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./14") = 0
mkdir("./15", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5107
./strace-static-x86_64: Process 5107 attached
[pid 5107] chdir("./15") = 0
[pid 5107] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5107] setpgid(0, 0) = 0
[pid 5107] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5107] write(3, "1000", 4) = 4
[pid 5107] close(3) = 0
[pid 5107] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5107] memfd_create("syzkaller", 0) = 3
[pid 5107] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5107] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5107] munmap(0x7fe0539f9000, 262144) = 0
[pid 5107] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 55.230259][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5107] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5107] close(3) = 0
[pid 5107] mkdir("./file0", 0777) = 0
[pid 5107] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5107] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5107] chdir("./file0") = 0
[pid 5107] ioctl(4, LOOP_CLR_FD) = 0
[pid 5107] close(4) = 0
[pid 5107] exit_group(0) = ?
[pid 5107] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5107, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./15/binderfs") = 0
[ 55.281582][ T5107] loop0: detected capacity change from 0 to 512
[ 55.292678][ T5107] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.304095][ T5107] EXT4-fs (loop0): 1 truncate cleaned up
[ 55.316352][ T5107] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./15/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./15") = 0
mkdir("./16", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5109
./strace-static-x86_64: Process 5109 attached
[pid 5109] chdir("./16") = 0
[pid 5109] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5109] setpgid(0, 0) = 0
[pid 5109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5109] write(3, "1000", 4) = 4
[pid 5109] close(3) = 0
[pid 5109] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5109] memfd_create("syzkaller", 0) = 3
[pid 5109] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5109] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5109] munmap(0x7fe0539f9000, 262144) = 0
[pid 5109] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 55.343158][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5109] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5109] close(3) = 0
[pid 5109] mkdir("./file0", 0777) = 0
[pid 5109] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5109] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5109] chdir("./file0") = 0
[pid 5109] ioctl(4, LOOP_CLR_FD) = 0
[pid 5109] close(4) = 0
[pid 5109] exit_group(0) = ?
[pid 5109] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5109, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./16/binderfs") = 0
[ 55.403858][ T5109] loop0: detected capacity change from 0 to 512
[ 55.415175][ T5109] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.425615][ T5109] EXT4-fs (loop0): 1 truncate cleaned up
[ 55.433528][ T5109] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./16/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./16") = 0
mkdir("./17", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5111
./strace-static-x86_64: Process 5111 attached
[pid 5111] chdir("./17") = 0
[pid 5111] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5111] setpgid(0, 0) = 0
[pid 5111] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5111] write(3, "1000", 4) = 4
[pid 5111] close(3) = 0
[pid 5111] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5111] memfd_create("syzkaller", 0) = 3
[pid 5111] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5111] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5111] munmap(0x7fe0539f9000, 262144) = 0
[pid 5111] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 55.473089][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5111] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5111] close(3) = 0
[pid 5111] mkdir("./file0", 0777) = 0
[pid 5111] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5111] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5111] chdir("./file0") = 0
[pid 5111] ioctl(4, LOOP_CLR_FD) = 0
[pid 5111] close(4) = 0
[pid 5111] exit_group(0) = ?
[pid 5111] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5111, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./17/binderfs") = 0
[ 55.527974][ T5111] loop0: detected capacity change from 0 to 512
[ 55.539138][ T5111] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.550138][ T5111] EXT4-fs (loop0): 1 truncate cleaned up
[ 55.558077][ T5111] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./17/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./17") = 0
mkdir("./18", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5113
./strace-static-x86_64: Process 5113 attached
[pid 5113] chdir("./18") = 0
[pid 5113] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5113] setpgid(0, 0) = 0
[pid 5113] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5113] write(3, "1000", 4) = 4
[pid 5113] close(3) = 0
[pid 5113] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5113] memfd_create("syzkaller", 0) = 3
[pid 5113] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5113] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5113] munmap(0x7fe0539f9000, 262144) = 0
[pid 5113] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 55.585385][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5113] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5113] close(3) = 0
[pid 5113] mkdir("./file0", 0777) = 0
[pid 5113] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5113] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5113] chdir("./file0") = 0
[pid 5113] ioctl(4, LOOP_CLR_FD) = 0
[pid 5113] close(4) = 0
[pid 5113] exit_group(0) = ?
[pid 5113] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5113, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./18/binderfs") = 0
[ 55.641173][ T5113] loop0: detected capacity change from 0 to 512
[ 55.652959][ T5113] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.664016][ T5113] EXT4-fs (loop0): 1 truncate cleaned up
[ 55.676737][ T5113] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./18/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./18") = 0
mkdir("./19", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5115 attached
, child_tidptr=0x5555564115d0) = 5115
[pid 5115] chdir("./19") = 0
[pid 5115] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5115] setpgid(0, 0) = 0
[pid 5115] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5115] write(3, "1000", 4) = 4
[pid 5115] close(3) = 0
[pid 5115] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5115] memfd_create("syzkaller", 0) = 3
[pid 5115] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5115] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5115] munmap(0x7fe0539f9000, 262144) = 0
[pid 5115] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 55.702670][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5115] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5115] close(3) = 0
[pid 5115] mkdir("./file0", 0777) = 0
[pid 5115] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5115] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5115] chdir("./file0") = 0
[pid 5115] ioctl(4, LOOP_CLR_FD) = 0
[pid 5115] close(4) = 0
[pid 5115] exit_group(0) = ?
[pid 5115] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5115, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./19/binderfs") = 0
[ 55.750896][ T5115] loop0: detected capacity change from 0 to 512
[ 55.764454][ T5115] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.774477][ T5115] EXT4-fs (loop0): 1 truncate cleaned up
[ 55.786359][ T5115] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./19/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./19") = 0
mkdir("./20", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5117
./strace-static-x86_64: Process 5117 attached
[pid 5117] chdir("./20") = 0
[pid 5117] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5117] setpgid(0, 0) = 0
[pid 5117] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5117] write(3, "1000", 4) = 4
[pid 5117] close(3) = 0
[pid 5117] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5117] memfd_create("syzkaller", 0) = 3
[pid 5117] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5117] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5117] munmap(0x7fe0539f9000, 262144) = 0
[pid 5117] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 55.809395][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5117] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5117] close(3) = 0
[pid 5117] mkdir("./file0", 0777) = 0
[pid 5117] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5117] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5117] chdir("./file0") = 0
[pid 5117] ioctl(4, LOOP_CLR_FD) = 0
[pid 5117] close(4) = 0
[pid 5117] exit_group(0) = ?
[pid 5117] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5117, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./20/binderfs") = 0
[ 55.855308][ T5117] loop0: detected capacity change from 0 to 512
[ 55.868373][ T5117] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.880804][ T5117] EXT4-fs (loop0): 1 truncate cleaned up
[ 55.887887][ T5117] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./20/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./20") = 0
mkdir("./21", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5119
./strace-static-x86_64: Process 5119 attached
[pid 5119] chdir("./21") = 0
[pid 5119] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5119] setpgid(0, 0) = 0
[pid 5119] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5119] write(3, "1000", 4) = 4
[pid 5119] close(3) = 0
[pid 5119] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5119] memfd_create("syzkaller", 0) = 3
[pid 5119] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5119] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5119] munmap(0x7fe0539f9000, 262144) = 0
[pid 5119] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 55.922445][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5119] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5119] close(3) = 0
[pid 5119] mkdir("./file0", 0777) = 0
[pid 5119] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5119] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5119] chdir("./file0") = 0
[pid 5119] ioctl(4, LOOP_CLR_FD) = 0
[pid 5119] close(4) = 0
[pid 5119] exit_group(0) = ?
[pid 5119] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5119, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./21/binderfs") = 0
[ 55.981953][ T5119] loop0: detected capacity change from 0 to 512
[ 55.993437][ T5119] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.004198][ T5119] EXT4-fs (loop0): 1 truncate cleaned up
[ 56.012463][ T5119] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./21/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./21") = 0
mkdir("./22", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5121
./strace-static-x86_64: Process 5121 attached
[pid 5121] chdir("./22") = 0
[pid 5121] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5121] setpgid(0, 0) = 0
[pid 5121] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5121] write(3, "1000", 4) = 4
[pid 5121] close(3) = 0
[pid 5121] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5121] memfd_create("syzkaller", 0) = 3
[pid 5121] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5121] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5121] munmap(0x7fe0539f9000, 262144) = 0
[pid 5121] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 56.036208][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5121] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5121] close(3) = 0
[pid 5121] mkdir("./file0", 0777) = 0
[pid 5121] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5121] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5121] chdir("./file0") = 0
[pid 5121] ioctl(4, LOOP_CLR_FD) = 0
[pid 5121] close(4) = 0
[pid 5121] exit_group(0) = ?
[pid 5121] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5121, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./22/binderfs") = 0
[ 56.083093][ T5121] loop0: detected capacity change from 0 to 512
[ 56.095259][ T5121] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.104829][ T5121] EXT4-fs (loop0): 1 truncate cleaned up
[ 56.116484][ T5121] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./22/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./22") = 0
mkdir("./23", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5123 attached
, child_tidptr=0x5555564115d0) = 5123
[pid 5123] chdir("./23") = 0
[pid 5123] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5123] setpgid(0, 0) = 0
[pid 5123] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5123] write(3, "1000", 4) = 4
[pid 5123] close(3) = 0
[pid 5123] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5123] memfd_create("syzkaller", 0) = 3
[pid 5123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[ 56.144004][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5123] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5123] munmap(0x7fe0539f9000, 262144) = 0
[pid 5123] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5123] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5123] close(3) = 0
[pid 5123] mkdir("./file0", 0777) = 0
[pid 5123] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5123] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5123] chdir("./file0") = 0
[pid 5123] ioctl(4, LOOP_CLR_FD) = 0
[pid 5123] close(4) = 0
[ 56.209784][ T5123] loop0: detected capacity change from 0 to 512
[ 56.221998][ T5123] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.232345][ T5123] EXT4-fs (loop0): 1 truncate cleaned up
[ 56.240484][ T5123] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[pid 5123] exit_group(0) = ?
[pid 5123] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5123, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./23/binderfs") = 0
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./23/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./23") = 0
mkdir("./24", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5125
./strace-static-x86_64: Process 5125 attached
[pid 5125] chdir("./24") = 0
[pid 5125] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5125] setpgid(0, 0) = 0
[pid 5125] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5125] write(3, "1000", 4) = 4
[pid 5125] close(3) = 0
[pid 5125] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5125] memfd_create("syzkaller", 0) = 3
[pid 5125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5125] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5125] munmap(0x7fe0539f9000, 262144) = 0
[pid 5125] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 56.263168][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5125] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5125] close(3) = 0
[pid 5125] mkdir("./file0", 0777) = 0
[pid 5125] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5125] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5125] chdir("./file0") = 0
[pid 5125] ioctl(4, LOOP_CLR_FD) = 0
[pid 5125] close(4) = 0
[pid 5125] exit_group(0) = ?
[pid 5125] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5125, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./24/binderfs") = 0
[ 56.312811][ T5125] loop0: detected capacity change from 0 to 512
[ 56.324634][ T5125] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.335084][ T5125] EXT4-fs (loop0): 1 truncate cleaned up
[ 56.346372][ T5125] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./24/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./24/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./24") = 0
mkdir("./25", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5127
./strace-static-x86_64: Process 5127 attached
[pid 5127] chdir("./25") = 0
[pid 5127] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5127] setpgid(0, 0) = 0
[pid 5127] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5127] write(3, "1000", 4) = 4
[pid 5127] close(3) = 0
[pid 5127] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5127] memfd_create("syzkaller", 0) = 3
[pid 5127] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5127] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5127] munmap(0x7fe0539f9000, 262144) = 0
[pid 5127] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 56.375128][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5127] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5127] close(3) = 0
[pid 5127] mkdir("./file0", 0777) = 0
[pid 5127] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5127] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5127] chdir("./file0") = 0
[pid 5127] ioctl(4, LOOP_CLR_FD) = 0
[pid 5127] close(4) = 0
[pid 5127] exit_group(0) = ?
[pid 5127] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5127, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./25/binderfs") = 0
[ 56.420151][ T5127] loop0: detected capacity change from 0 to 512
[ 56.433496][ T5127] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.443994][ T5127] EXT4-fs (loop0): 1 truncate cleaned up
[ 56.456542][ T5127] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./25/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./25/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./25") = 0
mkdir("./26", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5129
./strace-static-x86_64: Process 5129 attached
[pid 5129] chdir("./26") = 0
[pid 5129] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5129] setpgid(0, 0) = 0
[pid 5129] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5129] write(3, "1000", 4) = 4
[pid 5129] close(3) = 0
[pid 5129] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5129] memfd_create("syzkaller", 0) = 3
[pid 5129] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[ 56.478915][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5129] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5129] munmap(0x7fe0539f9000, 262144) = 0
[pid 5129] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5129] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5129] close(3) = 0
[pid 5129] mkdir("./file0", 0777) = 0
[pid 5129] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5129] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5129] chdir("./file0") = 0
[pid 5129] ioctl(4, LOOP_CLR_FD) = 0
[pid 5129] close(4) = 0
[pid 5129] exit_group(0) = ?
[pid 5129] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5129, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./26/binderfs") = 0
[ 56.546350][ T5129] loop0: detected capacity change from 0 to 512
[ 56.558633][ T5129] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.568712][ T5129] EXT4-fs (loop0): 1 truncate cleaned up
[ 56.576264][ T5129] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./26/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./26/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./26") = 0
mkdir("./27", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5131
./strace-static-x86_64: Process 5131 attached
[pid 5131] chdir("./27") = 0
[pid 5131] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5131] setpgid(0, 0) = 0
[pid 5131] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5131] write(3, "1000", 4) = 4
[pid 5131] close(3) = 0
[pid 5131] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5131] memfd_create("syzkaller", 0) = 3
[pid 5131] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5131] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5131] munmap(0x7fe0539f9000, 262144) = 0
[pid 5131] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 56.607777][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5131] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5131] close(3) = 0
[pid 5131] mkdir("./file0", 0777) = 0
[ 56.649472][ T5131] loop0: detected capacity change from 0 to 512
[ 56.652341][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 56.671020][ T5131] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.680857][ T5131] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5131] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5131] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5131] chdir("./file0") = 0
[pid 5131] ioctl(4, LOOP_CLR_FD) = 0
[pid 5131] close(4) = 0
[pid 5131] exit_group(0) = ?
[pid 5131] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5131, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./27/binderfs") = 0
umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./27/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./27/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./27") = 0
mkdir("./28", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5133
./strace-static-x86_64: Process 5133 attached
[pid 5133] chdir("./28") = 0
[pid 5133] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5133] setpgid(0, 0) = 0
[pid 5133] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5133] write(3, "1000", 4) = 4
[pid 5133] close(3) = 0
[pid 5133] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5133] memfd_create("syzkaller", 0) = 3
[pid 5133] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[ 56.706843][ T5131] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 56.739005][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5133] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5133] munmap(0x7fe0539f9000, 262144) = 0
[pid 5133] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5133] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5133] close(3) = 0
[pid 5133] mkdir("./file0", 0777) = 0
[pid 5133] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5133] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5133] chdir("./file0") = 0
[pid 5133] ioctl(4, LOOP_CLR_FD) = 0
[pid 5133] close(4) = 0
[pid 5133] exit_group(0) = ?
[pid 5133] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5133, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./28/binderfs") = 0
[ 56.791523][ T5133] loop0: detected capacity change from 0 to 512
[ 56.803370][ T5133] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.813329][ T5133] EXT4-fs (loop0): 1 truncate cleaned up
[ 56.826545][ T5133] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./28/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./28/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./28") = 0
mkdir("./29", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5135
./strace-static-x86_64: Process 5135 attached
[pid 5135] chdir("./29") = 0
[pid 5135] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5135] setpgid(0, 0) = 0
[pid 5135] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5135] write(3, "1000", 4) = 4
[pid 5135] close(3) = 0
[pid 5135] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5135] memfd_create("syzkaller", 0) = 3
[pid 5135] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5135] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5135] munmap(0x7fe0539f9000, 262144) = 0
[pid 5135] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 56.855307][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5135] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5135] close(3) = 0
[pid 5135] mkdir("./file0", 0777) = 0
[ 56.915880][ T5135] loop0: detected capacity change from 0 to 512
[ 56.927745][ T5135] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.937120][ T5135] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5135] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5135] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5135] chdir("./file0") = 0
[pid 5135] ioctl(4, LOOP_CLR_FD) = 0
[pid 5135] close(4) = 0
[pid 5135] exit_group(0) = ?
[pid 5135] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5135, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./29/binderfs") = 0
umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./29/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./29/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./29") = 0
mkdir("./30", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5137
./strace-static-x86_64: Process 5137 attached
[ 56.966218][ T5135] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 56.998974][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5137] chdir("./30") = 0
[pid 5137] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5137] setpgid(0, 0) = 0
[pid 5137] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5137] write(3, "1000", 4) = 4
[pid 5137] close(3) = 0
[pid 5137] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5137] memfd_create("syzkaller", 0) = 3
[pid 5137] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5137] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5137] munmap(0x7fe0539f9000, 262144) = 0
[pid 5137] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5137] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5137] close(3) = 0
[pid 5137] mkdir("./file0", 0777) = 0
[ 57.091488][ T5137] loop0: detected capacity change from 0 to 512
[ 57.117547][ T5137] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.130182][ T5137] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5137] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5137] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5137] chdir("./file0") = 0
[pid 5137] ioctl(4, LOOP_CLR_FD) = 0
[pid 5137] close(4) = 0
[pid 5137] exit_group(0) = ?
[pid 5137] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5137, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./30/binderfs") = 0
umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./30/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./30/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./30") = 0
mkdir("./31", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5139
./strace-static-x86_64: Process 5139 attached
[pid 5139] chdir("./31") = 0
[pid 5139] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5139] setpgid(0, 0) = 0
[pid 5139] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5139] write(3, "1000", 4) = 4
[pid 5139] close(3) = 0
[pid 5139] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5139] memfd_create("syzkaller", 0) = 3
[pid 5139] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[ 57.146112][ T5137] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 57.170711][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5139] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5139] munmap(0x7fe0539f9000, 262144) = 0
[pid 5139] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5139] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5139] close(3) = 0
[pid 5139] mkdir("./file0", 0777) = 0
[ 57.210583][ T5139] loop0: detected capacity change from 0 to 512
[ 57.214928][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 57.230977][ T5139] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.245589][ T5139] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5139] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5139] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5139] chdir("./file0") = 0
[pid 5139] ioctl(4, LOOP_CLR_FD) = 0
[pid 5139] close(4) = 0
[pid 5139] exit_group(0) = ?
[pid 5139] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5139, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./31/binderfs") = 0
umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./31/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./31/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./31") = 0
mkdir("./32", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5141
./strace-static-x86_64: Process 5141 attached
[pid 5141] chdir("./32") = 0
[pid 5141] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5141] setpgid(0, 0) = 0
[pid 5141] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5141] write(3, "1000", 4) = 4
[pid 5141] close(3) = 0
[pid 5141] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5141] memfd_create("syzkaller", 0) = 3
[pid 5141] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5141] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5141] munmap(0x7fe0539f9000, 262144) = 0
[pid 5141] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 57.256639][ T5139] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 57.282975][ T5074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5141] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5141] close(3) = 0
[pid 5141] mkdir("./file0", 0777) = 0
[pid 5141] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5141] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5141] chdir("./file0") = 0
[pid 5141] ioctl(4, LOOP_CLR_FD) = 0
[pid 5141] close(4) = 0
[pid 5141] exit_group(0) = ?
[pid 5141] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5141, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./32/binderfs") = 0
[ 57.330816][ T5141] loop0: detected capacity change from 0 to 512
[ 57.333555][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 57.351452][ T5141] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.361575][ T5141] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./32/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./32/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./32") = 0
mkdir("./33", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5143
./strace-static-x86_64: Process 5143 attached
[pid 5143] chdir("./33") = 0
[pid 5143] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5143] setpgid(0, 0) = 0
[pid 5143] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5143] write(3, "1000", 4) = 4
[pid 5143] close(3) = 0
[pid 5143] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5143] memfd_create("syzkaller", 0) = 3
[pid 5143] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5143] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5143] munmap(0x7fe0539f9000, 262144) = 0
[pid 5143] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5143] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5143] close(3) = 0
[pid 5143] mkdir("./file0", 0777) = 0
[pid 5143] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5143] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5143] chdir("./file0") = 0
[pid 5143] ioctl(4, LOOP_CLR_FD) = 0
[pid 5143] close(4) = 0
[pid 5143] exit_group(0) = ?
[pid 5143] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5143, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./33/binderfs") = 0
umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./33/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./33/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./33") = 0
mkdir("./34", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5145
./strace-static-x86_64: Process 5145 attached
[pid 5145] chdir("./34") = 0
[pid 5145] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5145] setpgid(0, 0) = 0
[pid 5145] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[ 57.442019][ T5143] loop0: detected capacity change from 0 to 512
[ 57.447058][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 57.461796][ T5143] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.472431][ T5143] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5145] write(3, "1000", 4) = 4
[pid 5145] close(3) = 0
[pid 5145] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5145] memfd_create("syzkaller", 0) = 3
[pid 5145] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5145] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5145] munmap(0x7fe0539f9000, 262144) = 0
[pid 5145] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5145] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5145] close(3) = 0
[pid 5145] mkdir("./file0", 0777) = 0
[pid 5145] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5145] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5145] chdir("./file0") = 0
[pid 5145] ioctl(4, LOOP_CLR_FD) = 0
[pid 5145] close(4) = 0
[pid 5145] exit_group(0) = ?
[pid 5145] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5145, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./34/binderfs") = 0
umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./34/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[ 57.538791][ T5145] loop0: detected capacity change from 0 to 512
[ 57.551399][ T5145] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.561039][ T5145] EXT4-fs (loop0): 1 truncate cleaned up
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./34/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./34") = 0
mkdir("./35", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5147
./strace-static-x86_64: Process 5147 attached
[pid 5147] chdir("./35") = 0
[pid 5147] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5147] setpgid(0, 0) = 0
[pid 5147] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5147] write(3, "1000", 4) = 4
[pid 5147] close(3) = 0
[pid 5147] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5147] memfd_create("syzkaller", 0) = 3
[pid 5147] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5147] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5147] munmap(0x7fe0539f9000, 262144) = 0
[pid 5147] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5147] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5147] close(3) = 0
[pid 5147] mkdir("./file0", 0777) = 0
[pid 5147] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5147] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5147] chdir("./file0") = 0
[pid 5147] ioctl(4, LOOP_CLR_FD) = 0
[pid 5147] close(4) = 0
[pid 5147] exit_group(0) = ?
[pid 5147] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5147, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./35/binderfs") = 0
umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./35/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./35/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./35/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./35") = 0
mkdir("./36", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5149
./strace-static-x86_64: Process 5149 attached
[ 57.640315][ T5147] loop0: detected capacity change from 0 to 512
[ 57.646659][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 57.660796][ T5147] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.670753][ T5147] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5149] chdir("./36") = 0
[pid 5149] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5149] setpgid(0, 0) = 0
[pid 5149] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5149] write(3, "1000", 4) = 4
[pid 5149] close(3) = 0
[pid 5149] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5149] memfd_create("syzkaller", 0) = 3
[pid 5149] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5149] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5149] munmap(0x7fe0539f9000, 262144) = 0
[pid 5149] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5149] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5149] close(3) = 0
[pid 5149] mkdir("./file0", 0777) = 0
[pid 5149] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5149] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5149] chdir("./file0") = 0
[pid 5149] ioctl(4, LOOP_CLR_FD) = 0
[pid 5149] close(4) = 0
[pid 5149] exit_group(0) = ?
[pid 5149] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5149, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./36/binderfs") = 0
umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./36/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./36/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./36/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./36") = 0
mkdir("./37", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5151
./strace-static-x86_64: Process 5151 attached
[pid 5151] chdir("./37") = 0
[pid 5151] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[ 57.729100][ T5149] loop0: detected capacity change from 0 to 512
[ 57.730612][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 57.749690][ T5149] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.764027][ T5149] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5151] setpgid(0, 0) = 0
[pid 5151] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5151] write(3, "1000", 4) = 4
[pid 5151] close(3) = 0
[pid 5151] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5151] memfd_create("syzkaller", 0) = 3
[pid 5151] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5151] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5151] munmap(0x7fe0539f9000, 262144) = 0
[pid 5151] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5151] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5151] close(3) = 0
[pid 5151] mkdir("./file0", 0777) = 0
[pid 5151] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5151] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5151] chdir("./file0") = 0
[pid 5151] ioctl(4, LOOP_CLR_FD) = 0
[pid 5151] close(4) = 0
[pid 5151] exit_group(0) = ?
[pid 5151] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5151, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./37", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./37/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./37/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./37/binderfs") = 0
umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./37/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./37/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./37/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./37") = 0
mkdir("./38", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5153
./strace-static-x86_64: Process 5153 attached
[pid 5153] chdir("./38") = 0
[pid 5153] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5153] setpgid(0, 0) = 0
[pid 5153] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[ 57.826603][ T5151] loop0: detected capacity change from 0 to 512
[ 57.839939][ T5151] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.849930][ T5151] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5153] write(3, "1000", 4) = 4
[pid 5153] close(3) = 0
[pid 5153] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5153] memfd_create("syzkaller", 0) = 3
[pid 5153] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5153] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5153] munmap(0x7fe0539f9000, 262144) = 0
[pid 5153] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5153] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5153] close(3) = 0
[pid 5153] mkdir("./file0", 0777) = 0
[pid 5153] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5153] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5153] chdir("./file0") = 0
[pid 5153] ioctl(4, LOOP_CLR_FD) = 0
[pid 5153] close(4) = 0
[pid 5153] exit_group(0) = ?
[pid 5153] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5153, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./38", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./38/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./38/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./38/binderfs") = 0
umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./38/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./38/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./38/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./38") = 0
mkdir("./39", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5155
./strace-static-x86_64: Process 5155 attached
[pid 5155] chdir("./39") = 0
[pid 5155] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5155] setpgid(0, 0) = 0
[pid 5155] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[ 57.924619][ T5153] loop0: detected capacity change from 0 to 512
[ 57.937858][ T5153] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.948564][ T5153] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5155] write(3, "1000", 4) = 4
[pid 5155] close(3) = 0
[pid 5155] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5155] memfd_create("syzkaller", 0) = 3
[pid 5155] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5155] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5155] munmap(0x7fe0539f9000, 262144) = 0
[pid 5155] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5155] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5155] close(3) = 0
[pid 5155] mkdir("./file0", 0777) = 0
[pid 5155] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5155] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5155] chdir("./file0") = 0
[pid 5155] ioctl(4, LOOP_CLR_FD) = 0
[pid 5155] close(4) = 0
[pid 5155] exit_group(0) = ?
[pid 5155] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5155, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./39", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./39/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./39/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./39/binderfs") = 0
umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./39/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./39/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./39/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./39") = 0
mkdir("./40", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5157
./strace-static-x86_64: Process 5157 attached
[pid 5157] chdir("./40") = 0
[pid 5157] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5157] setpgid(0, 0) = 0
[pid 5157] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5157] write(3, "1000", 4) = 4
[pid 5157] close(3) = 0
[pid 5157] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5157] memfd_create("syzkaller", 0) = 3
[pid 5157] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5157] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[ 58.021653][ T5155] loop0: detected capacity change from 0 to 512
[ 58.034193][ T5155] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.043882][ T5155] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5157] munmap(0x7fe0539f9000, 262144) = 0
[pid 5157] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5157] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5157] close(3) = 0
[pid 5157] mkdir("./file0", 0777) = 0
[pid 5157] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5157] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5157] chdir("./file0") = 0
[pid 5157] ioctl(4, LOOP_CLR_FD) = 0
[pid 5157] close(4) = 0
[pid 5157] exit_group(0) = ?
[pid 5157] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5157, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./40", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./40/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./40/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./40/binderfs") = 0
umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./40/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./40/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
[ 58.107501][ T5157] loop0: detected capacity change from 0 to 512
[ 58.119070][ T5157] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.129222][ T5157] EXT4-fs (loop0): 1 truncate cleaned up
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./40/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./40") = 0
mkdir("./41", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5159
./strace-static-x86_64: Process 5159 attached
[pid 5159] chdir("./41") = 0
[pid 5159] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5159] setpgid(0, 0) = 0
[pid 5159] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5159] write(3, "1000", 4) = 4
[pid 5159] close(3) = 0
[pid 5159] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5159] memfd_create("syzkaller", 0) = 3
[pid 5159] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5159] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5159] munmap(0x7fe0539f9000, 262144) = 0
[pid 5159] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5159] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5159] close(3) = 0
[pid 5159] mkdir("./file0", 0777) = 0
[pid 5159] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5159] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5159] chdir("./file0") = 0
[pid 5159] ioctl(4, LOOP_CLR_FD) = 0
[pid 5159] close(4) = 0
[pid 5159] exit_group(0) = ?
[pid 5159] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5159, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./41", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./41/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./41/binderfs") = 0
umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./41/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./41/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./41/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./41") = 0
mkdir("./42", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5161
./strace-static-x86_64: Process 5161 attached
[pid 5161] chdir("./42") = 0
[pid 5161] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5161] setpgid(0, 0) = 0
[pid 5161] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5161] write(3, "1000", 4) = 4
[pid 5161] close(3) = 0
[pid 5161] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5161] memfd_create("syzkaller", 0) = 3
[pid 5161] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5161] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5161] munmap(0x7fe0539f9000, 262144) = 0
[pid 5161] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 58.219095][ T5159] loop0: detected capacity change from 0 to 512
[ 58.230710][ T5159] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.240729][ T5159] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5161] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5161] close(3) = 0
[pid 5161] mkdir("./file0", 0777) = 0
[pid 5161] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5161] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5161] chdir("./file0") = 0
[pid 5161] ioctl(4, LOOP_CLR_FD) = 0
[pid 5161] close(4) = 0
[pid 5161] exit_group(0) = ?
[pid 5161] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5161, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./42", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./42/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./42/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./42/binderfs") = 0
umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./42/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 58.297759][ T5161] loop0: detected capacity change from 0 to 512
[ 58.309445][ T5161] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.319688][ T5161] EXT4-fs (loop0): 1 truncate cleaned up
openat(AT_FDCWD, "./42/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./42/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./42") = 0
mkdir("./43", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5163
./strace-static-x86_64: Process 5163 attached
[pid 5163] chdir("./43") = 0
[pid 5163] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5163] setpgid(0, 0) = 0
[pid 5163] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5163] write(3, "1000", 4) = 4
[pid 5163] close(3) = 0
[pid 5163] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5163] memfd_create("syzkaller", 0) = 3
[pid 5163] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5163] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5163] munmap(0x7fe0539f9000, 262144) = 0
[pid 5163] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5163] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5163] close(3) = 0
[pid 5163] mkdir("./file0", 0777) = 0
[pid 5163] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5163] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5163] chdir("./file0") = 0
[pid 5163] ioctl(4, LOOP_CLR_FD) = 0
[pid 5163] close(4) = 0
[pid 5163] exit_group(0) = ?
[pid 5163] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5163, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./43", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./43/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./43/binderfs") = 0
umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./43/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./43/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./43/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./43") = 0
mkdir("./44", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5165
./strace-static-x86_64: Process 5165 attached
[pid 5165] chdir("./44") = 0
[pid 5165] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5165] setpgid(0, 0) = 0
[pid 5165] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5165] write(3, "1000", 4) = 4
[pid 5165] close(3) = 0
[pid 5165] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5165] memfd_create("syzkaller", 0) = 3
[pid 5165] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[ 58.402985][ T5163] loop0: detected capacity change from 0 to 512
[ 58.414866][ T5163] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.425216][ T5163] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5165] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5165] munmap(0x7fe0539f9000, 262144) = 0
[pid 5165] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5165] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5165] close(3) = 0
[pid 5165] mkdir("./file0", 0777) = 0
[pid 5165] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5165] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5165] chdir("./file0") = 0
[pid 5165] ioctl(4, LOOP_CLR_FD) = 0
[pid 5165] close(4) = 0
[pid 5165] exit_group(0) = ?
[pid 5165] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5165, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./44", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./44/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./44/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./44/binderfs") = 0
umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./44/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./44/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./44/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./44") = 0
mkdir("./45", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5167
./strace-static-x86_64: Process 5167 attached
[pid 5167] chdir("./45") = 0
[pid 5167] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5167] setpgid(0, 0) = 0
[pid 5167] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[ 58.489849][ T5165] loop0: detected capacity change from 0 to 512
[ 58.501483][ T5165] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.511151][ T5165] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5167] write(3, "1000", 4) = 4
[pid 5167] close(3) = 0
[pid 5167] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5167] memfd_create("syzkaller", 0) = 3
[pid 5167] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5167] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5167] munmap(0x7fe0539f9000, 262144) = 0
[pid 5167] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5167] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5167] close(3) = 0
[pid 5167] mkdir("./file0", 0777) = 0
[pid 5167] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5167] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5167] chdir("./file0") = 0
[pid 5167] ioctl(4, LOOP_CLR_FD) = 0
[pid 5167] close(4) = 0
[pid 5167] exit_group(0) = ?
[pid 5167] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5167, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./45", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./45/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./45/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./45/binderfs") = 0
umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./45/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./45/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./45/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./45") = 0
mkdir("./46", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5169
./strace-static-x86_64: Process 5169 attached
[ 58.581948][ T5167] loop0: detected capacity change from 0 to 512
[ 58.594081][ T5167] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.604485][ T5167] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5169] chdir("./46") = 0
[pid 5169] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5169] setpgid(0, 0) = 0
[pid 5169] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5169] write(3, "1000", 4) = 4
[pid 5169] close(3) = 0
[pid 5169] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5169] memfd_create("syzkaller", 0) = 3
[pid 5169] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5169] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5169] munmap(0x7fe0539f9000, 262144) = 0
[pid 5169] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5169] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5169] close(3) = 0
[pid 5169] mkdir("./file0", 0777) = 0
[pid 5169] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5169] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5169] chdir("./file0") = 0
[pid 5169] ioctl(4, LOOP_CLR_FD) = 0
[pid 5169] close(4) = 0
[pid 5169] exit_group(0) = ?
[pid 5169] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5169, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./46", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./46/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./46/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./46/binderfs") = 0
umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./46/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./46/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./46/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./46") = 0
mkdir("./47", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5171
./strace-static-x86_64: Process 5171 attached
[pid 5171] chdir("./47") = 0
[pid 5171] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5171] setpgid(0, 0) = 0
[pid 5171] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5171] write(3, "1000", 4) = 4
[pid 5171] close(3) = 0
[pid 5171] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5171] memfd_create("syzkaller", 0) = 3
[pid 5171] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[ 58.693014][ T5169] loop0: detected capacity change from 0 to 512
[ 58.704584][ T5169] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.714365][ T5169] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5171] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5171] munmap(0x7fe0539f9000, 262144) = 0
[pid 5171] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5171] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5171] close(3) = 0
[pid 5171] mkdir("./file0", 0777) = 0
[pid 5171] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5171] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5171] chdir("./file0") = 0
[pid 5171] ioctl(4, LOOP_CLR_FD) = 0
[pid 5171] close(4) = 0
[pid 5171] exit_group(0) = ?
[pid 5171] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5171, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./47", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./47/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./47/binderfs") = 0
umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./47/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./47/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./47/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./47") = 0
mkdir("./48", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5173
./strace-static-x86_64: Process 5173 attached
[ 58.783107][ T5171] loop0: detected capacity change from 0 to 512
[ 58.785300][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 58.802813][ T5171] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.813577][ T5171] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5173] chdir("./48") = 0
[pid 5173] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5173] setpgid(0, 0) = 0
[pid 5173] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5173] write(3, "1000", 4) = 4
[pid 5173] close(3) = 0
[pid 5173] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5173] memfd_create("syzkaller", 0) = 3
[pid 5173] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5173] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5173] munmap(0x7fe0539f9000, 262144) = 0
[pid 5173] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5173] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5173] close(3) = 0
[pid 5173] mkdir("./file0", 0777) = 0
[pid 5173] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5173] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5173] chdir("./file0") = 0
[pid 5173] ioctl(4, LOOP_CLR_FD) = 0
[pid 5173] close(4) = 0
[pid 5173] exit_group(0) = ?
[pid 5173] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5173, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./48", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./48/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./48/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./48/binderfs") = 0
umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./48/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./48/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./48/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./48") = 0
mkdir("./49", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5175
./strace-static-x86_64: Process 5175 attached
[pid 5175] chdir("./49") = 0
[pid 5175] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5175] setpgid(0, 0) = 0
[pid 5175] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5175] write(3, "1000", 4) = 4
[pid 5175] close(3) = 0
[pid 5175] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5175] memfd_create("syzkaller", 0) = 3
[pid 5175] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5175] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5175] munmap(0x7fe0539f9000, 262144) = 0
[pid 5175] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 58.883968][ T5173] loop0: detected capacity change from 0 to 512
[ 58.896155][ T5173] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.906230][ T5173] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5175] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5175] close(3) = 0
[pid 5175] mkdir("./file0", 0777) = 0
[pid 5175] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5175] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5175] chdir("./file0") = 0
[pid 5175] ioctl(4, LOOP_CLR_FD) = 0
[pid 5175] close(4) = 0
[pid 5175] exit_group(0) = ?
[pid 5175] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5175, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./49", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./49/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./49/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./49/binderfs") = 0
umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./49/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./49/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./49/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./49") = 0
mkdir("./50", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
[ 58.965183][ T5175] loop0: detected capacity change from 0 to 512
[ 58.977984][ T5175] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.988921][ T5175] EXT4-fs (loop0): 1 truncate cleaned up
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5177
./strace-static-x86_64: Process 5177 attached
[pid 5177] chdir("./50") = 0
[pid 5177] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5177] setpgid(0, 0) = 0
[pid 5177] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5177] write(3, "1000", 4) = 4
[pid 5177] close(3) = 0
[pid 5177] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5177] memfd_create("syzkaller", 0) = 3
[pid 5177] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5177] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5177] munmap(0x7fe0539f9000, 262144) = 0
[pid 5177] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5177] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5177] close(3) = 0
[pid 5177] mkdir("./file0", 0777) = 0
[pid 5177] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5177] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5177] chdir("./file0") = 0
[pid 5177] ioctl(4, LOOP_CLR_FD) = 0
[pid 5177] close(4) = 0
[pid 5177] exit_group(0) = ?
[pid 5177] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5177, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./50", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./50/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./50/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./50/binderfs") = 0
umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./50/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./50/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
[ 59.055745][ T5177] loop0: detected capacity change from 0 to 512
[ 59.068183][ T5177] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.079205][ T5177] EXT4-fs (loop0): 1 truncate cleaned up
rmdir("./50/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./50") = 0
mkdir("./51", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5179
./strace-static-x86_64: Process 5179 attached
[pid 5179] chdir("./51") = 0
[pid 5179] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5179] setpgid(0, 0) = 0
[pid 5179] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5179] write(3, "1000", 4) = 4
[pid 5179] close(3) = 0
[pid 5179] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5179] memfd_create("syzkaller", 0) = 3
[pid 5179] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5179] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5179] munmap(0x7fe0539f9000, 262144) = 0
[pid 5179] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5179] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5179] close(3) = 0
[pid 5179] mkdir("./file0", 0777) = 0
[pid 5179] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5179] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5179] chdir("./file0") = 0
[pid 5179] ioctl(4, LOOP_CLR_FD) = 0
[pid 5179] close(4) = 0
[pid 5179] exit_group(0) = ?
[pid 5179] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5179, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./51", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./51/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./51/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./51/binderfs") = 0
umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./51/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./51/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./51/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./51") = 0
mkdir("./52", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5181
./strace-static-x86_64: Process 5181 attached
[pid 5181] chdir("./52") = 0
[pid 5181] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5181] setpgid(0, 0) = 0
[pid 5181] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5181] write(3, "1000", 4) = 4
[pid 5181] close(3) = 0
[pid 5181] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5181] memfd_create("syzkaller", 0) = 3
[pid 5181] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[ 59.164636][ T5179] loop0: detected capacity change from 0 to 512
[ 59.176272][ T5179] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.185785][ T5179] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5181] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5181] munmap(0x7fe0539f9000, 262144) = 0
[pid 5181] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5181] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5181] close(3) = 0
[pid 5181] mkdir("./file0", 0777) = 0
[pid 5181] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5181] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5181] chdir("./file0") = 0
[pid 5181] ioctl(4, LOOP_CLR_FD) = 0
[pid 5181] close(4) = 0
[pid 5181] exit_group(0) = ?
[pid 5181] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5181, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./52", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./52/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./52/binderfs") = 0
umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./52/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./52/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./52/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./52") = 0
mkdir("./53", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5183
./strace-static-x86_64: Process 5183 attached
[pid 5183] chdir("./53") = 0
[pid 5183] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5183] setpgid(0, 0) = 0
[pid 5183] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5183] write(3, "1000", 4) = 4
[pid 5183] close(3) = 0
[pid 5183] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5183] memfd_create("syzkaller", 0) = 3
[pid 5183] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5183] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5183] munmap(0x7fe0539f9000, 262144) = 0
[pid 5183] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 59.250618][ T5181] loop0: detected capacity change from 0 to 512
[ 59.262592][ T5181] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.272820][ T5181] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5183] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5183] close(3) = 0
[pid 5183] mkdir("./file0", 0777) = 0
[pid 5183] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5183] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5183] chdir("./file0") = 0
[pid 5183] ioctl(4, LOOP_CLR_FD) = 0
[pid 5183] close(4) = 0
[pid 5183] exit_group(0) = ?
[pid 5183] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5183, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./53", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./53/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./53/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./53/binderfs") = 0
umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./53/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./53/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./53/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./53") = 0
mkdir("./54", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5185 attached
, child_tidptr=0x5555564115d0) = 5185
[pid 5185] chdir("./54") = 0
[pid 5185] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5185] setpgid(0, 0) = 0
[pid 5185] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5185] write(3, "1000", 4) = 4
[pid 5185] close(3) = 0
[pid 5185] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5185] memfd_create("syzkaller", 0) = 3
[pid 5185] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[ 59.331845][ T5183] loop0: detected capacity change from 0 to 512
[ 59.344835][ T5183] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.354685][ T5183] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5185] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5185] munmap(0x7fe0539f9000, 262144) = 0
[pid 5185] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5185] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5185] close(3) = 0
[pid 5185] mkdir("./file0", 0777) = 0
[pid 5185] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5185] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5185] chdir("./file0") = 0
[pid 5185] ioctl(4, LOOP_CLR_FD) = 0
[pid 5185] close(4) = 0
[pid 5185] exit_group(0) = ?
[pid 5185] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5185, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./54", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./54/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./54/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./54/binderfs") = 0
umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./54/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./54/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./54/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./54") = 0
mkdir("./55", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5187
./strace-static-x86_64: Process 5187 attached
[pid 5187] chdir("./55") = 0
[pid 5187] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[ 59.420913][ T5185] loop0: detected capacity change from 0 to 512
[ 59.433143][ T5185] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.443508][ T5185] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5187] setpgid(0, 0) = 0
[pid 5187] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5187] write(3, "1000", 4) = 4
[pid 5187] close(3) = 0
[pid 5187] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5187] memfd_create("syzkaller", 0) = 3
[pid 5187] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5187] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5187] munmap(0x7fe0539f9000, 262144) = 0
[pid 5187] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5187] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5187] close(3) = 0
[pid 5187] mkdir("./file0", 0777) = 0
[pid 5187] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5187] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5187] chdir("./file0") = 0
[pid 5187] ioctl(4, LOOP_CLR_FD) = 0
[pid 5187] close(4) = 0
[pid 5187] exit_group(0) = ?
[pid 5187] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5187, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./55", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./55/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./55/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./55/binderfs") = 0
umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./55/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./55/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./55/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./55") = 0
mkdir("./56", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5189
./strace-static-x86_64: Process 5189 attached
[pid 5189] chdir("./56") = 0
[pid 5189] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5189] setpgid(0, 0) = 0
[pid 5189] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5189] write(3, "1000", 4) = 4
[pid 5189] close(3) = 0
[pid 5189] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5189] memfd_create("syzkaller", 0) = 3
[pid 5189] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[ 59.514886][ T5187] loop0: detected capacity change from 0 to 512
[ 59.527580][ T5187] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.537563][ T5187] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5189] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5189] munmap(0x7fe0539f9000, 262144) = 0
[pid 5189] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5189] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5189] close(3) = 0
[pid 5189] mkdir("./file0", 0777) = 0
[pid 5189] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5189] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5189] chdir("./file0") = 0
[pid 5189] ioctl(4, LOOP_CLR_FD) = 0
[pid 5189] close(4) = 0
[pid 5189] exit_group(0) = ?
[pid 5189] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5189, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./56", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./56/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./56/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./56/binderfs") = 0
umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./56/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./56/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./56/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./56") = 0
mkdir("./57", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5191
./strace-static-x86_64: Process 5191 attached
[pid 5191] chdir("./57") = 0
[pid 5191] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5191] setpgid(0, 0) = 0
[pid 5191] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5191] write(3, "1000", 4) = 4
[pid 5191] close(3) = 0
[pid 5191] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5191] memfd_create("syzkaller", 0) = 3
[pid 5191] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5191] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5191] munmap(0x7fe0539f9000, 262144) = 0
[pid 5191] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 59.603521][ T5189] loop0: detected capacity change from 0 to 512
[ 59.614935][ T5189] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.625468][ T5189] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5191] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5191] close(3) = 0
[pid 5191] mkdir("./file0", 0777) = 0
[pid 5191] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5191] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5191] chdir("./file0") = 0
[pid 5191] ioctl(4, LOOP_CLR_FD) = 0
[pid 5191] close(4) = 0
[pid 5191] exit_group(0) = ?
[pid 5191] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5191, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./57", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./57/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./57/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./57/binderfs") = 0
umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./57/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./57/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./57/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./57") = 0
mkdir("./58", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
[ 59.682649][ T5191] loop0: detected capacity change from 0 to 512
[ 59.694860][ T5191] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.704553][ T5191] EXT4-fs (loop0): 1 truncate cleaned up
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5193 attached
, child_tidptr=0x5555564115d0) = 5193
[pid 5193] chdir("./58") = 0
[pid 5193] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5193] setpgid(0, 0) = 0
[pid 5193] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5193] write(3, "1000", 4) = 4
[pid 5193] close(3) = 0
[pid 5193] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5193] memfd_create("syzkaller", 0) = 3
[pid 5193] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5193] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5193] munmap(0x7fe0539f9000, 262144) = 0
[pid 5193] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5193] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5193] close(3) = 0
[pid 5193] mkdir("./file0", 0777) = 0
[pid 5193] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5193] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5193] chdir("./file0") = 0
[pid 5193] ioctl(4, LOOP_CLR_FD) = 0
[pid 5193] close(4) = 0
[pid 5193] exit_group(0) = ?
[pid 5193] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5193, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./58", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./58/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./58/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./58/binderfs") = 0
umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./58/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./58/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
[ 59.785603][ T5193] loop0: detected capacity change from 0 to 512
[ 59.798653][ T5193] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.808618][ T5193] EXT4-fs (loop0): 1 truncate cleaned up
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./58/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./58") = 0
mkdir("./59", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5195
./strace-static-x86_64: Process 5195 attached
[pid 5195] chdir("./59") = 0
[pid 5195] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5195] setpgid(0, 0) = 0
[pid 5195] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5195] write(3, "1000", 4) = 4
[pid 5195] close(3) = 0
[pid 5195] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5195] memfd_create("syzkaller", 0) = 3
[pid 5195] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5195] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5195] munmap(0x7fe0539f9000, 262144) = 0
[pid 5195] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5195] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5195] close(3) = 0
[pid 5195] mkdir("./file0", 0777) = 0
[ 59.903273][ T5195] loop0: detected capacity change from 0 to 512
[ 59.914078][ T5195] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.923529][ T5195]
[ 59.925941][ T5195] ======================================================
[ 59.933038][ T5195] WARNING: possible circular locking dependency detected
[ 59.940060][ T5195] 6.1.0-syzkaller-13822-g6feb57c2fd7c #0 Not tainted
[ 59.946723][ T5195] ------------------------------------------------------
[ 59.953722][ T5195] syz-executor380/5195 is trying to acquire lock:
[ 59.960139][ T5195] ffff888076905068 (&dquot->dq_lock){+.+.}-{3:3}, at: dquot_commit+0x51/0x570
[ 59.969022][ T5195]
[ 59.969022][ T5195] but task is already holding lock:
[ 59.976377][ T5195] ffff8880769ddcd0 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_truncate+0xf85/0x15d0
[ 59.985681][ T5195]
[ 59.985681][ T5195] which lock already depends on the new lock.
[ 59.985681][ T5195]
[ 59.996077][ T5195]
[ 59.996077][ T5195] the existing dependency chain (in reverse order) is:
[ 60.005102][ T5195]
[ 60.005102][ T5195] -> #2 (&ei->i_data_sem/2){++++}-{3:3}:
[ 60.012911][ T5195] down_read+0x9c/0x450
[ 60.017583][ T5195] ext4_map_blocks+0x267/0x18d0
[ 60.022967][ T5195] ext4_getblk+0x5f6/0x7a0
[ 60.028012][ T5195] ext4_bread+0x2e/0x190
[ 60.032777][ T5195] ext4_quota_write+0x218/0x620
[ 60.038187][ T5195] write_blk+0x12e/0x220
[ 60.042947][ T5195] get_free_dqblk+0x104/0x2f0
[ 60.048323][ T5195] do_insert_tree+0x3c5/0x12d0
[ 60.053610][ T5195] do_insert_tree+0x696/0x12d0
[ 60.058895][ T5195] do_insert_tree+0x696/0x12d0
[ 60.064174][ T5195] do_insert_tree+0x696/0x12d0
[ 60.069461][ T5195] qtree_write_dquot+0x3b4/0x570
[ 60.074923][ T5195] v2_write_dquot+0x120/0x250
[ 60.080295][ T5195] dquot_acquire+0x3d1/0x6c0
[ 60.085405][ T5195] ext4_acquire_dquot+0x2b1/0x3d0
[ 60.091033][ T5195] dqget+0x67d/0x1080
[ 60.095549][ T5195] __dquot_initialize+0x560/0xbe0
[ 60.101180][ T5195] ext4_process_orphan+0x47/0x410
[ 60.106717][ T5195] ext4_orphan_cleanup+0x6fb/0x10f0
[ 60.112433][ T5195] ext4_fill_super+0x9f20/0xb220
[ 60.117912][ T5195] get_tree_bdev+0x444/0x760
[ 60.123026][ T5195] vfs_get_tree+0x8d/0x2f0
[ 60.127957][ T5195] path_mount+0x132a/0x1e20
[ 60.132977][ T5195] __x64_sys_mount+0x283/0x300
[ 60.138261][ T5195] do_syscall_64+0x39/0xb0
[ 60.143227][ T5195] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 60.149657][ T5195]
[ 60.149657][ T5195] -> #1 (&s->s_dquot.dqio_sem){++++}-{3:3}:
[ 60.157729][ T5195] down_read+0x9c/0x450
[ 60.162414][ T5195] v2_read_dquot+0x4d/0x120
[ 60.167438][ T5195] dquot_acquire+0x1b3/0x6c0
[ 60.172547][ T5195] ext4_acquire_dquot+0x2b1/0x3d0
[ 60.178094][ T5195] dqget+0x67d/0x1080
[ 60.182594][ T5195] __dquot_initialize+0x560/0xbe0
[ 60.188141][ T5195] ext4_process_orphan+0x47/0x410
[ 60.193852][ T5195] ext4_orphan_cleanup+0x6fb/0x10f0
[ 60.199564][ T5195] ext4_fill_super+0x9f20/0xb220
[ 60.205193][ T5195] get_tree_bdev+0x444/0x760
[ 60.210304][ T5195] vfs_get_tree+0x8d/0x2f0
[ 60.215245][ T5195] path_mount+0x132a/0x1e20
[ 60.220276][ T5195] __x64_sys_mount+0x283/0x300
[ 60.225560][ T5195] do_syscall_64+0x39/0xb0
[ 60.231284][ T5195] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 60.237727][ T5195]
[ 60.237727][ T5195] -> #0 (&dquot->dq_lock){+.+.}-{3:3}:
[ 60.245365][ T5195] __lock_acquire+0x2a43/0x56d0
[ 60.250737][ T5195] lock_acquire+0x1e3/0x630
[ 60.255764][ T5195] __mutex_lock+0x12f/0x1360
[ 60.261047][ T5195] dquot_commit+0x51/0x570
[ 60.265979][ T5195] ext4_write_dquot+0x25f/0x330
[ 60.271347][ T5195] ext4_mark_dquot_dirty+0x115/0x1b0
[ 60.277166][ T5195] __dquot_free_space+0x773/0xaf0
[ 60.282731][ T5195] ext4_free_blocks+0x11ca/0x2300
[ 60.288267][ T5195] ext4_ext_remove_space+0x203c/0x46e0
[ 60.294249][ T5195] ext4_ext_truncate+0x34b/0x400
[ 60.299966][ T5195] ext4_truncate+0xfea/0x15d0
[ 60.305161][ T5195] ext4_process_orphan+0x158/0x410
[ 60.310787][ T5195] ext4_orphan_cleanup+0x6fb/0x10f0
[ 60.316495][ T5195] ext4_fill_super+0x9f20/0xb220
[ 60.321949][ T5195] get_tree_bdev+0x444/0x760
[ 60.327071][ T5195] vfs_get_tree+0x8d/0x2f0
[ 60.332005][ T5195] path_mount+0x132a/0x1e20
[ 60.337028][ T5195] __x64_sys_mount+0x283/0x300
[ 60.342316][ T5195] do_syscall_64+0x39/0xb0
[ 60.347258][ T5195] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 60.353685][ T5195]
[ 60.353685][ T5195] other info that might help us debug this:
[ 60.353685][ T5195]
[ 60.364248][ T5195] Chain exists of:
[ 60.364248][ T5195] &dquot->dq_lock --> &s->s_dquot.dqio_sem --> &ei->i_data_sem/2
[ 60.364248][ T5195]
[ 60.377912][ T5195] Possible unsafe locking scenario:
[ 60.377912][ T5195]
[ 60.385453][ T5195] CPU0 CPU1
[ 60.390804][ T5195] ---- ----
[ 60.396165][ T5195] lock(&ei->i_data_sem/2);
[ 60.400787][ T5195] lock(&s->s_dquot.dqio_sem);
[ 60.408145][ T5195] lock(&ei->i_data_sem/2);
[ 60.415270][ T5195] lock(&dquot->dq_lock);
[ 60.419678][ T5195]
[ 60.419678][ T5195] *** DEADLOCK ***
[ 60.419678][ T5195]
[ 60.427807][ T5195] 4 locks held by syz-executor380/5195:
[ 60.433358][ T5195] #0: ffff88807b8ca0e0 (&type->s_umount_key#28/1){+.+.}-{3:3}, at: alloc_super+0x22e/0xb60
[ 60.443478][ T5195] #1: ffff8880769dde48 (&sb->s_type->i_mutex_key#8){++++}-{3:3}, at: ext4_process_orphan+0x109/0x410
[ 60.454458][ T5195] #2: ffff8880769ddcd0 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_truncate+0xf85/0x15d0
[ 60.464209][ T5195] #3: ffffffff8c975e68 (dquot_srcu){....}-{0:0}, at: __dquot_free_space+0x1a8/0xaf0
[ 60.473882][ T5195]
[ 60.473882][ T5195] stack backtrace:
[ 60.479751][ T5195] CPU: 0 PID: 5195 Comm: syz-executor380 Not tainted 6.1.0-syzkaller-13822-g6feb57c2fd7c #0
[ 60.489807][ T5195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 60.499942][ T5195] Call Trace:
[ 60.503213][ T5195]
[ 60.506136][ T5195] dump_stack_lvl+0xd1/0x138
[ 60.510724][ T5195] check_noncircular+0x25f/0x2e0
[ 60.515656][ T5195] ? print_circular_bug+0x1e0/0x1e0
[ 60.520843][ T5195] ? __lockdep_reset_lock+0x1a0/0x1a0
[ 60.526224][ T5195] __lock_acquire+0x2a43/0x56d0
[ 60.531242][ T5195] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 60.537217][ T5195] ? check_path.constprop.0+0x24/0x50
[ 60.542597][ T5195] lock_acquire+0x1e3/0x630
[ 60.547094][ T5195] ? dquot_commit+0x51/0x570
[ 60.551688][ T5195] ? lock_release+0x810/0x810
[ 60.556366][ T5195] __mutex_lock+0x12f/0x1360
[ 60.560960][ T5195] ? dquot_commit+0x51/0x570
[ 60.565547][ T5195] ? dquot_commit+0x51/0x570
[ 60.570141][ T5195] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 60.576135][ T5195] ? mutex_lock_io_nested+0x11a0/0x11a0
[ 60.581702][ T5195] dquot_commit+0x51/0x570
[ 60.586392][ T5195] ? ext4_write_dquot+0x236/0x330
[ 60.591586][ T5195] ext4_write_dquot+0x25f/0x330
[ 60.596431][ T5195] ext4_mark_dquot_dirty+0x115/0x1b0
[ 60.601798][ T5195] __dquot_free_space+0x773/0xaf0
[ 60.607346][ T5195] ? dquot_reclaim_space_nodirty+0x6a0/0x6a0
[ 60.613323][ T5195] ? ext4_free_blocks+0x16d2/0x2300
[ 60.618511][ T5195] ? lock_downgrade+0x6e0/0x6e0
[ 60.623360][ T5195] ext4_free_blocks+0x11ca/0x2300
[ 60.628382][ T5195] ? ext4_mb_new_blocks+0x50f0/0x50f0
[ 60.633758][ T5195] ext4_ext_remove_space+0x203c/0x46e0
[ 60.639241][ T5195] ? ext4_ext_index_trans_blocks+0x160/0x160
[ 60.645766][ T5195] ? ext4_es_remove_extent+0x10a/0x510
[ 60.651225][ T5195] ? ext4_es_lookup_extent+0xe00/0xe00
[ 60.656694][ T5195] ? down_write+0x157/0x220
[ 60.661207][ T5195] ext4_ext_truncate+0x34b/0x400
[ 60.666156][ T5195] ext4_truncate+0xfea/0x15d0
[ 60.670834][ T5195] ? ext4_punch_hole+0x1260/0x1260
[ 60.675958][ T5195] ? down_write_killable+0x250/0x250
[ 60.681245][ T5195] ? __brelse+0x88/0xa0
[ 60.685406][ T5195] ext4_process_orphan+0x158/0x410
[ 60.690510][ T5195] ext4_orphan_cleanup+0x6fb/0x10f0
[ 60.695710][ T5195] ? ext4_process_orphan+0x410/0x410
[ 60.701167][ T5195] ext4_fill_super+0x9f20/0xb220
[ 60.706288][ T5195] ? ext4_reconfigure+0x2a50/0x2a50
[ 60.711571][ T5195] ? snprintf+0xbf/0x100
[ 60.715818][ T5195] ? vsprintf+0x30/0x30
[ 60.719972][ T5195] ? wait_for_completion_io_timeout+0x20/0x20
[ 60.726053][ T5195] get_tree_bdev+0x444/0x760
[ 60.730642][ T5195] ? ext4_reconfigure+0x2a50/0x2a50
[ 60.735842][ T5195] vfs_get_tree+0x8d/0x2f0
[ 60.740255][ T5195] path_mount+0x132a/0x1e20
[ 60.744845][ T5195] ? kmem_cache_free+0xee/0x5c0
[ 60.749867][ T5195] ? finish_automount+0x960/0x960
[ 60.754892][ T5195] ? putname+0x102/0x140
[ 60.759149][ T5195] __x64_sys_mount+0x283/0x300
[ 60.764143][ T5195] ? copy_mnt_ns+0xb30/0xb30
[ 60.769076][ T5195] ? lockdep_hardirqs_on+0x7d/0x100
[ 60.774457][ T5195] ? _raw_spin_unlock_irq+0x2e/0x50
[ 60.779752][ T5195] ? ptrace_notify+0xfe/0x140
[ 60.784441][ T5195] do_syscall_64+0x39/0xb0
[ 60.788946][ T5195] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 60.795280][ T5195] RIP: 0033:0x7fe05be47cfa
[ 60.799683][ T5195] Code: 48 c7 c2 c0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 a8 00 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 60.819281][ T5195] RSP: 002b:00007ffd25f2ee58 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[ 60.827699][ T5195] RAX: ffffffffffffffda RBX: 00005555564112c0 RCX: 00007fe05be47cfa
[ 60.835677][ T5195] RDX: 0000000020000140 RSI: 0000000020000500 RDI: 00007ffd25f2eea0
[ 60.843637][ T5195] RBP: 0000000000000000 R08: 00007ffd25f2eee0 R09: 000000000000049f
[pid 5195] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5195] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5195] chdir("./file0") = 0
[pid 5195] ioctl(4, LOOP_CLR_FD) = 0
[pid 5195] close(4) = 0
[pid 5195] exit_group(0) = ?
[pid 5195] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5195, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./59", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./59/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./59/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./59/binderfs") = 0
umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./59/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./59/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./59/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./59") = 0
mkdir("./60", 0777) = 0
[ 60.851599][ T5195] R10: 0000000000000047 R11: 0000000000000202 R12: 0000000000000004
[ 60.859578][ T5195] R13: 00007ffd25f2eee0 R14: 0000000000000003 R15: 00007ffd25f2eea0
[ 60.867573][ T5195]
[ 60.871920][ T5195] EXT4-fs (loop0): 1 truncate cleaned up
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5197
./strace-static-x86_64: Process 5197 attached
[pid 5197] chdir("./60") = 0
[pid 5197] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5197] setpgid(0, 0) = 0
[pid 5197] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5197] write(3, "1000", 4) = 4
[pid 5197] close(3) = 0
[pid 5197] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5197] memfd_create("syzkaller", 0) = 3
[pid 5197] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5197] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5197] munmap(0x7fe0539f9000, 262144) = 0
[pid 5197] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5197] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5197] close(3) = 0
[pid 5197] mkdir("./file0", 0777) = 0
[pid 5197] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5197] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5197] chdir("./file0") = 0
[pid 5197] ioctl(4, LOOP_CLR_FD) = 0
[pid 5197] close(4) = 0
[pid 5197] exit_group(0) = ?
[pid 5197] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5197, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./60", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
[ 60.933146][ T5197] loop0: detected capacity change from 0 to 512
[ 60.943645][ T5197] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 60.952412][ T5197] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./60/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./60/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./60/binderfs") = 0
umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./60/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./60/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./60/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./60") = 0
mkdir("./61", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5199
./strace-static-x86_64: Process 5199 attached
[pid 5199] chdir("./61") = 0
[pid 5199] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5199] setpgid(0, 0) = 0
[pid 5199] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5199] write(3, "1000", 4) = 4
[pid 5199] close(3) = 0
[pid 5199] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5199] memfd_create("syzkaller", 0) = 3
[pid 5199] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5199] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5199] munmap(0x7fe0539f9000, 262144) = 0
[pid 5199] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5199] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5199] close(3) = 0
[pid 5199] mkdir("./file0", 0777) = 0
[pid 5199] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5199] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5199] chdir("./file0") = 0
[pid 5199] ioctl(4, LOOP_CLR_FD) = 0
[pid 5199] close(4) = 0
[pid 5199] exit_group(0) = ?
[pid 5199] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5199, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./61/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./61/binderfs") = 0
umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./61/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./61/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./61") = 0
mkdir("./62", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5201
./strace-static-x86_64: Process 5201 attached
[pid 5201] chdir("./62") = 0
[pid 5201] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5201] setpgid(0, 0) = 0
[pid 5201] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5201] write(3, "1000", 4) = 4
[pid 5201] close(3) = 0
[pid 5201] symlink("/dev/binderfs", "./binderfs") = 0
[ 61.026526][ T5199] loop0: detected capacity change from 0 to 512
[ 61.037222][ T5199] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.045779][ T5199] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5201] memfd_create("syzkaller", 0) = 3
[pid 5201] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5201] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5201] munmap(0x7fe0539f9000, 262144) = 0
[pid 5201] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5201] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5201] close(3) = 0
[pid 5201] mkdir("./file0", 0777) = 0
[pid 5201] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5201] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5201] chdir("./file0") = 0
[pid 5201] ioctl(4, LOOP_CLR_FD) = 0
[pid 5201] close(4) = 0
[pid 5201] exit_group(0) = ?
[pid 5201] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5201, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./62/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./62/binderfs") = 0
umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./62/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./62/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./62") = 0
mkdir("./63", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5203
./strace-static-x86_64: Process 5203 attached
[pid 5203] chdir("./63") = 0
[pid 5203] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5203] setpgid(0, 0) = 0
[pid 5203] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5203] write(3, "1000", 4) = 4
[pid 5203] close(3) = 0
[pid 5203] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5203] memfd_create("syzkaller", 0) = 3
[pid 5203] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5203] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5203] munmap(0x7fe0539f9000, 262144) = 0
[pid 5203] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 61.093812][ T5201] loop0: detected capacity change from 0 to 512
[ 61.104893][ T5201] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.114847][ T5201] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5203] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5203] close(3) = 0
[pid 5203] mkdir("./file0", 0777) = 0
[pid 5203] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5203] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5203] chdir("./file0") = 0
[pid 5203] ioctl(4, LOOP_CLR_FD) = 0
[pid 5203] close(4) = 0
[pid 5203] exit_group(0) = ?
[pid 5203] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5203, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./63/binderfs") = 0
umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./63/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./63/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./63") = 0
mkdir("./64", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5205
./strace-static-x86_64: Process 5205 attached
[pid 5205] chdir("./64") = 0
[pid 5205] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5205] setpgid(0, 0) = 0
[pid 5205] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5205] write(3, "1000", 4) = 4
[pid 5205] close(3) = 0
[pid 5205] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5205] memfd_create("syzkaller", 0) = 3
[pid 5205] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5205] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5205] munmap(0x7fe0539f9000, 262144) = 0
[pid 5205] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 61.156291][ T5203] loop0: detected capacity change from 0 to 512
[ 61.157046][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 61.174828][ T5203] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.183371][ T5203] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5205] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5205] close(3) = 0
[pid 5205] mkdir("./file0", 0777) = 0
[pid 5205] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5205] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5205] chdir("./file0") = 0
[pid 5205] ioctl(4, LOOP_CLR_FD) = 0
[pid 5205] close(4) = 0
[pid 5205] exit_group(0) = ?
[pid 5205] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5205, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./64/binderfs") = 0
umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./64/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./64/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./64") = 0
mkdir("./65", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5207
./strace-static-x86_64: Process 5207 attached
[pid 5207] chdir("./65") = 0
[pid 5207] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5207] setpgid(0, 0) = 0
[pid 5207] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5207] write(3, "1000", 4) = 4
[pid 5207] close(3) = 0
[pid 5207] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5207] memfd_create("syzkaller", 0) = 3
[pid 5207] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[ 61.233726][ T5205] loop0: detected capacity change from 0 to 512
[ 61.243806][ T5205] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.252794][ T5205] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5207] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5207] munmap(0x7fe0539f9000, 262144) = 0
[pid 5207] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5207] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5207] close(3) = 0
[pid 5207] mkdir("./file0", 0777) = 0
[pid 5207] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5207] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5207] chdir("./file0") = 0
[pid 5207] ioctl(4, LOOP_CLR_FD) = 0
[pid 5207] close(4) = 0
[pid 5207] exit_group(0) = ?
[pid 5207] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5207, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./65/binderfs") = 0
umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./65/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./65/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./65") = 0
mkdir("./66", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5209
./strace-static-x86_64: Process 5209 attached
[pid 5209] chdir("./66") = 0
[pid 5209] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5209] setpgid(0, 0) = 0
[pid 5209] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5209] write(3, "1000", 4) = 4
[pid 5209] close(3) = 0
[pid 5209] symlink("/dev/binderfs", "./binderfs") = 0
[ 61.296614][ T5207] loop0: detected capacity change from 0 to 512
[ 61.306527][ T5207] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.315068][ T5207] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5209] memfd_create("syzkaller", 0) = 3
[pid 5209] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5209] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5209] munmap(0x7fe0539f9000, 262144) = 0
[pid 5209] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5209] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5209] close(3) = 0
[pid 5209] mkdir("./file0", 0777) = 0
[pid 5209] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5209] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5209] chdir("./file0") = 0
[pid 5209] ioctl(4, LOOP_CLR_FD) = 0
[pid 5209] close(4) = 0
[pid 5209] exit_group(0) = ?
[pid 5209] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5209, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./66/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./66/binderfs") = 0
umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./66/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./66/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./66") = 0
mkdir("./67", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5211 attached
, child_tidptr=0x5555564115d0) = 5211
[pid 5211] chdir("./67") = 0
[pid 5211] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5211] setpgid(0, 0) = 0
[pid 5211] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5211] write(3, "1000", 4) = 4
[pid 5211] close(3) = 0
[pid 5211] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5211] memfd_create("syzkaller", 0) = 3
[pid 5211] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5211] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5211] munmap(0x7fe0539f9000, 262144) = 0
[pid 5211] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 61.364403][ T5209] loop0: detected capacity change from 0 to 512
[ 61.375238][ T5209] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.384163][ T5209] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5211] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5211] close(3) = 0
[pid 5211] mkdir("./file0", 0777) = 0
[pid 5211] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5211] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5211] chdir("./file0") = 0
[pid 5211] ioctl(4, LOOP_CLR_FD) = 0
[pid 5211] close(4) = 0
[pid 5211] exit_group(0) = ?
[pid 5211] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5211, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./67/binderfs") = 0
umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./67/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./67/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./67") = 0
mkdir("./68", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5213
./strace-static-x86_64: Process 5213 attached
[pid 5213] chdir("./68") = 0
[pid 5213] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5213] setpgid(0, 0) = 0
[pid 5213] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5213] write(3, "1000", 4) = 4
[pid 5213] close(3) = 0
[pid 5213] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5213] memfd_create("syzkaller", 0) = 3
[pid 5213] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[ 61.426631][ T5211] loop0: detected capacity change from 0 to 512
[ 61.436514][ T5211] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.445268][ T5211] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5213] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5213] munmap(0x7fe0539f9000, 262144) = 0
[pid 5213] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5213] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5213] close(3) = 0
[pid 5213] mkdir("./file0", 0777) = 0
[pid 5213] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5213] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5213] chdir("./file0") = 0
[pid 5213] ioctl(4, LOOP_CLR_FD) = 0
[pid 5213] close(4) = 0
[pid 5213] exit_group(0) = ?
[pid 5213] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5213, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./68/binderfs") = 0
umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./68/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./68/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./68") = 0
mkdir("./69", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5215
./strace-static-x86_64: Process 5215 attached
[pid 5215] chdir("./69") = 0
[pid 5215] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5215] setpgid(0, 0) = 0
[pid 5215] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5215] write(3, "1000", 4) = 4
[pid 5215] close(3) = 0
[pid 5215] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5215] memfd_create("syzkaller", 0) = 3
[pid 5215] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5215] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5215] munmap(0x7fe0539f9000, 262144) = 0
[pid 5215] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 61.491201][ T5213] loop0: detected capacity change from 0 to 512
[ 61.493188][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 61.509392][ T5213] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.519399][ T5213] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5215] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5215] close(3) = 0
[pid 5215] mkdir("./file0", 0777) = 0
[pid 5215] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5215] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5215] chdir("./file0") = 0
[pid 5215] ioctl(4, LOOP_CLR_FD) = 0
[pid 5215] close(4) = 0
[pid 5215] exit_group(0) = ?
[pid 5215] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5215, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 61.572435][ T5215] loop0: detected capacity change from 0 to 512
[ 61.582024][ T5215] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.590964][ T5215] EXT4-fs (loop0): 1 truncate cleaned up
lstat("./69/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./69/binderfs") = 0
umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./69/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./69/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./69") = 0
mkdir("./70", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5217
./strace-static-x86_64: Process 5217 attached
[pid 5217] chdir("./70") = 0
[pid 5217] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5217] setpgid(0, 0) = 0
[pid 5217] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5217] write(3, "1000", 4) = 4
[pid 5217] close(3) = 0
[pid 5217] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5217] memfd_create("syzkaller", 0) = 3
[pid 5217] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5217] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5217] munmap(0x7fe0539f9000, 262144) = 0
[pid 5217] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5217] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5217] close(3) = 0
[pid 5217] mkdir("./file0", 0777) = 0
[pid 5217] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5217] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5217] chdir("./file0") = 0
[pid 5217] ioctl(4, LOOP_CLR_FD) = 0
[pid 5217] close(4) = 0
[pid 5217] exit_group(0) = ?
[pid 5217] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5217, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./70/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./70/binderfs") = 0
umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./70/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./70/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./70") = 0
mkdir("./71", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
[ 61.663532][ T5217] loop0: detected capacity change from 0 to 512
[ 61.674305][ T5217] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.683261][ T5217] EXT4-fs (loop0): 1 truncate cleaned up
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5219
./strace-static-x86_64: Process 5219 attached
[pid 5219] chdir("./71") = 0
[pid 5219] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5219] setpgid(0, 0) = 0
[pid 5219] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5219] write(3, "1000", 4) = 4
[pid 5219] close(3) = 0
[pid 5219] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5219] memfd_create("syzkaller", 0) = 3
[pid 5219] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5219] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5219] munmap(0x7fe0539f9000, 262144) = 0
[pid 5219] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5219] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5219] close(3) = 0
[pid 5219] mkdir("./file0", 0777) = 0
[pid 5219] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5219] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5219] chdir("./file0") = 0
[pid 5219] ioctl(4, LOOP_CLR_FD) = 0
[pid 5219] close(4) = 0
[pid 5219] exit_group(0) = ?
[pid 5219] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5219, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./71/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./71/binderfs") = 0
umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./71/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./71/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./71") = 0
mkdir("./72", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5221
./strace-static-x86_64: Process 5221 attached
[pid 5221] chdir("./72") = 0
[pid 5221] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5221] setpgid(0, 0) = 0
[pid 5221] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5221] write(3, "1000", 4) = 4
[pid 5221] close(3) = 0
[pid 5221] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5221] memfd_create("syzkaller", 0) = 3
[pid 5221] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5221] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5221] munmap(0x7fe0539f9000, 262144) = 0
[pid 5221] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 61.753460][ T5219] loop0: detected capacity change from 0 to 512
[ 61.757097][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 61.771950][ T5219] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.780922][ T5219] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5221] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5221] close(3) = 0
[pid 5221] mkdir("./file0", 0777) = 0
[pid 5221] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5221] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5221] chdir("./file0") = 0
[pid 5221] ioctl(4, LOOP_CLR_FD) = 0
[pid 5221] close(4) = 0
[pid 5221] exit_group(0) = ?
[pid 5221] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5221, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./72/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./72/binderfs") = 0
umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./72/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[ 61.825077][ T5221] loop0: detected capacity change from 0 to 512
[ 61.835563][ T5221] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.844582][ T5221] EXT4-fs (loop0): 1 truncate cleaned up
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./72/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./72") = 0
mkdir("./73", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5223
./strace-static-x86_64: Process 5223 attached
[pid 5223] chdir("./73") = 0
[pid 5223] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5223] setpgid(0, 0) = 0
[pid 5223] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5223] write(3, "1000", 4) = 4
[pid 5223] close(3) = 0
[pid 5223] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5223] memfd_create("syzkaller", 0) = 3
[pid 5223] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5223] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5223] munmap(0x7fe0539f9000, 262144) = 0
[pid 5223] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5223] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5223] close(3) = 0
[pid 5223] mkdir("./file0", 0777) = 0
[pid 5223] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5223] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5223] chdir("./file0") = 0
[pid 5223] ioctl(4, LOOP_CLR_FD) = 0
[pid 5223] close(4) = 0
[pid 5223] exit_group(0) = ?
[pid 5223] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5223, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./73", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./73/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./73/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./73/binderfs") = 0
umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./73/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./73/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./73") = 0
mkdir("./74", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5225 attached
, child_tidptr=0x5555564115d0) = 5225
[pid 5225] chdir("./74") = 0
[pid 5225] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5225] setpgid(0, 0) = 0
[pid 5225] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5225] write(3, "1000", 4) = 4
[pid 5225] close(3) = 0
[ 61.904485][ T5223] loop0: detected capacity change from 0 to 512
[ 61.914838][ T5223] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.923622][ T5223] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5225] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5225] memfd_create("syzkaller", 0) = 3
[pid 5225] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5225] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5225] munmap(0x7fe0539f9000, 262144) = 0
[pid 5225] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5225] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5225] close(3) = 0
[pid 5225] mkdir("./file0", 0777) = 0
[pid 5225] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5225] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5225] chdir("./file0") = 0
[pid 5225] ioctl(4, LOOP_CLR_FD) = 0
[pid 5225] close(4) = 0
[pid 5225] exit_group(0) = ?
[pid 5225] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5225, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./74", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./74/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./74/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./74/binderfs") = 0
umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./74/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./74/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./74") = 0
mkdir("./75", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5227
./strace-static-x86_64: Process 5227 attached
[pid 5227] chdir("./75") = 0
[pid 5227] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5227] setpgid(0, 0) = 0
[pid 5227] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5227] write(3, "1000", 4) = 4
[pid 5227] close(3) = 0
[pid 5227] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5227] memfd_create("syzkaller", 0) = 3
[pid 5227] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5227] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5227] munmap(0x7fe0539f9000, 262144) = 0
[pid 5227] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 61.975471][ T5225] loop0: detected capacity change from 0 to 512
[ 61.985764][ T5225] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.995272][ T5225] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5227] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5227] close(3) = 0
[pid 5227] mkdir("./file0", 0777) = 0
[pid 5227] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5227] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5227] chdir("./file0") = 0
[pid 5227] ioctl(4, LOOP_CLR_FD) = 0
[pid 5227] close(4) = 0
[pid 5227] exit_group(0) = ?
[pid 5227] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5227, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./75", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./75/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./75/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./75/binderfs") = 0
umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./75/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./75/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./75") = 0
mkdir("./76", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5229
./strace-static-x86_64: Process 5229 attached
[pid 5229] chdir("./76") = 0
[pid 5229] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5229] setpgid(0, 0) = 0
[pid 5229] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5229] write(3, "1000", 4) = 4
[pid 5229] close(3) = 0
[pid 5229] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5229] memfd_create("syzkaller", 0) = 3
[pid 5229] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5229] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5229] munmap(0x7fe0539f9000, 262144) = 0
[ 62.044772][ T5227] loop0: detected capacity change from 0 to 512
[ 62.055077][ T5227] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.063997][ T5227] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5229] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5229] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5229] close(3) = 0
[pid 5229] mkdir("./file0", 0777) = 0
[pid 5229] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5229] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5229] chdir("./file0") = 0
[pid 5229] ioctl(4, LOOP_CLR_FD) = 0
[pid 5229] close(4) = 0
[pid 5229] exit_group(0) = ?
[pid 5229] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5229, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
umount2("./76", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./76/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./76/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./76/binderfs") = 0
umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./76/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./76/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./76") = 0
mkdir("./77", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5231
./strace-static-x86_64: Process 5231 attached
[pid 5231] chdir("./77") = 0
[pid 5231] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5231] setpgid(0, 0) = 0
[pid 5231] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[ 62.107098][ T5229] loop0: detected capacity change from 0 to 512
[ 62.117506][ T5229] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.126713][ T5229] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5231] write(3, "1000", 4) = 4
[pid 5231] close(3) = 0
[pid 5231] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5231] memfd_create("syzkaller", 0) = 3
[pid 5231] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5231] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5231] munmap(0x7fe0539f9000, 262144) = 0
[pid 5231] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5231] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5231] close(3) = 0
[pid 5231] mkdir("./file0", 0777) = 0
[pid 5231] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5231] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5231] chdir("./file0") = 0
[pid 5231] ioctl(4, LOOP_CLR_FD) = 0
[pid 5231] close(4) = 0
[pid 5231] exit_group(0) = ?
[pid 5231] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5231, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./77", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./77/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./77/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./77/binderfs") = 0
umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[ 62.183339][ T5231] loop0: detected capacity change from 0 to 512
[ 62.193276][ T5231] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.201850][ T5231] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./77/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./77/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./77") = 0
mkdir("./78", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5233
./strace-static-x86_64: Process 5233 attached
[pid 5233] chdir("./78") = 0
[pid 5233] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5233] setpgid(0, 0) = 0
[pid 5233] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5233] write(3, "1000", 4) = 4
[pid 5233] close(3) = 0
[pid 5233] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5233] memfd_create("syzkaller", 0) = 3
[pid 5233] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5233] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5233] munmap(0x7fe0539f9000, 262144) = 0
[pid 5233] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5233] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5233] close(3) = 0
[pid 5233] mkdir("./file0", 0777) = 0
[pid 5233] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5233] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5233] chdir("./file0") = 0
[pid 5233] ioctl(4, LOOP_CLR_FD) = 0
[pid 5233] close(4) = 0
[pid 5233] exit_group(0) = ?
[pid 5233] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5233, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./78", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./78/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./78/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[ 62.263689][ T5233] loop0: detected capacity change from 0 to 512
[ 62.273690][ T5233] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.282313][ T5233] EXT4-fs (loop0): 1 truncate cleaned up
unlink("./78/binderfs") = 0
umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./78/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./78/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./78") = 0
mkdir("./79", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5236
./strace-static-x86_64: Process 5236 attached
[pid 5236] chdir("./79") = 0
[pid 5236] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5236] setpgid(0, 0) = 0
[pid 5236] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5236] write(3, "1000", 4) = 4
[pid 5236] close(3) = 0
[pid 5236] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5236] memfd_create("syzkaller", 0) = 3
[pid 5236] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5236] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5236] munmap(0x7fe0539f9000, 262144) = 0
[pid 5236] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5236] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5236] close(3) = 0
[pid 5236] mkdir("./file0", 0777) = 0
[pid 5236] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5236] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5236] chdir("./file0") = 0
[pid 5236] ioctl(4, LOOP_CLR_FD) = 0
[pid 5236] close(4) = 0
[pid 5236] exit_group(0) = ?
[pid 5236] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5236, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./79", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./79/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./79/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./79/binderfs") = 0
umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./79/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./79/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./79") = 0
mkdir("./80", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5238
./strace-static-x86_64: Process 5238 attached
[pid 5238] chdir("./80") = 0
[pid 5238] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5238] setpgid(0, 0) = 0
[pid 5238] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5238] write(3, "1000", 4) = 4
[pid 5238] close(3) = 0
[pid 5238] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5238] memfd_create("syzkaller", 0) = 3
[pid 5238] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5238] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5238] munmap(0x7fe0539f9000, 262144) = 0
[pid 5238] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 62.346919][ T5236] loop0: detected capacity change from 0 to 512
[ 62.348253][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 62.365868][ T5236] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.374987][ T5236] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5238] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5238] close(3) = 0
[pid 5238] mkdir("./file0", 0777) = 0
[pid 5238] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5238] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5238] chdir("./file0") = 0
[pid 5238] ioctl(4, LOOP_CLR_FD) = 0
[pid 5238] close(4) = 0
[pid 5238] exit_group(0) = ?
[pid 5238] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5238, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./80", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./80/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./80/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./80/binderfs") = 0
umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./80/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./80/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./80") = 0
mkdir("./81", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5240
./strace-static-x86_64: Process 5240 attached
[pid 5240] chdir("./81") = 0
[pid 5240] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5240] setpgid(0, 0) = 0
[pid 5240] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5240] write(3, "1000", 4) = 4
[pid 5240] close(3) = 0
[pid 5240] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5240] memfd_create("syzkaller", 0) = 3
[pid 5240] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5240] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5240] munmap(0x7fe0539f9000, 262144) = 0
[pid 5240] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 62.415577][ T5238] loop0: detected capacity change from 0 to 512
[ 62.425293][ T5238] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.434190][ T5238] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5240] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5240] close(3) = 0
[pid 5240] mkdir("./file0", 0777) = 0
[pid 5240] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5240] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5240] chdir("./file0") = 0
[pid 5240] ioctl(4, LOOP_CLR_FD) = 0
[pid 5240] close(4) = 0
[pid 5240] exit_group(0) = ?
[pid 5240] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5240, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./81", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./81/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./81/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./81/binderfs") = 0
umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./81/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./81/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./81") = 0
mkdir("./82", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5242 attached
, child_tidptr=0x5555564115d0) = 5242
[pid 5242] chdir("./82") = 0
[pid 5242] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5242] setpgid(0, 0) = 0
[pid 5242] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5242] write(3, "1000", 4) = 4
[pid 5242] close(3) = 0
[pid 5242] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5242] memfd_create("syzkaller", 0) = 3
[pid 5242] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5242] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5242] munmap(0x7fe0539f9000, 262144) = 0
[pid 5242] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 62.472933][ T5240] loop0: detected capacity change from 0 to 512
[ 62.476683][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 62.491156][ T5240] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.500360][ T5240] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5242] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5242] close(3) = 0
[pid 5242] mkdir("./file0", 0777) = 0
[pid 5242] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5242] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5242] chdir("./file0") = 0
[pid 5242] ioctl(4, LOOP_CLR_FD) = 0
[pid 5242] close(4) = 0
[pid 5242] exit_group(0) = ?
[pid 5242] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5242, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./82", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./82/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./82/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./82/binderfs") = 0
umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./82/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./82/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./82") = 0
mkdir("./83", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5244
./strace-static-x86_64: Process 5244 attached
[pid 5244] chdir("./83") = 0
[pid 5244] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5244] setpgid(0, 0) = 0
[pid 5244] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5244] write(3, "1000", 4) = 4
[pid 5244] close(3) = 0
[pid 5244] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5244] memfd_create("syzkaller", 0) = 3
[pid 5244] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5244] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5244] munmap(0x7fe0539f9000, 262144) = 0
[pid 5244] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 62.546358][ T5242] loop0: detected capacity change from 0 to 512
[ 62.556698][ T5242] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.565406][ T5242] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5244] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5244] close(3) = 0
[pid 5244] mkdir("./file0", 0777) = 0
[pid 5244] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5244] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5244] chdir("./file0") = 0
[pid 5244] ioctl(4, LOOP_CLR_FD) = 0
[pid 5244] close(4) = 0
[pid 5244] exit_group(0) = ?
[pid 5244] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5244, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./83", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./83/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./83/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./83/binderfs") = 0
umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./83/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./83/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./83") = 0
mkdir("./84", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5246
./strace-static-x86_64: Process 5246 attached
[pid 5246] chdir("./84") = 0
[pid 5246] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5246] setpgid(0, 0) = 0
[pid 5246] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5246] write(3, "1000", 4) = 4
[pid 5246] close(3) = 0
[pid 5246] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5246] memfd_create("syzkaller", 0) = 3
[pid 5246] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[ 62.606459][ T5244] loop0: detected capacity change from 0 to 512
[ 62.616942][ T5244] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.625685][ T5244] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5246] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5246] munmap(0x7fe0539f9000, 262144) = 0
[pid 5246] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5246] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5246] close(3) = 0
[pid 5246] mkdir("./file0", 0777) = 0
[pid 5246] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5246] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5246] chdir("./file0") = 0
[pid 5246] ioctl(4, LOOP_CLR_FD) = 0
[pid 5246] close(4) = 0
[pid 5246] exit_group(0) = ?
[pid 5246] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5246, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./84", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./84/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./84/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./84/binderfs") = 0
[ 62.672939][ T5246] loop0: detected capacity change from 0 to 512
[ 62.682977][ T5246] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.692009][ T5246] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./84/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./84/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./84") = 0
mkdir("./85", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5248
./strace-static-x86_64: Process 5248 attached
[pid 5248] chdir("./85") = 0
[pid 5248] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5248] setpgid(0, 0) = 0
[pid 5248] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5248] write(3, "1000", 4) = 4
[pid 5248] close(3) = 0
[pid 5248] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5248] memfd_create("syzkaller", 0) = 3
[pid 5248] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5248] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5248] munmap(0x7fe0539f9000, 262144) = 0
[pid 5248] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5248] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5248] close(3) = 0
[pid 5248] mkdir("./file0", 0777) = 0
[pid 5248] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5248] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5248] chdir("./file0") = 0
[pid 5248] ioctl(4, LOOP_CLR_FD) = 0
[pid 5248] close(4) = 0
[pid 5248] exit_group(0) = ?
[pid 5248] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5248, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./85", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./85/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./85/binderfs") = 0
umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./85/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./85/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./85") = 0
mkdir("./86", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5250
./strace-static-x86_64: Process 5250 attached
[pid 5250] chdir("./86") = 0
[pid 5250] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5250] setpgid(0, 0) = 0
[pid 5250] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5250] write(3, "1000", 4) = 4
[ 62.754849][ T5248] loop0: detected capacity change from 0 to 512
[ 62.765138][ T5248] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.773764][ T5248] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5250] close(3) = 0
[pid 5250] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5250] memfd_create("syzkaller", 0) = 3
[pid 5250] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5250] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5250] munmap(0x7fe0539f9000, 262144) = 0
[pid 5250] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5250] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5250] close(3) = 0
[pid 5250] mkdir("./file0", 0777) = 0
[pid 5250] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5250] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5250] chdir("./file0") = 0
[pid 5250] ioctl(4, LOOP_CLR_FD) = 0
[pid 5250] close(4) = 0
[pid 5250] exit_group(0) = ?
[pid 5250] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5250, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./86", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./86/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./86/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./86/binderfs") = 0
umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./86/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./86/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./86") = 0
mkdir("./87", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5252
./strace-static-x86_64: Process 5252 attached
[pid 5252] chdir("./87") = 0
[pid 5252] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5252] setpgid(0, 0) = 0
[pid 5252] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5252] write(3, "1000", 4) = 4
[pid 5252] close(3) = 0
[pid 5252] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5252] memfd_create("syzkaller", 0) = 3
[pid 5252] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5252] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5252] munmap(0x7fe0539f9000, 262144) = 0
[pid 5252] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 62.824026][ T5250] loop0: detected capacity change from 0 to 512
[ 62.834667][ T5250] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.843924][ T5250] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5252] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5252] close(3) = 0
[pid 5252] mkdir("./file0", 0777) = 0
[pid 5252] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5252] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5252] chdir("./file0") = 0
[pid 5252] ioctl(4, LOOP_CLR_FD) = 0
[pid 5252] close(4) = 0
[pid 5252] exit_group(0) = ?
[pid 5252] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5252, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./87", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./87/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./87/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./87/binderfs") = 0
umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./87/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./87/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./87") = 0
mkdir("./88", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5254
./strace-static-x86_64: Process 5254 attached
[pid 5254] chdir("./88") = 0
[pid 5254] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5254] setpgid(0, 0) = 0
[pid 5254] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5254] write(3, "1000", 4) = 4
[pid 5254] close(3) = 0
[pid 5254] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5254] memfd_create("syzkaller", 0) = 3
[pid 5254] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5254] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[ 62.891792][ T5252] loop0: detected capacity change from 0 to 512
[ 62.901456][ T5252] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.910393][ T5252] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5254] munmap(0x7fe0539f9000, 262144) = 0
[pid 5254] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5254] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5254] close(3) = 0
[pid 5254] mkdir("./file0", 0777) = 0
[pid 5254] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5254] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5254] chdir("./file0") = 0
[pid 5254] ioctl(4, LOOP_CLR_FD) = 0
[pid 5254] close(4) = 0
[pid 5254] exit_group(0) = ?
[pid 5254] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5254, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./88", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./88/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./88/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./88/binderfs") = 0
umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./88/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./88/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./88") = 0
mkdir("./89", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5256
[ 62.954349][ T5254] loop0: detected capacity change from 0 to 512
[ 62.964873][ T5254] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.973989][ T5254] EXT4-fs (loop0): 1 truncate cleaned up
./strace-static-x86_64: Process 5256 attached
[pid 5256] chdir("./89") = 0
[pid 5256] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5256] setpgid(0, 0) = 0
[pid 5256] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5256] write(3, "1000", 4) = 4
[pid 5256] close(3) = 0
[pid 5256] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5256] memfd_create("syzkaller", 0) = 3
[pid 5256] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5256] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5256] munmap(0x7fe0539f9000, 262144) = 0
[pid 5256] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5256] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5256] close(3) = 0
[pid 5256] mkdir("./file0", 0777) = 0
[pid 5256] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5256] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5256] chdir("./file0") = 0
[pid 5256] ioctl(4, LOOP_CLR_FD) = 0
[pid 5256] close(4) = 0
[pid 5256] exit_group(0) = ?
[pid 5256] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5256, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./89", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./89/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./89/binderfs") = 0
umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./89/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./89/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./89") = 0
mkdir("./90", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5258 attached
, child_tidptr=0x5555564115d0) = 5258
[pid 5258] chdir("./90") = 0
[pid 5258] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5258] setpgid(0, 0) = 0
[pid 5258] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5258] write(3, "1000", 4) = 4
[pid 5258] close(3) = 0
[pid 5258] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5258] memfd_create("syzkaller", 0) = 3
[pid 5258] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5258] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5258] munmap(0x7fe0539f9000, 262144) = 0
[pid 5258] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 63.025635][ T5256] loop0: detected capacity change from 0 to 512
[ 63.035758][ T5256] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.044824][ T5256] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5258] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5258] close(3) = 0
[pid 5258] mkdir("./file0", 0777) = 0
[pid 5258] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5258] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5258] chdir("./file0") = 0
[pid 5258] ioctl(4, LOOP_CLR_FD) = 0
[pid 5258] close(4) = 0
[pid 5258] exit_group(0) = ?
[pid 5258] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5258, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./90", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./90/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./90/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./90/binderfs") = 0
umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./90/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./90/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./90") = 0
mkdir("./91", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5260
./strace-static-x86_64: Process 5260 attached
[pid 5260] chdir("./91") = 0
[pid 5260] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5260] setpgid(0, 0) = 0
[pid 5260] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5260] write(3, "1000", 4) = 4
[pid 5260] close(3) = 0
[pid 5260] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5260] memfd_create("syzkaller", 0) = 3
[pid 5260] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5260] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5260] munmap(0x7fe0539f9000, 262144) = 0
[pid 5260] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 63.086084][ T5258] loop0: detected capacity change from 0 to 512
[ 63.090890][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 63.104839][ T5258] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.114444][ T5258] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5260] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5260] close(3) = 0
[pid 5260] mkdir("./file0", 0777) = 0
[pid 5260] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5260] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5260] chdir("./file0") = 0
[pid 5260] ioctl(4, LOOP_CLR_FD) = 0
[pid 5260] close(4) = 0
[pid 5260] exit_group(0) = ?
[pid 5260] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5260, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./91", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./91/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./91/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./91/binderfs") = 0
umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./91/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./91/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./91") = 0
mkdir("./92", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5262
./strace-static-x86_64: Process 5262 attached
[pid 5262] chdir("./92") = 0
[pid 5262] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5262] setpgid(0, 0) = 0
[pid 5262] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5262] write(3, "1000", 4) = 4
[pid 5262] close(3) = 0
[pid 5262] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5262] memfd_create("syzkaller", 0) = 3
[pid 5262] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5262] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5262] munmap(0x7fe0539f9000, 262144) = 0
[pid 5262] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 63.155820][ T5260] loop0: detected capacity change from 0 to 512
[ 63.159242][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 63.175597][ T5260] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.184895][ T5260] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5262] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5262] close(3) = 0
[pid 5262] mkdir("./file0", 0777) = 0
[pid 5262] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5262] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5262] chdir("./file0") = 0
[pid 5262] ioctl(4, LOOP_CLR_FD) = 0
[pid 5262] close(4) = 0
[pid 5262] exit_group(0) = ?
[pid 5262] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5262, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./92", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./92/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./92/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./92/binderfs") = 0
umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./92/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./92/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./92") = 0
mkdir("./93", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5264
./strace-static-x86_64: Process 5264 attached
[pid 5264] chdir("./93") = 0
[pid 5264] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5264] setpgid(0, 0) = 0
[pid 5264] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5264] write(3, "1000", 4) = 4
[pid 5264] close(3) = 0
[pid 5264] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5264] memfd_create("syzkaller", 0) = 3
[pid 5264] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5264] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5264] munmap(0x7fe0539f9000, 262144) = 0
[pid 5264] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 63.229687][ T5262] loop0: detected capacity change from 0 to 512
[ 63.241673][ T5262] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.250606][ T5262] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5264] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5264] close(3) = 0
[pid 5264] mkdir("./file0", 0777) = 0
[pid 5264] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5264] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5264] chdir("./file0") = 0
[pid 5264] ioctl(4, LOOP_CLR_FD) = 0
[pid 5264] close(4) = 0
[pid 5264] exit_group(0) = ?
[pid 5264] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5264, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./93", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./93/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./93/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./93/binderfs") = 0
umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./93/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./93/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./93") = 0
mkdir("./94", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5266
./strace-static-x86_64: Process 5266 attached
[pid 5266] chdir("./94") = 0
[pid 5266] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5266] setpgid(0, 0) = 0
[pid 5266] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5266] write(3, "1000", 4) = 4
[pid 5266] close(3) = 0
[pid 5266] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5266] memfd_create("syzkaller", 0) = 3
[pid 5266] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5266] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5266] munmap(0x7fe0539f9000, 262144) = 0
[pid 5266] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 63.311192][ T5264] loop0: detected capacity change from 0 to 512
[ 63.321984][ T5264] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.332389][ T5264] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5266] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5266] close(3) = 0
[pid 5266] mkdir("./file0", 0777) = 0
[pid 5266] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5266] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5266] chdir("./file0") = 0
[pid 5266] ioctl(4, LOOP_CLR_FD) = 0
[pid 5266] close(4) = 0
[pid 5266] exit_group(0) = ?
[pid 5266] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5266, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./94", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./94/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./94/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./94/binderfs") = 0
[ 63.372810][ T5266] loop0: detected capacity change from 0 to 512
[ 63.382687][ T5266] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.391743][ T5266] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./94/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./94/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./94") = 0
mkdir("./95", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5268
./strace-static-x86_64: Process 5268 attached
[pid 5268] chdir("./95") = 0
[pid 5268] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5268] setpgid(0, 0) = 0
[pid 5268] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5268] write(3, "1000", 4) = 4
[pid 5268] close(3) = 0
[pid 5268] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5268] memfd_create("syzkaller", 0) = 3
[pid 5268] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5268] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5268] munmap(0x7fe0539f9000, 262144) = 0
[pid 5268] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5268] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5268] close(3) = 0
[pid 5268] mkdir("./file0", 0777) = 0
[pid 5268] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5268] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5268] chdir("./file0") = 0
[pid 5268] ioctl(4, LOOP_CLR_FD) = 0
[pid 5268] close(4) = 0
[pid 5268] exit_group(0) = ?
[pid 5268] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5268, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./95", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./95/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./95/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./95/binderfs") = 0
umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./95/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./95/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./95") = 0
mkdir("./96", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5270 attached
, child_tidptr=0x5555564115d0) = 5270
[pid 5270] chdir("./96") = 0
[pid 5270] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5270] setpgid(0, 0) = 0
[pid 5270] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5270] write(3, "1000", 4) = 4
[pid 5270] close(3) = 0
[pid 5270] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5270] memfd_create("syzkaller", 0) = 3
[ 63.464690][ T5268] loop0: detected capacity change from 0 to 512
[ 63.474863][ T5268] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.484295][ T5268] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5270] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5270] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5270] munmap(0x7fe0539f9000, 262144) = 0
[pid 5270] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5270] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5270] close(3) = 0
[pid 5270] mkdir("./file0", 0777) = 0
[pid 5270] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5270] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5270] chdir("./file0") = 0
[pid 5270] ioctl(4, LOOP_CLR_FD) = 0
[pid 5270] close(4) = 0
[pid 5270] exit_group(0) = ?
[pid 5270] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5270, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./96", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./96/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./96/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./96/binderfs") = 0
umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./96/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./96/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./96") = 0
mkdir("./97", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5272
./strace-static-x86_64: Process 5272 attached
[pid 5272] chdir("./97") = 0
[pid 5272] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5272] setpgid(0, 0) = 0
[pid 5272] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5272] write(3, "1000", 4) = 4
[pid 5272] close(3) = 0
[pid 5272] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5272] memfd_create("syzkaller", 0) = 3
[ 63.532536][ T5270] loop0: detected capacity change from 0 to 512
[ 63.542561][ T5270] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.551175][ T5270] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5272] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5272] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5272] munmap(0x7fe0539f9000, 262144) = 0
[pid 5272] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5272] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5272] close(3) = 0
[pid 5272] mkdir("./file0", 0777) = 0
[pid 5272] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5272] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5272] chdir("./file0") = 0
[pid 5272] ioctl(4, LOOP_CLR_FD) = 0
[pid 5272] close(4) = 0
[pid 5272] exit_group(0) = ?
[pid 5272] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5272, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./97", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./97/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./97/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./97/binderfs") = 0
umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./97/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./97/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./97") = 0
mkdir("./98", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
[ 63.598728][ T5272] loop0: detected capacity change from 0 to 512
[ 63.609853][ T5272] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.618757][ T5272] EXT4-fs (loop0): 1 truncate cleaned up
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5274 attached
, child_tidptr=0x5555564115d0) = 5274
[pid 5274] chdir("./98") = 0
[pid 5274] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5274] setpgid(0, 0) = 0
[pid 5274] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5274] write(3, "1000", 4) = 4
[pid 5274] close(3) = 0
[pid 5274] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5274] memfd_create("syzkaller", 0) = 3
[pid 5274] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5274] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5274] munmap(0x7fe0539f9000, 262144) = 0
[pid 5274] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5274] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5274] close(3) = 0
[pid 5274] mkdir("./file0", 0777) = 0
[pid 5274] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5274] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5274] chdir("./file0") = 0
[pid 5274] ioctl(4, LOOP_CLR_FD) = 0
[pid 5274] close(4) = 0
[pid 5274] exit_group(0) = ?
[pid 5274] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5274, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./98", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./98/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./98/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./98/binderfs") = 0
umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./98/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./98/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./98") = 0
mkdir("./99", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5276
./strace-static-x86_64: Process 5276 attached
[pid 5276] chdir("./99") = 0
[pid 5276] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5276] setpgid(0, 0) = 0
[pid 5276] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5276] write(3, "1000", 4) = 4
[pid 5276] close(3) = 0
[pid 5276] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5276] memfd_create("syzkaller", 0) = 3
[pid 5276] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5276] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5276] munmap(0x7fe0539f9000, 262144) = 0
[pid 5276] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 63.692003][ T5274] loop0: detected capacity change from 0 to 512
[ 63.703258][ T5274] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.712008][ T5274] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5276] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5276] close(3) = 0
[pid 5276] mkdir("./file0", 0777) = 0
[pid 5276] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5276] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5276] chdir("./file0") = 0
[pid 5276] ioctl(4, LOOP_CLR_FD) = 0
[pid 5276] close(4) = 0
[pid 5276] exit_group(0) = ?
[pid 5276] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5276, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./99", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./99/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./99/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./99/binderfs") = 0
umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./99/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./99/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./99") = 0
mkdir("./100", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5278
./strace-static-x86_64: Process 5278 attached
[pid 5278] chdir("./100") = 0
[pid 5278] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5278] setpgid(0, 0) = 0
[pid 5278] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5278] write(3, "1000", 4) = 4
[pid 5278] close(3) = 0
[pid 5278] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5278] memfd_create("syzkaller", 0) = 3
[pid 5278] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5278] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5278] munmap(0x7fe0539f9000, 262144) = 0
[pid 5278] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 63.763919][ T5276] loop0: detected capacity change from 0 to 512
[ 63.774886][ T5276] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.783965][ T5276] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5278] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5278] close(3) = 0
[pid 5278] mkdir("./file0", 0777) = 0
[pid 5278] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5278] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5278] chdir("./file0") = 0
[pid 5278] ioctl(4, LOOP_CLR_FD) = 0
[pid 5278] close(4) = 0
[pid 5278] exit_group(0) = ?
[pid 5278] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5278, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./100", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./100/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./100/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./100/binderfs") = 0
umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./100/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./100/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./100") = 0
mkdir("./101", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5280
./strace-static-x86_64: Process 5280 attached
[pid 5280] chdir("./101") = 0
[ 63.833932][ T5278] loop0: detected capacity change from 0 to 512
[ 63.843842][ T5278] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.852971][ T5278] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5280] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5280] setpgid(0, 0) = 0
[pid 5280] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5280] write(3, "1000", 4) = 4
[pid 5280] close(3) = 0
[pid 5280] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5280] memfd_create("syzkaller", 0) = 3
[pid 5280] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5280] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5280] munmap(0x7fe0539f9000, 262144) = 0
[pid 5280] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5280] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5280] close(3) = 0
[pid 5280] mkdir("./file0", 0777) = 0
[pid 5280] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5280] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5280] chdir("./file0") = 0
[pid 5280] ioctl(4, LOOP_CLR_FD) = 0
[pid 5280] close(4) = 0
[pid 5280] exit_group(0) = ?
[pid 5280] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5280, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./101", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./101/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./101/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[ 63.908012][ T5280] loop0: detected capacity change from 0 to 512
[ 63.918455][ T5280] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.927390][ T5280] EXT4-fs (loop0): 1 truncate cleaned up
unlink("./101/binderfs") = 0
umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./101/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./101/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./101") = 0
mkdir("./102", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5282
./strace-static-x86_64: Process 5282 attached
[pid 5282] chdir("./102") = 0
[pid 5282] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5282] setpgid(0, 0) = 0
[pid 5282] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5282] write(3, "1000", 4) = 4
[pid 5282] close(3) = 0
[pid 5282] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5282] memfd_create("syzkaller", 0) = 3
[pid 5282] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5282] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5282] munmap(0x7fe0539f9000, 262144) = 0
[pid 5282] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5282] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5282] close(3) = 0
[pid 5282] mkdir("./file0", 0777) = 0
[pid 5282] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5282] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5282] chdir("./file0") = 0
[pid 5282] ioctl(4, LOOP_CLR_FD) = 0
[pid 5282] close(4) = 0
[pid 5282] exit_group(0) = ?
[pid 5282] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5282, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./102", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./102/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./102/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./102/binderfs") = 0
umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./102/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./102/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./102") = 0
mkdir("./103", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5284
./strace-static-x86_64: Process 5284 attached
[pid 5284] chdir("./103") = 0
[pid 5284] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5284] setpgid(0, 0) = 0
[pid 5284] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5284] write(3, "1000", 4) = 4
[pid 5284] close(3) = 0
[pid 5284] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5284] memfd_create("syzkaller", 0) = 3
[pid 5284] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5284] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5284] munmap(0x7fe0539f9000, 262144) = 0
[pid 5284] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 63.990240][ T5282] loop0: detected capacity change from 0 to 512
[ 64.001094][ T5282] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.010359][ T5282] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5284] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5284] close(3) = 0
[pid 5284] mkdir("./file0", 0777) = 0
[pid 5284] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5284] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5284] chdir("./file0") = 0
[pid 5284] ioctl(4, LOOP_CLR_FD) = 0
[pid 5284] close(4) = 0
[pid 5284] exit_group(0) = ?
[pid 5284] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5284, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./103", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./103/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./103/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./103/binderfs") = 0
umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./103/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./103/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./103") = 0
mkdir("./104", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5286
./strace-static-x86_64: Process 5286 attached
[pid 5286] chdir("./104") = 0
[pid 5286] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5286] setpgid(0, 0) = 0
[pid 5286] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5286] write(3, "1000", 4) = 4
[pid 5286] close(3) = 0
[pid 5286] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5286] memfd_create("syzkaller", 0) = 3
[pid 5286] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5286] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5286] munmap(0x7fe0539f9000, 262144) = 0
[pid 5286] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 64.046850][ T5284] loop0: detected capacity change from 0 to 512
[ 64.051010][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 64.064716][ T5284] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.073592][ T5284] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5286] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5286] close(3) = 0
[pid 5286] mkdir("./file0", 0777) = 0
[pid 5286] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5286] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5286] chdir("./file0") = 0
[pid 5286] ioctl(4, LOOP_CLR_FD) = 0
[pid 5286] close(4) = 0
[pid 5286] exit_group(0) = ?
[pid 5286] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5286, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[ 64.119954][ T5286] loop0: detected capacity change from 0 to 512
[ 64.129532][ T5286] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.138637][ T5286] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./104", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./104/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./104/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./104/binderfs") = 0
umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./104/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./104/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./104") = 0
mkdir("./105", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5288
./strace-static-x86_64: Process 5288 attached
[pid 5288] chdir("./105") = 0
[pid 5288] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5288] setpgid(0, 0) = 0
[pid 5288] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5288] write(3, "1000", 4) = 4
[pid 5288] close(3) = 0
[pid 5288] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5288] memfd_create("syzkaller", 0) = 3
[pid 5288] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5288] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5288] munmap(0x7fe0539f9000, 262144) = 0
[pid 5288] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5288] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5288] close(3) = 0
[pid 5288] mkdir("./file0", 0777) = 0
[pid 5288] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5288] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5288] chdir("./file0") = 0
[pid 5288] ioctl(4, LOOP_CLR_FD) = 0
[pid 5288] close(4) = 0
[pid 5288] exit_group(0) = ?
[pid 5288] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5288, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[ 64.220968][ T5288] loop0: detected capacity change from 0 to 512
[ 64.231004][ T5288] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.239784][ T5288] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./105", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./105/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./105/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./105/binderfs") = 0
umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./105/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./105/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./105") = 0
mkdir("./106", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5290 attached
[pid 5290] chdir("./106"
[pid 5074] <... clone resumed>, child_tidptr=0x5555564115d0) = 5290
[pid 5290] <... chdir resumed>) = 0
[pid 5290] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5290] setpgid(0, 0) = 0
[pid 5290] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5290] write(3, "1000", 4) = 4
[pid 5290] close(3) = 0
[pid 5290] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5290] memfd_create("syzkaller", 0) = 3
[pid 5290] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5290] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5290] munmap(0x7fe0539f9000, 262144) = 0
[pid 5290] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5290] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5290] close(3) = 0
[pid 5290] mkdir("./file0", 0777) = 0
[pid 5290] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5290] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5290] chdir("./file0") = 0
[pid 5290] ioctl(4, LOOP_CLR_FD) = 0
[pid 5290] close(4) = 0
[pid 5290] exit_group(0) = ?
[pid 5290] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5290, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./106", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./106/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./106/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./106/binderfs") = 0
umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./106/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./106/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./106") = 0
mkdir("./107", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
[ 64.318881][ T5290] loop0: detected capacity change from 0 to 512
[ 64.329877][ T5290] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.339085][ T5290] EXT4-fs (loop0): 1 truncate cleaned up
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5292
./strace-static-x86_64: Process 5292 attached
[pid 5292] chdir("./107") = 0
[pid 5292] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5292] setpgid(0, 0) = 0
[pid 5292] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5292] write(3, "1000", 4) = 4
[pid 5292] close(3) = 0
[pid 5292] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5292] memfd_create("syzkaller", 0) = 3
[pid 5292] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5292] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5292] munmap(0x7fe0539f9000, 262144) = 0
[pid 5292] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5292] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5292] close(3) = 0
[pid 5292] mkdir("./file0", 0777) = 0
[pid 5292] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5292] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5292] chdir("./file0") = 0
[pid 5292] ioctl(4, LOOP_CLR_FD) = 0
[pid 5292] close(4) = 0
[pid 5292] exit_group(0) = ?
[pid 5292] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5292, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./107", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./107/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./107/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./107/binderfs") = 0
umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./107/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./107/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./107") = 0
mkdir("./108", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5294
./strace-static-x86_64: Process 5294 attached
[pid 5294] chdir("./108") = 0
[pid 5294] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5294] setpgid(0, 0) = 0
[pid 5294] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5294] write(3, "1000", 4) = 4
[pid 5294] close(3) = 0
[pid 5294] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5294] memfd_create("syzkaller", 0) = 3
[pid 5294] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5294] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5294] munmap(0x7fe0539f9000, 262144) = 0
[pid 5294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 64.405366][ T5292] loop0: detected capacity change from 0 to 512
[ 64.425046][ T5292] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.433560][ T5292] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5294] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5294] close(3) = 0
[pid 5294] mkdir("./file0", 0777) = 0
[pid 5294] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5294] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5294] chdir("./file0") = 0
[pid 5294] ioctl(4, LOOP_CLR_FD) = 0
[pid 5294] close(4) = 0
[pid 5294] exit_group(0) = ?
[pid 5294] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5294, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./108", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./108/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./108/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./108/binderfs") = 0
umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./108/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./108/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./108") = 0
mkdir("./109", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5296
./strace-static-x86_64: Process 5296 attached
[pid 5296] chdir("./109") = 0
[pid 5296] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5296] setpgid(0, 0) = 0
[pid 5296] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5296] write(3, "1000", 4) = 4
[pid 5296] close(3) = 0
[pid 5296] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5296] memfd_create("syzkaller", 0) = 3
[pid 5296] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5296] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5296] munmap(0x7fe0539f9000, 262144) = 0
[pid 5296] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 64.479309][ T5294] loop0: detected capacity change from 0 to 512
[ 64.479886][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 64.498351][ T5294] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.506696][ T5294] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5296] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5296] close(3) = 0
[pid 5296] mkdir("./file0", 0777) = 0
[pid 5296] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5296] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5296] chdir("./file0") = 0
[pid 5296] ioctl(4, LOOP_CLR_FD) = 0
[pid 5296] close(4) = 0
[pid 5296] exit_group(0) = ?
[pid 5296] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5296, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./109", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./109/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./109/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./109/binderfs") = 0
umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./109/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./109/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./109") = 0
mkdir("./110", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5298
./strace-static-x86_64: Process 5298 attached
[pid 5298] chdir("./110") = 0
[pid 5298] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5298] setpgid(0, 0) = 0
[pid 5298] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5298] write(3, "1000", 4) = 4
[pid 5298] close(3) = 0
[pid 5298] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5298] memfd_create("syzkaller", 0) = 3
[pid 5298] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5298] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5298] munmap(0x7fe0539f9000, 262144) = 0
[pid 5298] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 64.544163][ T5296] loop0: detected capacity change from 0 to 512
[ 64.546118][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 64.562146][ T5296] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.571441][ T5296] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5298] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5298] close(3) = 0
[pid 5298] mkdir("./file0", 0777) = 0
[pid 5298] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5298] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5298] chdir("./file0") = 0
[pid 5298] ioctl(4, LOOP_CLR_FD) = 0
[pid 5298] close(4) = 0
[pid 5298] exit_group(0) = ?
[pid 5298] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5298, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./110", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./110/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./110/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./110/binderfs") = 0
umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./110/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./110/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./110") = 0
mkdir("./111", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5300
[ 64.613425][ T5298] loop0: detected capacity change from 0 to 512
[ 64.617255][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 64.632129][ T5298] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.641054][ T5298] EXT4-fs (loop0): 1 truncate cleaned up
./strace-static-x86_64: Process 5300 attached
[pid 5300] chdir("./111") = 0
[pid 5300] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5300] setpgid(0, 0) = 0
[pid 5300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5300] write(3, "1000", 4) = 4
[pid 5300] close(3) = 0
[pid 5300] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5300] memfd_create("syzkaller", 0) = 3
[pid 5300] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5300] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5300] munmap(0x7fe0539f9000, 262144) = 0
[pid 5300] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5300] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5300] close(3) = 0
[pid 5300] mkdir("./file0", 0777) = 0
[pid 5300] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5300] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5300] chdir("./file0") = 0
[pid 5300] ioctl(4, LOOP_CLR_FD) = 0
[pid 5300] close(4) = 0
[pid 5300] exit_group(0) = ?
[pid 5300] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5300, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./111", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./111/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./111/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./111/binderfs") = 0
umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./111/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./111/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./111") = 0
mkdir("./112", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
[ 64.707361][ T5300] loop0: detected capacity change from 0 to 512
[ 64.717627][ T5300] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.726379][ T5300] EXT4-fs (loop0): 1 truncate cleaned up
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5302
./strace-static-x86_64: Process 5302 attached
[pid 5302] chdir("./112") = 0
[pid 5302] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5302] setpgid(0, 0) = 0
[pid 5302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5302] write(3, "1000", 4) = 4
[pid 5302] close(3) = 0
[pid 5302] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5302] memfd_create("syzkaller", 0) = 3
[pid 5302] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5302] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5302] munmap(0x7fe0539f9000, 262144) = 0
[pid 5302] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5302] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5302] close(3) = 0
[pid 5302] mkdir("./file0", 0777) = 0
[pid 5302] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5302] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5302] chdir("./file0") = 0
[pid 5302] ioctl(4, LOOP_CLR_FD) = 0
[pid 5302] close(4) = 0
[pid 5302] exit_group(0) = ?
[pid 5302] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5302, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./112", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./112/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./112/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./112/binderfs") = 0
umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./112/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./112/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./112") = 0
mkdir("./113", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5304
./strace-static-x86_64: Process 5304 attached
[pid 5304] chdir("./113") = 0
[pid 5304] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5304] setpgid(0, 0) = 0
[pid 5304] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5304] write(3, "1000", 4) = 4
[pid 5304] close(3) = 0
[pid 5304] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5304] memfd_create("syzkaller", 0) = 3
[pid 5304] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5304] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5304] munmap(0x7fe0539f9000, 262144) = 0
[pid 5304] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 64.767037][ T5302] loop0: detected capacity change from 0 to 512
[ 64.769958][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 64.785388][ T5302] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.796756][ T5302] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5304] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5304] close(3) = 0
[pid 5304] mkdir("./file0", 0777) = 0
[pid 5304] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5304] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5304] chdir("./file0") = 0
[pid 5304] ioctl(4, LOOP_CLR_FD) = 0
[pid 5304] close(4) = 0
[pid 5304] exit_group(0) = ?
[pid 5304] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5304, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./113", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./113/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./113/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./113/binderfs") = 0
umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./113/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./113/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./113") = 0
mkdir("./114", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5306
./strace-static-x86_64: Process 5306 attached
[pid 5306] chdir("./114") = 0
[pid 5306] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5306] setpgid(0, 0) = 0
[pid 5306] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5306] write(3, "1000", 4) = 4
[pid 5306] close(3) = 0
[pid 5306] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5306] memfd_create("syzkaller", 0) = 3
[pid 5306] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5306] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5306] munmap(0x7fe0539f9000, 262144) = 0
[pid 5306] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 64.845088][ T5304] loop0: detected capacity change from 0 to 512
[ 64.855511][ T5304] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.864625][ T5304] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5306] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5306] close(3) = 0
[pid 5306] mkdir("./file0", 0777) = 0
[pid 5306] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5306] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5306] chdir("./file0") = 0
[pid 5306] ioctl(4, LOOP_CLR_FD) = 0
[pid 5306] close(4) = 0
[pid 5306] exit_group(0) = ?
[pid 5306] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5306, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./114", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./114/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./114/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./114/binderfs") = 0
umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./114/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./114/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./114") = 0
mkdir("./115", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5308
./strace-static-x86_64: Process 5308 attached
[pid 5308] chdir("./115") = 0
[pid 5308] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5308] setpgid(0, 0) = 0
[pid 5308] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5308] write(3, "1000", 4) = 4
[pid 5308] close(3) = 0
[pid 5308] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5308] memfd_create("syzkaller", 0) = 3
[pid 5308] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5308] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5308] munmap(0x7fe0539f9000, 262144) = 0
[pid 5308] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 64.898286][ T5306] loop0: detected capacity change from 0 to 512
[ 64.908327][ T5306] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.917977][ T5306] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5308] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5308] close(3) = 0
[pid 5308] mkdir("./file0", 0777) = 0
[pid 5308] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5308] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5308] chdir("./file0") = 0
[pid 5308] ioctl(4, LOOP_CLR_FD) = 0
[pid 5308] close(4) = 0
[pid 5308] exit_group(0) = ?
[pid 5308] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5308, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./115", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./115/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./115/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./115/binderfs") = 0
umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./115/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./115/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./115") = 0
mkdir("./116", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5310
./strace-static-x86_64: Process 5310 attached
[pid 5310] chdir("./116") = 0
[pid 5310] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5310] setpgid(0, 0) = 0
[pid 5310] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5310] write(3, "1000", 4) = 4
[pid 5310] close(3) = 0
[pid 5310] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5310] memfd_create("syzkaller", 0) = 3
[pid 5310] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5310] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5310] munmap(0x7fe0539f9000, 262144) = 0
[pid 5310] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 64.960912][ T5308] loop0: detected capacity change from 0 to 512
[ 64.971407][ T5308] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.981121][ T5308] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5310] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5310] close(3) = 0
[pid 5310] mkdir("./file0", 0777) = 0
[pid 5310] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5310] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5310] chdir("./file0") = 0
[pid 5310] ioctl(4, LOOP_CLR_FD) = 0
[pid 5310] close(4) = 0
[pid 5310] exit_group(0) = ?
[pid 5310] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5310, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./116", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[ 65.041687][ T5310] loop0: detected capacity change from 0 to 512
[ 65.050993][ T5310] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.060203][ T5310] EXT4-fs (loop0): 1 truncate cleaned up
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./116/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./116/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./116/binderfs") = 0
umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./116/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./116/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./116") = 0
mkdir("./117", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5312 attached
, child_tidptr=0x5555564115d0) = 5312
[pid 5312] chdir("./117") = 0
[pid 5312] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5312] setpgid(0, 0) = 0
[pid 5312] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5312] write(3, "1000", 4) = 4
[pid 5312] close(3) = 0
[pid 5312] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5312] memfd_create("syzkaller", 0) = 3
[pid 5312] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5312] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5312] munmap(0x7fe0539f9000, 262144) = 0
[pid 5312] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5312] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5312] close(3) = 0
[pid 5312] mkdir("./file0", 0777) = 0
[pid 5312] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5312] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5312] chdir("./file0") = 0
[pid 5312] ioctl(4, LOOP_CLR_FD) = 0
[pid 5312] close(4) = 0
[pid 5312] exit_group(0) = ?
[pid 5312] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5312, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./117", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./117/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./117/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./117/binderfs") = 0
umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./117/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./117/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./117") = 0
mkdir("./118", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5314
./strace-static-x86_64: Process 5314 attached
[pid 5314] chdir("./118") = 0
[pid 5314] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5314] setpgid(0, 0) = 0
[pid 5314] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5314] write(3, "1000", 4) = 4
[pid 5314] close(3) = 0
[pid 5314] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5314] memfd_create("syzkaller", 0) = 3
[pid 5314] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[ 65.131926][ T5312] loop0: detected capacity change from 0 to 512
[ 65.141968][ T5312] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.150845][ T5312] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5314] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5314] munmap(0x7fe0539f9000, 262144) = 0
[pid 5314] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5314] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5314] close(3) = 0
[pid 5314] mkdir("./file0", 0777) = 0
[pid 5314] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5314] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5314] chdir("./file0") = 0
[pid 5314] ioctl(4, LOOP_CLR_FD) = 0
[pid 5314] close(4) = 0
[pid 5314] exit_group(0) = ?
[pid 5314] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5314, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./118", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./118/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./118/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./118/binderfs") = 0
umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./118/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./118/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./118") = 0
mkdir("./119", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5316
./strace-static-x86_64: Process 5316 attached
[pid 5316] chdir("./119") = 0
[pid 5316] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5316] setpgid(0, 0) = 0
[pid 5316] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5316] write(3, "1000", 4) = 4
[pid 5316] close(3) = 0
[pid 5316] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5316] memfd_create("syzkaller", 0) = 3
[pid 5316] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5316] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5316] munmap(0x7fe0539f9000, 262144) = 0
[pid 5316] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 65.195033][ T5314] loop0: detected capacity change from 0 to 512
[ 65.205102][ T5314] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.214155][ T5314] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5316] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5316] close(3) = 0
[pid 5316] mkdir("./file0", 0777) = 0
[pid 5316] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5316] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5316] chdir("./file0") = 0
[pid 5316] ioctl(4, LOOP_CLR_FD) = 0
[pid 5316] close(4) = 0
[pid 5316] exit_group(0) = ?
[pid 5316] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5316, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./119", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./119/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./119/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./119/binderfs") = 0
umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./119/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./119/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./119/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./119") = 0
mkdir("./120", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5318
./strace-static-x86_64: Process 5318 attached
[pid 5318] chdir("./120") = 0
[pid 5318] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5318] setpgid(0, 0) = 0
[pid 5318] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5318] write(3, "1000", 4) = 4
[pid 5318] close(3) = 0
[pid 5318] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5318] memfd_create("syzkaller", 0) = 3
[pid 5318] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[ 65.255793][ T5316] loop0: detected capacity change from 0 to 512
[ 65.266784][ T5316] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.275426][ T5316] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5318] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5318] munmap(0x7fe0539f9000, 262144) = 0
[pid 5318] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5318] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5318] close(3) = 0
[pid 5318] mkdir("./file0", 0777) = 0
[pid 5318] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5318] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5318] chdir("./file0") = 0
[pid 5318] ioctl(4, LOOP_CLR_FD) = 0
[pid 5318] close(4) = 0
[pid 5318] exit_group(0) = ?
[pid 5318] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5318, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./120", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./120/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./120/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./120/binderfs") = 0
umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./120/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./120/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./120/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./120") = 0
mkdir("./121", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5320
./strace-static-x86_64: Process 5320 attached
[pid 5320] chdir("./121") = 0
[pid 5320] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5320] setpgid(0, 0) = 0
[pid 5320] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5320] write(3, "1000", 4) = 4
[pid 5320] close(3) = 0
[pid 5320] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5320] memfd_create("syzkaller", 0) = 3
[pid 5320] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5320] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5320] munmap(0x7fe0539f9000, 262144) = 0
[pid 5320] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 65.320228][ T5318] loop0: detected capacity change from 0 to 512
[ 65.330218][ T5318] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.339724][ T5318] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5320] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5320] close(3) = 0
[pid 5320] mkdir("./file0", 0777) = 0
[pid 5320] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5320] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5320] chdir("./file0") = 0
[pid 5320] ioctl(4, LOOP_CLR_FD) = 0
[pid 5320] close(4) = 0
[pid 5320] exit_group(0) = ?
[pid 5320] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5320, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./121", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./121/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./121/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./121/binderfs") = 0
umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./121/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./121/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./121/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./121") = 0
mkdir("./122", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5322
./strace-static-x86_64: Process 5322 attached
[pid 5322] chdir("./122") = 0
[pid 5322] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5322] setpgid(0, 0) = 0
[pid 5322] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5322] write(3, "1000", 4) = 4
[pid 5322] close(3) = 0
[pid 5322] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5322] memfd_create("syzkaller", 0) = 3
[pid 5322] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5322] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[ 65.377145][ T5320] loop0: detected capacity change from 0 to 512
[ 65.386760][ T5320] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.395530][ T5320] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5322] munmap(0x7fe0539f9000, 262144) = 0
[pid 5322] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5322] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5322] close(3) = 0
[pid 5322] mkdir("./file0", 0777) = 0
[pid 5322] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5322] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5322] chdir("./file0") = 0
[pid 5322] ioctl(4, LOOP_CLR_FD) = 0
[pid 5322] close(4) = 0
[pid 5322] exit_group(0) = ?
[pid 5322] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5322, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
[ 65.440816][ T5322] loop0: detected capacity change from 0 to 512
[ 65.451108][ T5322] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.459603][ T5322] EXT4-fs (loop0): 1 truncate cleaned up
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./122", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./122/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./122/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./122/binderfs") = 0
umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./122/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./122/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./122/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./122") = 0
mkdir("./123", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5324
./strace-static-x86_64: Process 5324 attached
[pid 5324] chdir("./123") = 0
[pid 5324] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5324] setpgid(0, 0) = 0
[pid 5324] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5324] write(3, "1000", 4) = 4
[pid 5324] close(3) = 0
[pid 5324] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5324] memfd_create("syzkaller", 0) = 3
[pid 5324] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5324] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5324] munmap(0x7fe0539f9000, 262144) = 0
[pid 5324] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5324] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5324] close(3) = 0
[pid 5324] mkdir("./file0", 0777) = 0
[pid 5324] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5324] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5324] chdir("./file0") = 0
[pid 5324] ioctl(4, LOOP_CLR_FD) = 0
[ 65.540733][ T5324] loop0: detected capacity change from 0 to 512
[ 65.550404][ T5324] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.559608][ T5324] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5324] close(4) = 0
[pid 5324] exit_group(0) = ?
[pid 5324] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5324, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./123", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./123/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./123/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./123/binderfs") = 0
umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./123/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./123/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./123/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./123") = 0
mkdir("./124", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5326 attached
[pid 5326] chdir("./124") = 0
[pid 5326] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5326] setpgid(0, 0) = 0
[pid 5326] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5326] write(3, "1000", 4) = 4
[pid 5326] close(3) = 0
[pid 5326] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5326] memfd_create("syzkaller", 0) = 3
[pid 5326] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5074] <... clone resumed>, child_tidptr=0x5555564115d0) = 5326
[pid 5326] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5326] munmap(0x7fe0539f9000, 262144) = 0
[pid 5326] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5326] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5326] close(3) = 0
[pid 5326] mkdir("./file0", 0777) = 0
[pid 5326] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5326] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5326] chdir("./file0") = 0
[pid 5326] ioctl(4, LOOP_CLR_FD) = 0
[pid 5326] close(4) = 0
[pid 5326] exit_group(0) = ?
[pid 5326] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5326, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
umount2("./124", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./124/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./124/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./124/binderfs") = 0
umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./124/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./124/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./124/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./124") = 0
mkdir("./125", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5328
./strace-static-x86_64: Process 5328 attached
[pid 5328] chdir("./125") = 0
[pid 5328] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5328] setpgid(0, 0) = 0
[pid 5328] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5328] write(3, "1000", 4) = 4
[pid 5328] close(3) = 0
[pid 5328] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5328] memfd_create("syzkaller", 0) = 3
[pid 5328] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[ 65.647044][ T5326] loop0: detected capacity change from 0 to 512
[ 65.656844][ T5326] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.665664][ T5326] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5328] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5328] munmap(0x7fe0539f9000, 262144) = 0
[pid 5328] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5328] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5328] close(3) = 0
[pid 5328] mkdir("./file0", 0777) = 0
[pid 5328] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5328] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5328] chdir("./file0") = 0
[pid 5328] ioctl(4, LOOP_CLR_FD) = 0
[pid 5328] close(4) = 0
[pid 5328] exit_group(0) = ?
[pid 5328] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5328, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./125", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./125/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./125/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[ 65.711509][ T5328] loop0: detected capacity change from 0 to 512
[ 65.721533][ T5328] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.730085][ T5328] EXT4-fs (loop0): 1 truncate cleaned up
unlink("./125/binderfs") = 0
umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./125/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./125/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./125/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./125") = 0
mkdir("./126", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5330
./strace-static-x86_64: Process 5330 attached
[pid 5330] chdir("./126") = 0
[pid 5330] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5330] setpgid(0, 0) = 0
[pid 5330] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5330] write(3, "1000", 4) = 4
[pid 5330] close(3) = 0
[pid 5330] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5330] memfd_create("syzkaller", 0) = 3
[pid 5330] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5330] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5330] munmap(0x7fe0539f9000, 262144) = 0
[pid 5330] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5330] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5330] close(3) = 0
[pid 5330] mkdir("./file0", 0777) = 0
[pid 5330] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5330] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5330] chdir("./file0") = 0
[pid 5330] ioctl(4, LOOP_CLR_FD) = 0
[pid 5330] close(4) = 0
[pid 5330] exit_group(0) = ?
[pid 5330] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5330, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./126", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./126/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./126/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./126/binderfs") = 0
umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./126/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./126/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./126/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./126") = 0
mkdir("./127", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5332
./strace-static-x86_64: Process 5332 attached
[pid 5332] chdir("./127") = 0
[pid 5332] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5332] setpgid(0, 0) = 0
[pid 5332] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5332] write(3, "1000", 4) = 4
[pid 5332] close(3) = 0
[pid 5332] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5332] memfd_create("syzkaller", 0) = 3
[pid 5332] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[ 65.814676][ T5330] loop0: detected capacity change from 0 to 512
[ 65.825249][ T5330] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.833968][ T5330] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5332] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5332] munmap(0x7fe0539f9000, 262144) = 0
[pid 5332] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5332] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5332] close(3) = 0
[pid 5332] mkdir("./file0", 0777) = 0
[pid 5332] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5332] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5332] chdir("./file0") = 0
[pid 5332] ioctl(4, LOOP_CLR_FD) = 0
[pid 5332] close(4) = 0
[pid 5332] exit_group(0) = ?
[pid 5332] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5332, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./127", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./127/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./127/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./127/binderfs") = 0
umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./127/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./127/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./127/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./127") = 0
mkdir("./128", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5334
./strace-static-x86_64: Process 5334 attached
[pid 5334] chdir("./128") = 0
[pid 5334] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5334] setpgid(0, 0) = 0
[pid 5334] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5334] write(3, "1000", 4) = 4
[ 65.878176][ T5332] loop0: detected capacity change from 0 to 512
[ 65.888263][ T5332] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.897186][ T5332] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5334] close(3) = 0
[pid 5334] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5334] memfd_create("syzkaller", 0) = 3
[pid 5334] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5334] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5334] munmap(0x7fe0539f9000, 262144) = 0
[pid 5334] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5334] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5334] close(3) = 0
[pid 5334] mkdir("./file0", 0777) = 0
[pid 5334] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5334] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5334] chdir("./file0") = 0
[pid 5334] ioctl(4, LOOP_CLR_FD) = 0
[pid 5334] close(4) = 0
[pid 5334] exit_group(0) = ?
[pid 5334] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5334, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./128", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./128/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./128/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./128/binderfs") = 0
umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./128/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./128/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./128/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./128") = 0
mkdir("./129", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5336
./strace-static-x86_64: Process 5336 attached
[ 65.947743][ T5334] loop0: detected capacity change from 0 to 512
[ 65.958350][ T5334] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.967401][ T5334] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5336] chdir("./129") = 0
[pid 5336] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5336] setpgid(0, 0) = 0
[pid 5336] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5336] write(3, "1000", 4) = 4
[pid 5336] close(3) = 0
[pid 5336] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5336] memfd_create("syzkaller", 0) = 3
[pid 5336] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5336] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5336] munmap(0x7fe0539f9000, 262144) = 0
[pid 5336] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5336] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5336] close(3) = 0
[pid 5336] mkdir("./file0", 0777) = 0
[pid 5336] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5336] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5336] chdir("./file0") = 0
[pid 5336] ioctl(4, LOOP_CLR_FD) = 0
[pid 5336] close(4) = 0
[pid 5336] exit_group(0) = ?
[pid 5336] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5336, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./129", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./129/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./129/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./129/binderfs") = 0
umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./129/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./129/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./129/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./129") = 0
mkdir("./130", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5338
./strace-static-x86_64: Process 5338 attached
[pid 5338] chdir("./130") = 0
[pid 5338] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5338] setpgid(0, 0) = 0
[pid 5338] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5338] write(3, "1000", 4) = 4
[pid 5338] close(3) = 0
[pid 5338] symlink("/dev/binderfs", "./binderfs") = 0
[ 66.019969][ T5336] loop0: detected capacity change from 0 to 512
[ 66.030184][ T5336] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.039554][ T5336] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5338] memfd_create("syzkaller", 0) = 3
[pid 5338] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5338] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5338] munmap(0x7fe0539f9000, 262144) = 0
[pid 5338] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5338] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5338] close(3) = 0
[pid 5338] mkdir("./file0", 0777) = 0
[pid 5338] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5338] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5338] chdir("./file0") = 0
[pid 5338] ioctl(4, LOOP_CLR_FD) = 0
[pid 5338] close(4) = 0
[pid 5338] exit_group(0) = ?
[pid 5338] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5338, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./130", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./130/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./130/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./130/binderfs") = 0
umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./130/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./130/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./130/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./130") = 0
mkdir("./131", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5340
./strace-static-x86_64: Process 5340 attached
[pid 5340] chdir("./131") = 0
[pid 5340] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5340] setpgid(0, 0) = 0
[pid 5340] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5340] write(3, "1000", 4) = 4
[pid 5340] close(3) = 0
[pid 5340] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5340] memfd_create("syzkaller", 0) = 3
[pid 5340] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5340] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5340] munmap(0x7fe0539f9000, 262144) = 0
[pid 5340] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 66.108500][ T5338] loop0: detected capacity change from 0 to 512
[ 66.119170][ T5338] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.128885][ T5338] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5340] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5340] close(3) = 0
[pid 5340] mkdir("./file0", 0777) = 0
[pid 5340] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5340] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5340] chdir("./file0") = 0
[pid 5340] ioctl(4, LOOP_CLR_FD) = 0
[pid 5340] close(4) = 0
[pid 5340] exit_group(0) = ?
[pid 5340] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5340, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./131", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./131/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./131/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./131/binderfs") = 0
umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./131/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./131/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./131/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./131") = 0
mkdir("./132", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
[ 66.166739][ T5340] loop0: detected capacity change from 0 to 512
[ 66.176842][ T5340] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.185417][ T5340] EXT4-fs (loop0): 1 truncate cleaned up
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5342 attached
[pid 5342] chdir("./132") = 0
[pid 5342] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5074] <... clone resumed>, child_tidptr=0x5555564115d0) = 5342
[pid 5342] setpgid(0, 0) = 0
[pid 5342] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5342] write(3, "1000", 4) = 4
[pid 5342] close(3) = 0
[pid 5342] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5342] memfd_create("syzkaller", 0) = 3
[pid 5342] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5342] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5342] munmap(0x7fe0539f9000, 262144) = 0
[pid 5342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5342] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5342] close(3) = 0
[pid 5342] mkdir("./file0", 0777) = 0
[pid 5342] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5342] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5342] chdir("./file0") = 0
[pid 5342] ioctl(4, LOOP_CLR_FD) = 0
[pid 5342] close(4) = 0
[pid 5342] exit_group(0) = ?
[ 66.238760][ T5342] loop0: detected capacity change from 0 to 512
[ 66.249189][ T5342] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.258034][ T5342] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5342] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5342, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./132", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./132/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./132/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./132/binderfs") = 0
umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./132/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./132/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./132/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./132") = 0
mkdir("./133", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5344
./strace-static-x86_64: Process 5344 attached
[pid 5344] chdir("./133") = 0
[pid 5344] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5344] setpgid(0, 0) = 0
[pid 5344] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5344] write(3, "1000", 4) = 4
[pid 5344] close(3) = 0
[pid 5344] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5344] memfd_create("syzkaller", 0) = 3
[pid 5344] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5344] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5344] munmap(0x7fe0539f9000, 262144) = 0
[pid 5344] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5344] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5344] close(3) = 0
[pid 5344] mkdir("./file0", 0777) = 0
[pid 5344] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5344] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5344] chdir("./file0") = 0
[pid 5344] ioctl(4, LOOP_CLR_FD) = 0
[pid 5344] close(4) = 0
[pid 5344] exit_group(0) = ?
[pid 5344] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5344, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./133", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./133/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./133/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./133/binderfs") = 0
umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./133/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./133/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./133/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./133") = 0
mkdir("./134", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5346
./strace-static-x86_64: Process 5346 attached
[pid 5346] chdir("./134") = 0
[pid 5346] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5346] setpgid(0, 0) = 0
[pid 5346] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5346] write(3, "1000", 4) = 4
[pid 5346] close(3) = 0
[pid 5346] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5346] memfd_create("syzkaller", 0) = 3
[pid 5346] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5346] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5346] munmap(0x7fe0539f9000, 262144) = 0
[pid 5346] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 66.339000][ T5344] loop0: detected capacity change from 0 to 512
[ 66.350282][ T5344] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.358848][ T5344] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5346] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5346] close(3) = 0
[pid 5346] mkdir("./file0", 0777) = 0
[pid 5346] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5346] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5346] chdir("./file0") = 0
[pid 5346] ioctl(4, LOOP_CLR_FD) = 0
[pid 5346] close(4) = 0
[pid 5346] exit_group(0) = ?
[pid 5346] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5346, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./134", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./134/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./134/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./134/binderfs") = 0
umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./134/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./134/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./134/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./134") = 0
mkdir("./135", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5348
./strace-static-x86_64: Process 5348 attached
[pid 5348] chdir("./135") = 0
[pid 5348] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5348] setpgid(0, 0) = 0
[pid 5348] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5348] write(3, "1000", 4) = 4
[pid 5348] close(3) = 0
[pid 5348] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5348] memfd_create("syzkaller", 0) = 3
[ 66.396365][ T5346] loop0: detected capacity change from 0 to 512
[ 66.406421][ T5346] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.415087][ T5346] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5348] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5348] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5348] munmap(0x7fe0539f9000, 262144) = 0
[pid 5348] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5348] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5348] close(3) = 0
[pid 5348] mkdir("./file0", 0777) = 0
[pid 5348] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5348] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5348] chdir("./file0") = 0
[pid 5348] ioctl(4, LOOP_CLR_FD) = 0
[ 66.462964][ T5348] loop0: detected capacity change from 0 to 512
[ 66.472803][ T5348] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.481661][ T5348] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5348] close(4) = 0
[pid 5348] exit_group(0) = ?
[pid 5348] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5348, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./135", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./135/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./135/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./135/binderfs") = 0
umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./135/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./135/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./135/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./135") = 0
mkdir("./136", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5350
./strace-static-x86_64: Process 5350 attached
[pid 5350] chdir("./136") = 0
[pid 5350] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5350] setpgid(0, 0) = 0
[pid 5350] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5350] write(3, "1000", 4) = 4
[pid 5350] close(3) = 0
[pid 5350] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5350] memfd_create("syzkaller", 0) = 3
[pid 5350] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5350] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5350] munmap(0x7fe0539f9000, 262144) = 0
[pid 5350] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5350] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5350] close(3) = 0
[pid 5350] mkdir("./file0", 0777) = 0
[pid 5350] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5350] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5350] chdir("./file0") = 0
[pid 5350] ioctl(4, LOOP_CLR_FD) = 0
[pid 5350] close(4) = 0
[pid 5350] exit_group(0) = ?
[pid 5350] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5350, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./136", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./136/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./136/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./136/binderfs") = 0
umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./136/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./136/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./136/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./136") = 0
mkdir("./137", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 66.559691][ T5350] loop0: detected capacity change from 0 to 512
[ 66.571628][ T5350] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.580555][ T5350] EXT4-fs (loop0): 1 truncate cleaned up
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5352
./strace-static-x86_64: Process 5352 attached
[pid 5352] chdir("./137") = 0
[pid 5352] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5352] setpgid(0, 0) = 0
[pid 5352] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5352] write(3, "1000", 4) = 4
[pid 5352] close(3) = 0
[pid 5352] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5352] memfd_create("syzkaller", 0) = 3
[pid 5352] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5352] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5352] munmap(0x7fe0539f9000, 262144) = 0
[pid 5352] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5352] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5352] close(3) = 0
[pid 5352] mkdir("./file0", 0777) = 0
[pid 5352] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5352] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5352] chdir("./file0") = 0
[pid 5352] ioctl(4, LOOP_CLR_FD) = 0
[pid 5352] close(4) = 0
[pid 5352] exit_group(0) = ?
[pid 5352] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5352, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
umount2("./137", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./137/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./137/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./137/binderfs") = 0
umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./137/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./137/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./137/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./137") = 0
mkdir("./138", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5354
./strace-static-x86_64: Process 5354 attached
[pid 5354] chdir("./138") = 0
[pid 5354] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5354] setpgid(0, 0) = 0
[pid 5354] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5354] write(3, "1000", 4) = 4
[pid 5354] close(3) = 0
[pid 5354] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5354] memfd_create("syzkaller", 0) = 3
[pid 5354] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5354] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5354] munmap(0x7fe0539f9000, 262144) = 0
[pid 5354] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 66.658178][ T5352] loop0: detected capacity change from 0 to 512
[ 66.668852][ T5352] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.677716][ T5352] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5354] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5354] close(3) = 0
[pid 5354] mkdir("./file0", 0777) = 0
[pid 5354] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5354] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5354] chdir("./file0") = 0
[pid 5354] ioctl(4, LOOP_CLR_FD) = 0
[pid 5354] close(4) = 0
[pid 5354] exit_group(0) = ?
[pid 5354] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5354, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./138", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./138/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./138/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./138/binderfs") = 0
umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./138/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./138/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./138/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./138") = 0
mkdir("./139", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5356
./strace-static-x86_64: Process 5356 attached
[pid 5356] chdir("./139") = 0
[pid 5356] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5356] setpgid(0, 0) = 0
[pid 5356] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5356] write(3, "1000", 4) = 4
[pid 5356] close(3) = 0
[pid 5356] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5356] memfd_create("syzkaller", 0) = 3
[pid 5356] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5356] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5356] munmap(0x7fe0539f9000, 262144) = 0
[pid 5356] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 66.714600][ T5354] loop0: detected capacity change from 0 to 512
[ 66.724902][ T5354] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.733701][ T5354] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5356] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5356] close(3) = 0
[pid 5356] mkdir("./file0", 0777) = 0
[pid 5356] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5356] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5356] chdir("./file0") = 0
[pid 5356] ioctl(4, LOOP_CLR_FD) = 0
[pid 5356] close(4) = 0
[pid 5356] exit_group(0) = ?
[pid 5356] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5356, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./139", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./139", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./139/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./139/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./139/binderfs") = 0
[ 66.771690][ T5356] loop0: detected capacity change from 0 to 512
[ 66.781587][ T5356] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.790274][ T5356] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./139/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./139/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./139/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./139") = 0
mkdir("./140", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5358
./strace-static-x86_64: Process 5358 attached
[pid 5358] chdir("./140") = 0
[pid 5358] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5358] setpgid(0, 0) = 0
[pid 5358] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5358] write(3, "1000", 4) = 4
[pid 5358] close(3) = 0
[pid 5358] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5358] memfd_create("syzkaller", 0) = 3
[pid 5358] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5358] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5358] munmap(0x7fe0539f9000, 262144) = 0
[pid 5358] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5358] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5358] close(3) = 0
[pid 5358] mkdir("./file0", 0777) = 0
[pid 5358] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5358] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5358] chdir("./file0") = 0
[pid 5358] ioctl(4, LOOP_CLR_FD) = 0
[pid 5358] close(4) = 0
[pid 5358] exit_group(0) = ?
[pid 5358] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5358, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./140", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./140", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./140/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./140/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./140/binderfs") = 0
umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./140/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./140/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./140/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./140") = 0
mkdir("./141", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5360
./strace-static-x86_64: Process 5360 attached
[pid 5360] chdir("./141") = 0
[pid 5360] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5360] setpgid(0, 0) = 0
[pid 5360] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5360] write(3, "1000", 4) = 4
[pid 5360] close(3) = 0
[pid 5360] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5360] memfd_create("syzkaller", 0) = 3
[pid 5360] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5360] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5360] munmap(0x7fe0539f9000, 262144) = 0
[pid 5360] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 66.858560][ T5358] loop0: detected capacity change from 0 to 512
[ 66.869095][ T5358] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.878265][ T5358] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5360] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5360] close(3) = 0
[pid 5360] mkdir("./file0", 0777) = 0
[pid 5360] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5360] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5360] chdir("./file0") = 0
[pid 5360] ioctl(4, LOOP_CLR_FD) = 0
[pid 5360] close(4) = 0
[pid 5360] exit_group(0) = ?
[pid 5360] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5360, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./141", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./141", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./141/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./141/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./141/binderfs") = 0
umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./141/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./141/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./141/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./141") = 0
mkdir("./142", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5362
./strace-static-x86_64: Process 5362 attached
[pid 5362] chdir("./142") = 0
[pid 5362] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5362] setpgid(0, 0) = 0
[pid 5362] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5362] write(3, "1000", 4) = 4
[pid 5362] close(3) = 0
[pid 5362] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5362] memfd_create("syzkaller", 0) = 3
[pid 5362] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[ 66.930932][ T5360] loop0: detected capacity change from 0 to 512
[ 66.941325][ T5360] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.950921][ T5360] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5362] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5362] munmap(0x7fe0539f9000, 262144) = 0
[pid 5362] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5362] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5362] close(3) = 0
[pid 5362] mkdir("./file0", 0777) = 0
[pid 5362] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5362] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5362] chdir("./file0") = 0
[pid 5362] ioctl(4, LOOP_CLR_FD) = 0
[pid 5362] close(4) = 0
[pid 5362] exit_group(0) = ?
[pid 5362] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5362, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./142", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./142", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./142/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./142/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./142/binderfs") = 0
umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./142/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./142/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./142/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./142") = 0
mkdir("./143", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5364
./strace-static-x86_64: Process 5364 attached
[pid 5364] chdir("./143") = 0
[pid 5364] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5364] setpgid(0, 0) = 0
[pid 5364] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5364] write(3, "1000", 4) = 4
[pid 5364] close(3) = 0
[ 67.015685][ T5362] loop0: detected capacity change from 0 to 512
[ 67.026348][ T5362] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.035144][ T5362] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5364] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5364] memfd_create("syzkaller", 0) = 3
[pid 5364] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5364] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5364] munmap(0x7fe0539f9000, 262144) = 0
[pid 5364] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5364] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5364] close(3) = 0
[pid 5364] mkdir("./file0", 0777) = 0
[pid 5364] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5364] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5364] chdir("./file0") = 0
[pid 5364] ioctl(4, LOOP_CLR_FD) = 0
[pid 5364] close(4) = 0
[pid 5364] exit_group(0) = ?
[pid 5364] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5364, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./143", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./143", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./143/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./143/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./143/binderfs") = 0
umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./143/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./143/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./143/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./143") = 0
mkdir("./144", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 67.092244][ T5364] loop0: detected capacity change from 0 to 512
[ 67.103399][ T5364] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.112293][ T5364] EXT4-fs (loop0): 1 truncate cleaned up
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5366
./strace-static-x86_64: Process 5366 attached
[pid 5366] chdir("./144") = 0
[pid 5366] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5366] setpgid(0, 0) = 0
[pid 5366] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5366] write(3, "1000", 4) = 4
[pid 5366] close(3) = 0
[pid 5366] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5366] memfd_create("syzkaller", 0) = 3
[pid 5366] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5366] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5366] munmap(0x7fe0539f9000, 262144) = 0
[pid 5366] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5366] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5366] close(3) = 0
[pid 5366] mkdir("./file0", 0777) = 0
[pid 5366] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5366] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5366] chdir("./file0") = 0
[pid 5366] ioctl(4, LOOP_CLR_FD) = 0
[pid 5366] close(4) = 0
[pid 5366] exit_group(0) = ?
[pid 5366] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5366, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./144", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./144", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[ 67.191862][ T5366] loop0: detected capacity change from 0 to 512
[ 67.201849][ T5366] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.211354][ T5366] EXT4-fs (loop0): 1 truncate cleaned up
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./144/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./144/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./144/binderfs") = 0
umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./144/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./144/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./144/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./144") = 0
mkdir("./145", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5368
./strace-static-x86_64: Process 5368 attached
[pid 5368] chdir("./145") = 0
[pid 5368] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5368] setpgid(0, 0) = 0
[pid 5368] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5368] write(3, "1000", 4) = 4
[pid 5368] close(3) = 0
[pid 5368] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5368] memfd_create("syzkaller", 0) = 3
[pid 5368] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5368] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5368] munmap(0x7fe0539f9000, 262144) = 0
[pid 5368] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5368] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5368] close(3) = 0
[pid 5368] mkdir("./file0", 0777) = 0
[pid 5368] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5368] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5368] chdir("./file0") = 0
[pid 5368] ioctl(4, LOOP_CLR_FD) = 0
[pid 5368] close(4) = 0
[pid 5368] exit_group(0) = ?
[pid 5368] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5368, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./145", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./145", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./145/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 67.271757][ T5368] loop0: detected capacity change from 0 to 512
[ 67.282342][ T5368] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.291112][ T5368] EXT4-fs (loop0): 1 truncate cleaned up
lstat("./145/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./145/binderfs") = 0
umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./145/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./145/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./145/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./145") = 0
mkdir("./146", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5370
./strace-static-x86_64: Process 5370 attached
[pid 5370] chdir("./146") = 0
[pid 5370] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5370] setpgid(0, 0) = 0
[pid 5370] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5370] write(3, "1000", 4) = 4
[pid 5370] close(3) = 0
[pid 5370] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5370] memfd_create("syzkaller", 0) = 3
[pid 5370] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5370] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5370] munmap(0x7fe0539f9000, 262144) = 0
[pid 5370] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5370] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5370] close(3) = 0
[pid 5370] mkdir("./file0", 0777) = 0
[pid 5370] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5370] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5370] chdir("./file0") = 0
[pid 5370] ioctl(4, LOOP_CLR_FD) = 0
[pid 5370] close(4) = 0
[pid 5370] exit_group(0) = ?
[pid 5370] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5370, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./146", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./146", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./146/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./146/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./146/binderfs") = 0
umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./146/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./146/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./146/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./146") = 0
mkdir("./147", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5372
./strace-static-x86_64: Process 5372 attached
[pid 5372] chdir("./147") = 0
[pid 5372] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5372] setpgid(0, 0) = 0
[pid 5372] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5372] write(3, "1000", 4) = 4
[pid 5372] close(3) = 0
[pid 5372] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5372] memfd_create("syzkaller", 0) = 3
[pid 5372] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5372] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5372] munmap(0x7fe0539f9000, 262144) = 0
[ 67.372903][ T5370] loop0: detected capacity change from 0 to 512
[ 67.382772][ T5370] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.391303][ T5370] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5372] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5372] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5372] close(3) = 0
[pid 5372] mkdir("./file0", 0777) = 0
[pid 5372] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5372] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5372] chdir("./file0") = 0
[pid 5372] ioctl(4, LOOP_CLR_FD) = 0
[pid 5372] close(4) = 0
[pid 5372] exit_group(0) = ?
[pid 5372] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5372, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./147", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./147", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./147/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./147/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./147/binderfs") = 0
umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./147/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./147/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./147/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./147") = 0
mkdir("./148", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5374 attached
[pid 5374] chdir("./148"
[pid 5074] <... clone resumed>, child_tidptr=0x5555564115d0) = 5374
[pid 5374] <... chdir resumed>) = 0
[pid 5374] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5374] setpgid(0, 0) = 0
[pid 5374] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5374] write(3, "1000", 4) = 4
[pid 5374] close(3) = 0
[pid 5374] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5374] memfd_create("syzkaller", 0) = 3
[pid 5374] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5374] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5374] munmap(0x7fe0539f9000, 262144) = 0
[pid 5374] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 67.434985][ T5372] loop0: detected capacity change from 0 to 512
[ 67.445876][ T5372] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.454894][ T5372] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5374] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5374] close(3) = 0
[pid 5374] mkdir("./file0", 0777) = 0
[pid 5374] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5374] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5374] chdir("./file0") = 0
[pid 5374] ioctl(4, LOOP_CLR_FD) = 0
[pid 5374] close(4) = 0
[pid 5374] exit_group(0) = ?
[pid 5374] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5374, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./148", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./148", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./148/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./148/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./148/binderfs") = 0
umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./148/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./148/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./148/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./148") = 0
mkdir("./149", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5376
./strace-static-x86_64: Process 5376 attached
[pid 5376] chdir("./149") = 0
[pid 5376] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5376] setpgid(0, 0) = 0
[pid 5376] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5376] write(3, "1000", 4) = 4
[pid 5376] close(3) = 0
[pid 5376] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5376] memfd_create("syzkaller", 0) = 3
[pid 5376] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5376] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5376] munmap(0x7fe0539f9000, 262144) = 0
[pid 5376] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 67.508366][ T5374] loop0: detected capacity change from 0 to 512
[ 67.519397][ T5374] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.528323][ T5374] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5376] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5376] close(3) = 0
[pid 5376] mkdir("./file0", 0777) = 0
[pid 5376] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5376] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5376] chdir("./file0") = 0
[pid 5376] ioctl(4, LOOP_CLR_FD) = 0
[pid 5376] close(4) = 0
[pid 5376] exit_group(0) = ?
[pid 5376] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5376, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./149", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./149", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./149/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./149/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./149/binderfs") = 0
umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./149/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./149/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./149/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./149") = 0
mkdir("./150", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5378 attached
, child_tidptr=0x5555564115d0) = 5378
[pid 5378] chdir("./150") = 0
[pid 5378] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5378] setpgid(0, 0) = 0
[pid 5378] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5378] write(3, "1000", 4) = 4
[pid 5378] close(3) = 0
[pid 5378] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5378] memfd_create("syzkaller", 0) = 3
[ 67.568956][ T5376] loop0: detected capacity change from 0 to 512
[ 67.578791][ T5376] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.587511][ T5376] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5378] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5378] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5378] munmap(0x7fe0539f9000, 262144) = 0
[pid 5378] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5378] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5378] close(3) = 0
[pid 5378] mkdir("./file0", 0777) = 0
[pid 5378] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5378] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5378] chdir("./file0") = 0
[pid 5378] ioctl(4, LOOP_CLR_FD) = 0
[pid 5378] close(4) = 0
[pid 5378] exit_group(0) = ?
[pid 5378] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5378, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./150", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./150", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./150/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./150/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./150/binderfs") = 0
umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./150/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./150/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./150/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./150") = 0
mkdir("./151", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5380
./strace-static-x86_64: Process 5380 attached
[pid 5380] chdir("./151") = 0
[pid 5380] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5380] setpgid(0, 0) = 0
[pid 5380] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5380] write(3, "1000", 4) = 4
[pid 5380] close(3) = 0
[pid 5380] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5380] memfd_create("syzkaller", 0) = 3
[pid 5380] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5380] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5380] munmap(0x7fe0539f9000, 262144) = 0
[pid 5380] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 67.634996][ T5378] loop0: detected capacity change from 0 to 512
[ 67.644927][ T5378] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.654116][ T5378] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5380] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5380] close(3) = 0
[pid 5380] mkdir("./file0", 0777) = 0
[pid 5380] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5380] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5380] chdir("./file0") = 0
[pid 5380] ioctl(4, LOOP_CLR_FD) = 0
[pid 5380] close(4) = 0
[pid 5380] exit_group(0) = ?
[pid 5380] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5380, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./151", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./151", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
[ 67.691484][ T5380] loop0: detected capacity change from 0 to 512
[ 67.701292][ T5380] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.710224][ T5380] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./151/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./151/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./151/binderfs") = 0
umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./151/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./151/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./151/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./151") = 0
mkdir("./152", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5382 attached
, child_tidptr=0x5555564115d0) = 5382
[pid 5382] chdir("./152") = 0
[pid 5382] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5382] setpgid(0, 0) = 0
[pid 5382] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5382] write(3, "1000", 4) = 4
[pid 5382] close(3) = 0
[pid 5382] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5382] memfd_create("syzkaller", 0) = 3
[pid 5382] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5382] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5382] munmap(0x7fe0539f9000, 262144) = 0
[pid 5382] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5382] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5382] close(3) = 0
[pid 5382] mkdir("./file0", 0777) = 0
[pid 5382] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5382] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5382] chdir("./file0") = 0
[pid 5382] ioctl(4, LOOP_CLR_FD) = 0
[pid 5382] close(4) = 0
[pid 5382] exit_group(0) = ?
[pid 5382] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5382, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./152", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./152", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./152/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./152/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./152/binderfs") = 0
[ 67.791266][ T5382] loop0: detected capacity change from 0 to 512
[ 67.801205][ T5382] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.809921][ T5382] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./152/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./152/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./152/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./152") = 0
mkdir("./153", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5384
./strace-static-x86_64: Process 5384 attached
[pid 5384] chdir("./153") = 0
[pid 5384] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5384] setpgid(0, 0) = 0
[pid 5384] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5384] write(3, "1000", 4) = 4
[pid 5384] close(3) = 0
[pid 5384] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5384] memfd_create("syzkaller", 0) = 3
[pid 5384] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5384] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5384] munmap(0x7fe0539f9000, 262144) = 0
[pid 5384] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5384] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5384] close(3) = 0
[pid 5384] mkdir("./file0", 0777) = 0
[pid 5384] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5384] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5384] chdir("./file0") = 0
[pid 5384] ioctl(4, LOOP_CLR_FD) = 0
[pid 5384] close(4) = 0
[pid 5384] exit_group(0) = ?
[pid 5384] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5384, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./153", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./153", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./153/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./153/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./153/binderfs") = 0
umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./153/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./153/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./153/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./153") = 0
mkdir("./154", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5386
./strace-static-x86_64: Process 5386 attached
[pid 5386] chdir("./154") = 0
[pid 5386] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5386] setpgid(0, 0) = 0
[pid 5386] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5386] write(3, "1000", 4) = 4
[pid 5386] close(3) = 0
[pid 5386] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5386] memfd_create("syzkaller", 0) = 3
[pid 5386] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5386] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5386] munmap(0x7fe0539f9000, 262144) = 0
[pid 5386] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 67.877588][ T5384] loop0: detected capacity change from 0 to 512
[ 67.879635][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 67.897325][ T5384] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.906210][ T5384] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5386] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5386] close(3) = 0
[pid 5386] mkdir("./file0", 0777) = 0
[pid 5386] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5386] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5386] chdir("./file0") = 0
[pid 5386] ioctl(4, LOOP_CLR_FD) = 0
[pid 5386] close(4) = 0
[pid 5386] exit_group(0) = ?
[pid 5386] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5386, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./154", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./154", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./154/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./154/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./154/binderfs") = 0
umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./154/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./154/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./154/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./154") = 0
mkdir("./155", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5388
./strace-static-x86_64: Process 5388 attached
[pid 5388] chdir("./155") = 0
[pid 5388] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5388] setpgid(0, 0) = 0
[pid 5388] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5388] write(3, "1000", 4) = 4
[pid 5388] close(3) = 0
[pid 5388] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5388] memfd_create("syzkaller", 0) = 3
[pid 5388] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5388] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5388] munmap(0x7fe0539f9000, 262144) = 0
[pid 5388] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 67.953661][ T5386] loop0: detected capacity change from 0 to 512
[ 67.964533][ T5386] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.973686][ T5386] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5388] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5388] close(3) = 0
[pid 5388] mkdir("./file0", 0777) = 0
[pid 5388] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5388] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5388] chdir("./file0") = 0
[pid 5388] ioctl(4, LOOP_CLR_FD) = 0
[pid 5388] close(4) = 0
[pid 5388] exit_group(0) = ?
[pid 5388] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5388, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./155", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./155", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./155/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./155/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./155/binderfs") = 0
umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./155/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./155/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./155/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./155") = 0
mkdir("./156", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5390
./strace-static-x86_64: Process 5390 attached
[pid 5390] chdir("./156") = 0
[pid 5390] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5390] setpgid(0, 0) = 0
[pid 5390] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5390] write(3, "1000", 4) = 4
[pid 5390] close(3) = 0
[pid 5390] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5390] memfd_create("syzkaller", 0) = 3
[pid 5390] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5390] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5390] munmap(0x7fe0539f9000, 262144) = 0
[pid 5390] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 68.022437][ T5388] loop0: detected capacity change from 0 to 512
[ 68.032309][ T5388] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.041149][ T5388] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5390] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5390] close(3) = 0
[pid 5390] mkdir("./file0", 0777) = 0
[pid 5390] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5390] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5390] chdir("./file0") = 0
[pid 5390] ioctl(4, LOOP_CLR_FD) = 0
[pid 5390] close(4) = 0
[pid 5390] exit_group(0) = ?
[pid 5390] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5390, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./156", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./156", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./156/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./156/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./156/binderfs") = 0
umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./156/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./156/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./156/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./156") = 0
[ 68.081913][ T5390] loop0: detected capacity change from 0 to 512
[ 68.091704][ T5390] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.100543][ T5390] EXT4-fs (loop0): 1 truncate cleaned up
mkdir("./157", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5392
./strace-static-x86_64: Process 5392 attached
[pid 5392] chdir("./157") = 0
[pid 5392] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5392] setpgid(0, 0) = 0
[pid 5392] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5392] write(3, "1000", 4) = 4
[pid 5392] close(3) = 0
[pid 5392] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5392] memfd_create("syzkaller", 0) = 3
[pid 5392] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5392] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5392] munmap(0x7fe0539f9000, 262144) = 0
[pid 5392] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5392] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5392] close(3) = 0
[pid 5392] mkdir("./file0", 0777) = 0
[pid 5392] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5392] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5392] chdir("./file0") = 0
[pid 5392] ioctl(4, LOOP_CLR_FD) = 0
[pid 5392] close(4) = 0
[pid 5392] exit_group(0) = ?
[pid 5392] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5392, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./157", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./157", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./157/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./157/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./157/binderfs") = 0
[ 68.154219][ T5392] loop0: detected capacity change from 0 to 512
[ 68.164043][ T5392] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.173082][ T5392] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./157/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./157/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./157/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./157/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./157/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./157/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./157") = 0
mkdir("./158", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5394
./strace-static-x86_64: Process 5394 attached
[pid 5394] chdir("./158") = 0
[pid 5394] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5394] setpgid(0, 0) = 0
[pid 5394] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5394] write(3, "1000", 4) = 4
[pid 5394] close(3) = 0
[pid 5394] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5394] memfd_create("syzkaller", 0) = 3
[pid 5394] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5394] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5394] munmap(0x7fe0539f9000, 262144) = 0
[pid 5394] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5394] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5394] close(3) = 0
[pid 5394] mkdir("./file0", 0777) = 0
[pid 5394] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5394] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5394] chdir("./file0") = 0
[pid 5394] ioctl(4, LOOP_CLR_FD) = 0
[pid 5394] close(4) = 0
[pid 5394] exit_group(0) = ?
[pid 5394] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5394, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./158", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./158", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./158/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./158/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./158/binderfs") = 0
umount2("./158/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./158/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./158/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./158/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./158/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./158/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./158") = 0
mkdir("./159", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5396
./strace-static-x86_64: Process 5396 attached
[pid 5396] chdir("./159") = 0
[pid 5396] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5396] setpgid(0, 0) = 0
[pid 5396] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5396] write(3, "1000", 4) = 4
[pid 5396] close(3) = 0
[pid 5396] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5396] memfd_create("syzkaller", 0) = 3
[pid 5396] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5396] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5396] munmap(0x7fe0539f9000, 262144) = 0
[ 68.246921][ T5394] loop0: detected capacity change from 0 to 512
[ 68.257109][ T5394] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.265696][ T5394] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5396] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5396] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5396] close(3) = 0
[pid 5396] mkdir("./file0", 0777) = 0
[pid 5396] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5396] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5396] chdir("./file0") = 0
[pid 5396] ioctl(4, LOOP_CLR_FD) = 0
[pid 5396] close(4) = 0
[pid 5396] exit_group(0) = ?
[pid 5396] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5396, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./159", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./159", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./159/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./159/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./159/binderfs") = 0
umount2("./159/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./159/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./159/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./159/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./159/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./159/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./159") = 0
mkdir("./160", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5398
./strace-static-x86_64: Process 5398 attached
[pid 5398] chdir("./160") = 0
[pid 5398] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5398] setpgid(0, 0) = 0
[pid 5398] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5398] write(3, "1000", 4) = 4
[pid 5398] close(3) = 0
[ 68.309015][ T5396] loop0: detected capacity change from 0 to 512
[ 68.318901][ T5396] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.328059][ T5396] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5398] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5398] memfd_create("syzkaller", 0) = 3
[pid 5398] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5398] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5398] munmap(0x7fe0539f9000, 262144) = 0
[pid 5398] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5398] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5398] close(3) = 0
[pid 5398] mkdir("./file0", 0777) = 0
[pid 5398] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5398] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5398] chdir("./file0") = 0
[pid 5398] ioctl(4, LOOP_CLR_FD) = 0
[pid 5398] close(4) = 0
[pid 5398] exit_group(0) = ?
[pid 5398] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5398, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./160", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./160", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./160/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./160/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./160/binderfs") = 0
umount2("./160/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./160/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./160/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./160/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./160/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./160/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./160") = 0
mkdir("./161", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5400
./strace-static-x86_64: Process 5400 attached
[pid 5400] chdir("./161") = 0
[pid 5400] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5400] setpgid(0, 0) = 0
[pid 5400] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5400] write(3, "1000", 4) = 4
[pid 5400] close(3) = 0
[pid 5400] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5400] memfd_create("syzkaller", 0) = 3
[pid 5400] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[ 68.377529][ T5398] loop0: detected capacity change from 0 to 512
[ 68.388638][ T5398] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.398171][ T5398] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5400] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5400] munmap(0x7fe0539f9000, 262144) = 0
[pid 5400] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5400] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5400] close(3) = 0
[pid 5400] mkdir("./file0", 0777) = 0
[pid 5400] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5400] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5400] chdir("./file0") = 0
[pid 5400] ioctl(4, LOOP_CLR_FD) = 0
[pid 5400] close(4) = 0
[pid 5400] exit_group(0) = ?
[pid 5400] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5400, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./161", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./161", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./161/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./161/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./161/binderfs") = 0
umount2("./161/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./161/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./161/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./161/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./161/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./161/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./161") = 0
mkdir("./162", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5402
./strace-static-x86_64: Process 5402 attached
[pid 5402] chdir("./162") = 0
[pid 5402] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5402] setpgid(0, 0) = 0
[pid 5402] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5402] write(3, "1000", 4) = 4
[pid 5402] close(3) = 0
[pid 5402] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5402] memfd_create("syzkaller", 0) = 3
[pid 5402] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5402] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5402] munmap(0x7fe0539f9000, 262144) = 0
[pid 5402] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 68.431635][ T5400] loop0: detected capacity change from 0 to 512
[ 68.434977][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 68.450730][ T5400] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.460168][ T5400] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5402] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5402] close(3) = 0
[pid 5402] mkdir("./file0", 0777) = 0
[pid 5402] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5402] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5402] chdir("./file0") = 0
[pid 5402] ioctl(4, LOOP_CLR_FD) = 0
[pid 5402] close(4) = 0
[pid 5402] exit_group(0) = ?
[pid 5402] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5402, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./162", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./162", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./162/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./162/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./162/binderfs") = 0
[ 68.492332][ T5402] loop0: detected capacity change from 0 to 512
[ 68.494937][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 68.511061][ T5402] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.520037][ T5402] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./162/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./162/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./162/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./162/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./162/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./162/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./162") = 0
mkdir("./163", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5404
./strace-static-x86_64: Process 5404 attached
[pid 5404] chdir("./163") = 0
[pid 5404] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5404] setpgid(0, 0) = 0
[pid 5404] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5404] write(3, "1000", 4) = 4
[pid 5404] close(3) = 0
[pid 5404] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5404] memfd_create("syzkaller", 0) = 3
[pid 5404] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5404] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5404] munmap(0x7fe0539f9000, 262144) = 0
[pid 5404] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5404] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5404] close(3) = 0
[pid 5404] mkdir("./file0", 0777) = 0
[pid 5404] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5404] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5404] chdir("./file0") = 0
[pid 5404] ioctl(4, LOOP_CLR_FD) = 0
[pid 5404] close(4) = 0
[pid 5404] exit_group(0) = ?
[pid 5404] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5404, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./163", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./163", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./163/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./163/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./163/binderfs") = 0
umount2("./163/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./163/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./163/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./163/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./163/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./163/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./163") = 0
mkdir("./164", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5406
./strace-static-x86_64: Process 5406 attached
[pid 5406] chdir("./164") = 0
[pid 5406] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5406] setpgid(0, 0) = 0
[pid 5406] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5406] write(3, "1000", 4) = 4
[pid 5406] close(3) = 0
[pid 5406] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5406] memfd_create("syzkaller", 0) = 3
[pid 5406] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5406] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[ 68.591228][ T5404] loop0: detected capacity change from 0 to 512
[ 68.600977][ T5404] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.610468][ T5404] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5406] munmap(0x7fe0539f9000, 262144) = 0
[pid 5406] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5406] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5406] close(3) = 0
[pid 5406] mkdir("./file0", 0777) = 0
[pid 5406] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5406] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5406] chdir("./file0") = 0
[pid 5406] ioctl(4, LOOP_CLR_FD) = 0
[pid 5406] close(4) = 0
[pid 5406] exit_group(0) = ?
[pid 5406] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5406, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./164", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./164", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./164/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./164/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./164/binderfs") = 0
umount2("./164/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./164/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./164/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./164/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./164/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./164/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./164") = 0
mkdir("./165", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5408
./strace-static-x86_64: Process 5408 attached
[pid 5408] chdir("./165") = 0
[pid 5408] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5408] setpgid(0, 0) = 0
[pid 5408] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5408] write(3, "1000", 4) = 4
[pid 5408] close(3) = 0
[pid 5408] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5408] memfd_create("syzkaller", 0) = 3
[pid 5408] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5408] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5408] munmap(0x7fe0539f9000, 262144) = 0
[pid 5408] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 68.652864][ T5406] loop0: detected capacity change from 0 to 512
[ 68.657310][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 68.672053][ T5406] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.681341][ T5406] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5408] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5408] close(3) = 0
[pid 5408] mkdir("./file0", 0777) = 0
[pid 5408] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5408] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5408] chdir("./file0") = 0
[pid 5408] ioctl(4, LOOP_CLR_FD) = 0
[pid 5408] close(4) = 0
[pid 5408] exit_group(0) = ?
[pid 5408] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5408, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
umount2("./165", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./165", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./165/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./165/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./165/binderfs") = 0
umount2("./165/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./165/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./165/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./165/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./165/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./165/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./165") = 0
mkdir("./166", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5410
./strace-static-x86_64: Process 5410 attached
[pid 5410] chdir("./166") = 0
[pid 5410] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5410] setpgid(0, 0) = 0
[pid 5410] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5410] write(3, "1000", 4) = 4
[pid 5410] close(3) = 0
[ 68.716903][ T5408] loop0: detected capacity change from 0 to 512
[ 68.727485][ T5408] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.735801][ T5408] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5410] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5410] memfd_create("syzkaller", 0) = 3
[pid 5410] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5410] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5410] munmap(0x7fe0539f9000, 262144) = 0
[pid 5410] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5410] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5410] close(3) = 0
[pid 5410] mkdir("./file0", 0777) = 0
[pid 5410] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5410] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5410] chdir("./file0") = 0
[pid 5410] ioctl(4, LOOP_CLR_FD) = 0
[pid 5410] close(4) = 0
[pid 5410] exit_group(0) = ?
[pid 5410] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5410, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./166", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./166", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./166/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./166/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./166/binderfs") = 0
umount2("./166/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./166/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./166/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./166/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./166/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./166/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./166") = 0
mkdir("./167", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5412
./strace-static-x86_64: Process 5412 attached
[pid 5412] chdir("./167") = 0
[pid 5412] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5412] setpgid(0, 0) = 0
[pid 5412] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5412] write(3, "1000", 4) = 4
[pid 5412] close(3) = 0
[pid 5412] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5412] memfd_create("syzkaller", 0) = 3
[pid 5412] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5412] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5412] munmap(0x7fe0539f9000, 262144) = 0
[pid 5412] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 68.787596][ T5410] loop0: detected capacity change from 0 to 512
[ 68.798533][ T5410] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.808590][ T5410] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5412] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5412] close(3) = 0
[pid 5412] mkdir("./file0", 0777) = 0
[pid 5412] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5412] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5412] chdir("./file0") = 0
[pid 5412] ioctl(4, LOOP_CLR_FD) = 0
[pid 5412] close(4) = 0
[pid 5412] exit_group(0) = ?
[pid 5412] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5412, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./167", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./167", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./167/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./167/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./167/binderfs") = 0
umount2("./167/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./167/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./167/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./167/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./167/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./167/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./167") = 0
mkdir("./168", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5414
./strace-static-x86_64: Process 5414 attached
[pid 5414] chdir("./168") = 0
[pid 5414] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5414] setpgid(0, 0) = 0
[pid 5414] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5414] write(3, "1000", 4) = 4
[pid 5414] close(3) = 0
[pid 5414] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5414] memfd_create("syzkaller", 0) = 3
[pid 5414] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5414] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5414] munmap(0x7fe0539f9000, 262144) = 0
[pid 5414] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 68.856802][ T5412] loop0: detected capacity change from 0 to 512
[ 68.866656][ T5412] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.875476][ T5412] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5414] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5414] close(3) = 0
[pid 5414] mkdir("./file0", 0777) = 0
[pid 5414] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5414] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5414] chdir("./file0") = 0
[pid 5414] ioctl(4, LOOP_CLR_FD) = 0
[pid 5414] close(4) = 0
[pid 5414] exit_group(0) = ?
[ 68.915258][ T5414] loop0: detected capacity change from 0 to 512
[ 68.924865][ T5414] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.933374][ T5414] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5414] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5414, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./168", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./168", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./168/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./168/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./168/binderfs") = 0
umount2("./168/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./168/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./168/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./168/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./168/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./168/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./168") = 0
mkdir("./169", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5416 attached
[pid 5416] chdir("./169") = 0
[pid 5416] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5416] setpgid(0, 0) = 0
[pid 5074] <... clone resumed>, child_tidptr=0x5555564115d0) = 5416
[pid 5416] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5416] write(3, "1000", 4) = 4
[pid 5416] close(3) = 0
[pid 5416] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5416] memfd_create("syzkaller", 0) = 3
[pid 5416] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5416] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5416] munmap(0x7fe0539f9000, 262144) = 0
[pid 5416] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5416] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5416] close(3) = 0
[pid 5416] mkdir("./file0", 0777) = 0
[pid 5416] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5416] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5416] chdir("./file0") = 0
[pid 5416] ioctl(4, LOOP_CLR_FD) = 0
[pid 5416] close(4) = 0
[pid 5416] exit_group(0) = ?
[pid 5416] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5416, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./169", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./169", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./169/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./169/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./169/binderfs") = 0
umount2("./169/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./169/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./169/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./169/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./169/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./169/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./169") = 0
mkdir("./170", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5418
./strace-static-x86_64: Process 5418 attached
[pid 5418] chdir("./170") = 0
[pid 5418] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5418] setpgid(0, 0) = 0
[pid 5418] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5418] write(3, "1000", 4) = 4
[pid 5418] close(3) = 0
[pid 5418] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5418] memfd_create("syzkaller", 0) = 3
[pid 5418] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5418] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5418] munmap(0x7fe0539f9000, 262144) = 0
[pid 5418] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 69.013716][ T5416] loop0: detected capacity change from 0 to 512
[ 69.024447][ T5416] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 69.033435][ T5416] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5418] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5418] close(3) = 0
[pid 5418] mkdir("./file0", 0777) = 0
[pid 5418] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5418] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5418] chdir("./file0") = 0
[pid 5418] ioctl(4, LOOP_CLR_FD) = 0
[pid 5418] close(4) = 0
[pid 5418] exit_group(0) = ?
[pid 5418] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5418, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
umount2("./170", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./170", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./170/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./170/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./170/binderfs") = 0
umount2("./170/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./170/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./170/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./170/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./170/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./170/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./170") = 0
mkdir("./171", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5420
./strace-static-x86_64: Process 5420 attached
[pid 5420] chdir("./171") = 0
[pid 5420] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5420] setpgid(0, 0) = 0
[pid 5420] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[ 69.078191][ T5418] loop0: detected capacity change from 0 to 512
[ 69.087784][ T5418] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 69.097034][ T5418] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5420] write(3, "1000", 4) = 4
[pid 5420] close(3) = 0
[pid 5420] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5420] memfd_create("syzkaller", 0) = 3
[pid 5420] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5420] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5420] munmap(0x7fe0539f9000, 262144) = 0
[pid 5420] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5420] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5420] close(3) = 0
[pid 5420] mkdir("./file0", 0777) = 0
[pid 5420] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5420] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5420] chdir("./file0") = 0
[pid 5420] ioctl(4, LOOP_CLR_FD) = 0
[pid 5420] close(4) = 0
[pid 5420] exit_group(0) = ?
[pid 5420] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5420, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./171", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./171", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./171/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./171/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./171/binderfs") = 0
umount2("./171/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./171/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./171/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./171/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./171/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./171/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./171") = 0
mkdir("./172", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5422
./strace-static-x86_64: Process 5422 attached
[pid 5422] chdir("./172") = 0
[pid 5422] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5422] setpgid(0, 0) = 0
[pid 5422] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5422] write(3, "1000", 4) = 4
[pid 5422] close(3) = 0
[pid 5422] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5422] memfd_create("syzkaller", 0) = 3
[pid 5422] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5422] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5422] munmap(0x7fe0539f9000, 262144) = 0
[pid 5422] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 69.146377][ T5420] loop0: detected capacity change from 0 to 512
[ 69.156560][ T5420] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 69.165402][ T5420] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5422] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5422] close(3) = 0
[pid 5422] mkdir("./file0", 0777) = 0
[pid 5422] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5422] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5422] chdir("./file0") = 0
[pid 5422] ioctl(4, LOOP_CLR_FD) = 0
[pid 5422] close(4) = 0
[pid 5422] exit_group(0) = ?
[pid 5422] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5422, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./172", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./172", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./172/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./172/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./172/binderfs") = 0
[ 69.201773][ T5422] loop0: detected capacity change from 0 to 512
[ 69.211909][ T5422] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 69.220895][ T5422] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./172/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./172/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./172/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./172/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./172/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./172/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./172") = 0
mkdir("./173", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5424
./strace-static-x86_64: Process 5424 attached
[pid 5424] chdir("./173") = 0
[pid 5424] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5424] setpgid(0, 0) = 0
[pid 5424] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5424] write(3, "1000", 4) = 4
[pid 5424] close(3) = 0
[pid 5424] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5424] memfd_create("syzkaller", 0) = 3
[pid 5424] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5424] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5424] munmap(0x7fe0539f9000, 262144) = 0
[pid 5424] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5424] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5424] close(3) = 0
[pid 5424] mkdir("./file0", 0777) = 0
[pid 5424] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5424] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5424] chdir("./file0") = 0
[pid 5424] ioctl(4, LOOP_CLR_FD) = 0
[pid 5424] close(4) = 0
[pid 5424] exit_group(0) = ?
[pid 5424] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5424, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./173", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./173", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./173/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./173/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./173/binderfs") = 0
umount2("./173/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./173/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./173/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./173/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./173/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./173/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./173") = 0
mkdir("./174", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5426
./strace-static-x86_64: Process 5426 attached
[pid 5426] chdir("./174") = 0
[pid 5426] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5426] setpgid(0, 0) = 0
[pid 5426] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5426] write(3, "1000", 4) = 4
[pid 5426] close(3) = 0
[pid 5426] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5426] memfd_create("syzkaller", 0) = 3
[pid 5426] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5426] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5426] munmap(0x7fe0539f9000, 262144) = 0
[pid 5426] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 69.276664][ T5424] loop0: detected capacity change from 0 to 512
[ 69.279373][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 69.295458][ T5424] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 69.304774][ T5424] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5426] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5426] close(3) = 0
[pid 5426] mkdir("./file0", 0777) = 0
[pid 5426] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5426] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5426] chdir("./file0") = 0
[pid 5426] ioctl(4, LOOP_CLR_FD) = 0
[pid 5426] close(4) = 0
[pid 5426] exit_group(0) = ?
[pid 5426] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5426, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./174", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./174", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./174/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./174/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./174/binderfs") = 0
umount2("./174/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./174/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./174/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./174/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./174/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./174/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./174") = 0
mkdir("./175", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5428
./strace-static-x86_64: Process 5428 attached
[pid 5428] chdir("./175") = 0
[pid 5428] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5428] setpgid(0, 0) = 0
[pid 5428] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5428] write(3, "1000", 4) = 4
[pid 5428] close(3) = 0
[pid 5428] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5428] memfd_create("syzkaller", 0) = 3
[ 69.342769][ T5426] loop0: detected capacity change from 0 to 512
[ 69.352198][ T5426] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 69.361510][ T5426] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5428] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5428] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5428] munmap(0x7fe0539f9000, 262144) = 0
[pid 5428] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5428] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5428] close(3) = 0
[pid 5428] mkdir("./file0", 0777) = 0
[pid 5428] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5428] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5428] chdir("./file0") = 0
[pid 5428] ioctl(4, LOOP_CLR_FD) = 0
[pid 5428] close(4) = 0
[pid 5428] exit_group(0) = ?
[pid 5428] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5428, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./175", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./175", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./175/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./175/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./175/binderfs") = 0
umount2("./175/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./175/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./175/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./175/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./175/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./175/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./175") = 0
mkdir("./176", 0777) = 0
[ 69.412699][ T5428] loop0: detected capacity change from 0 to 512
[ 69.422868][ T5428] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 69.431448][ T5428] EXT4-fs (loop0): 1 truncate cleaned up
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5430
./strace-static-x86_64: Process 5430 attached
[pid 5430] chdir("./176") = 0
[pid 5430] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5430] setpgid(0, 0) = 0
[pid 5430] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5430] write(3, "1000", 4) = 4
[pid 5430] close(3) = 0
[pid 5430] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5430] memfd_create("syzkaller", 0) = 3
[pid 5430] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5430] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5430] munmap(0x7fe0539f9000, 262144) = 0
[pid 5430] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5430] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5430] close(3) = 0
[pid 5430] mkdir("./file0", 0777) = 0
[pid 5430] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5430] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5430] chdir("./file0") = 0
[pid 5430] ioctl(4, LOOP_CLR_FD) = 0
[pid 5430] close(4) = 0
[pid 5430] exit_group(0) = ?
[pid 5430] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5430, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./176", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./176", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./176/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./176/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./176/binderfs") = 0
[ 69.483226][ T5430] loop0: detected capacity change from 0 to 512
[ 69.484154][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 69.502118][ T5430] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 69.510991][ T5430] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./176/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./176/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./176/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./176/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./176/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./176/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./176") = 0
mkdir("./177", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5432
./strace-static-x86_64: Process 5432 attached
[pid 5432] chdir("./177") = 0
[pid 5432] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5432] setpgid(0, 0) = 0
[pid 5432] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5432] write(3, "1000", 4) = 4
[pid 5432] close(3) = 0
[pid 5432] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5432] memfd_create("syzkaller", 0) = 3
[pid 5432] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5432] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5432] munmap(0x7fe0539f9000, 262144) = 0
[pid 5432] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5432] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5432] close(3) = 0
[pid 5432] mkdir("./file0", 0777) = 0
[pid 5432] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5432] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5432] chdir("./file0") = 0
[pid 5432] ioctl(4, LOOP_CLR_FD) = 0
[pid 5432] close(4) = 0
[pid 5432] exit_group(0) = ?
[pid 5432] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5432, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./177", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./177", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./177/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./177/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./177/binderfs") = 0
umount2("./177/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./177/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./177/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./177/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./177/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./177/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./177") = 0
mkdir("./178", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5434
./strace-static-x86_64: Process 5434 attached
[pid 5434] chdir("./178") = 0
[pid 5434] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5434] setpgid(0, 0) = 0
[pid 5434] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5434] write(3, "1000", 4) = 4
[pid 5434] close(3) = 0
[pid 5434] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5434] memfd_create("syzkaller", 0) = 3
[pid 5434] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[ 69.578853][ T5432] loop0: detected capacity change from 0 to 512
[ 69.588888][ T5432] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 69.597816][ T5432] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5434] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5434] munmap(0x7fe0539f9000, 262144) = 0
[pid 5434] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5434] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5434] close(3) = 0
[pid 5434] mkdir("./file0", 0777) = 0
[pid 5434] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5434] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5434] chdir("./file0") = 0
[pid 5434] ioctl(4, LOOP_CLR_FD) = 0
[pid 5434] close(4) = 0
[pid 5434] exit_group(0) = ?
[pid 5434] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5434, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./178", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./178", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./178/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./178/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./178/binderfs") = 0
umount2("./178/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./178/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./178/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./178/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./178/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./178/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./178") = 0
mkdir("./179", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5436
./strace-static-x86_64: Process 5436 attached
[pid 5436] chdir("./179") = 0
[pid 5436] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5436] setpgid(0, 0) = 0
[pid 5436] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5436] write(3, "1000", 4) = 4
[pid 5436] close(3) = 0
[pid 5436] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5436] memfd_create("syzkaller", 0) = 3
[pid 5436] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5436] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5436] munmap(0x7fe0539f9000, 262144) = 0
[pid 5436] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 69.643871][ T5434] loop0: detected capacity change from 0 to 512
[ 69.655389][ T5434] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 69.664697][ T5434] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5436] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5436] close(3) = 0
[pid 5436] mkdir("./file0", 0777) = 0
[pid 5436] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5436] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5436] chdir("./file0") = 0
[pid 5436] ioctl(4, LOOP_CLR_FD) = 0
[pid 5436] close(4) = 0
[pid 5436] exit_group(0) = ?
[pid 5436] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5436, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./179", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./179", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./179/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./179/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./179/binderfs") = 0
umount2("./179/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./179/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./179/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./179/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./179/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./179/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./179") = 0
mkdir("./180", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5438
./strace-static-x86_64: Process 5438 attached
[pid 5438] chdir("./180") = 0
[pid 5438] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5438] setpgid(0, 0) = 0
[pid 5438] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5438] write(3, "1000", 4) = 4
[pid 5438] close(3) = 0
[pid 5438] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5438] memfd_create("syzkaller", 0) = 3
[pid 5438] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5438] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5438] munmap(0x7fe0539f9000, 262144) = 0
[pid 5438] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 69.703369][ T5436] loop0: detected capacity change from 0 to 512
[ 69.713001][ T5436] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 69.722096][ T5436] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5438] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5438] close(3) = 0
[pid 5438] mkdir("./file0", 0777) = 0
[pid 5438] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5438] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5438] chdir("./file0") = 0
[pid 5438] ioctl(4, LOOP_CLR_FD) = 0
[pid 5438] close(4) = 0
[pid 5438] exit_group(0) = ?
[pid 5438] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5438, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./180", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./180", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./180/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./180/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[ 69.763261][ T5438] loop0: detected capacity change from 0 to 512
[ 69.773444][ T5438] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 69.782153][ T5438] EXT4-fs (loop0): 1 truncate cleaned up
unlink("./180/binderfs") = 0
umount2("./180/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./180/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./180/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./180/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./180/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./180/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./180") = 0
mkdir("./181", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5440 attached
, child_tidptr=0x5555564115d0) = 5440
[pid 5440] chdir("./181") = 0
[pid 5440] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5440] setpgid(0, 0) = 0
[pid 5440] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5440] write(3, "1000", 4) = 4
[pid 5440] close(3) = 0
[pid 5440] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5440] memfd_create("syzkaller", 0) = 3
[pid 5440] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5440] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5440] munmap(0x7fe0539f9000, 262144) = 0
[pid 5440] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5440] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5440] close(3) = 0
[pid 5440] mkdir("./file0", 0777) = 0
[pid 5440] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, ",errors=continue") = 0
[pid 5440] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5440] chdir("./file0") = 0
[pid 5440] ioctl(4, LOOP_CLR_FD) = 0
[pid 5440] close(4) = 0
[pid 5440] exit_group(0) = ?
[pid 5440] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5440, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./181", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./181", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556412620 /* 4 entries */, 32768) = 112
umount2("./181/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./181/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./181/binderfs") = 0
umount2("./181/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./181/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./181/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./181/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./181/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555641a660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555641a660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./181/file0") = 0
getdents64(3, 0x555556412620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./181") = 0
mkdir("./182", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
[ 69.858128][ T5440] loop0: detected capacity change from 0 to 512
[ 69.869151][ T5440] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 69.878265][ T5440] EXT4-fs (loop0): 1 truncate cleaned up
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555564115d0) = 5442
./strace-static-x86_64: Process 5442 attached
[pid 5442] chdir("./182") = 0
[pid 5442] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5442] setpgid(0, 0) = 0
[pid 5442] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5442] write(3, "1000", 4) = 4
[pid 5442] close(3) = 0
[pid 5442] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5442] memfd_create("syzkaller", 0) = 3
[pid 5442] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe0539f9000
[pid 5442] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5442] munmap(0x7fe0539f9000, 262144) = 0