./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3391526023
<...>
forked to background, child pid 4654
no interfaces have a carrier
[ 21.799797][ T4655] 8021q: adding VLAN 0 to HW filter on device bond0
[ 21.810161][ T4655] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.0.133' (ECDSA) to the list of known hosts.
execve("./syz-executor3391526023", ["./syz-executor3391526023"], 0x7fff2345b900 /* 10 vars */) = 0
brk(NULL) = 0x555555bf8000
brk(0x555555bf8c40) = 0x555555bf8c40
arch_prctl(ARCH_SET_FS, 0x555555bf8300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor3391526023", 4096) = 28
brk(0x555555c19c40) = 0x555555c19c40
brk(0x555555c1a000) = 0x555555c1a000
mprotect(0x7fa92e00c000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
getpid() = 5075
mkdir("./syzkaller.tXB7uW", 0700) = 0
chmod("./syzkaller.tXB7uW", 0777) = 0
chdir("./syzkaller.tXB7uW") = 0
mkdir("./0", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5077
./strace-static-x86_64: Process 5077 attached
[pid 5077] chdir("./0") = 0
[pid 5077] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5077] setpgid(0, 0) = 0
[pid 5077] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5077] write(3, "1000", 4) = 4
[pid 5077] close(3) = 0
[pid 5077] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5077] memfd_create("syzkaller", 0) = 3
[pid 5077] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5077] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5077] munmap(0x7fa925b50000, 262144) = 0
[pid 5077] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5077] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5077] close(3) = 0
[pid 5077] mkdir("./file0", 0777) = 0
syzkaller login: [ 42.822636][ T5077] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5077 'syz-executor339'
[ 42.837904][ T5077] loop0: detected capacity change from 0 to 512
[ 42.847058][ T5077] =======================================================
[ 42.847058][ T5077] WARNING: The mand mount option has been deprecated and
[ 42.847058][ T5077] and is ignored by this kernel. Remove the mand
[ 42.847058][ T5077] option from the mount to silence this warning.
[ 42.847058][ T5077] =======================================================
[ 42.882356][ T5077] EXT4-fs: Ignoring removed oldalloc option
[ 42.890191][ T5077] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 42.901004][ T5077] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 42.914884][ T5077] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5077] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5077] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5077] chdir("./file0") = 0
[pid 5077] ioctl(4, LOOP_CLR_FD) = 0
[pid 5077] close(4) = 0
[pid 5077] exit_group(0) = ?
[pid 5077] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5077, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./0/binderfs") = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./0/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./0") = 0
mkdir("./1", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5079
./strace-static-x86_64: Process 5079 attached
[pid 5079] chdir("./1") = 0
[pid 5079] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5079] setpgid(0, 0) = 0
[pid 5079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5079] write(3, "1000", 4) = 4
[pid 5079] close(3) = 0
[pid 5079] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5079] memfd_create("syzkaller", 0) = 3
[pid 5079] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5079] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5079] munmap(0x7fa925b50000, 262144) = 0
[pid 5079] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 42.940048][ T5077] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 42.973259][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5079] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5079] close(3) = 0
[pid 5079] mkdir("./file0", 0777) = 0
[ 43.006300][ T5079] loop0: detected capacity change from 0 to 512
[ 43.015196][ T5079] EXT4-fs: Ignoring removed oldalloc option
[ 43.022198][ T5079] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 43.032388][ T5079] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 43.042182][ T5079] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5079] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5079] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5079] chdir("./file0") = 0
[pid 5079] ioctl(4, LOOP_CLR_FD) = 0
[pid 5079] close(4) = 0
[pid 5079] exit_group(0) = ?
[pid 5079] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5079, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./1/binderfs") = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./1/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./1") = 0
mkdir("./2", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5081
./strace-static-x86_64: Process 5081 attached
[pid 5081] chdir("./2") = 0
[pid 5081] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5081] setpgid(0, 0) = 0
[pid 5081] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5081] write(3, "1000", 4) = 4
[pid 5081] close(3) = 0
[pid 5081] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5081] memfd_create("syzkaller", 0) = 3
[pid 5081] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5081] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5081] munmap(0x7fa925b50000, 262144) = 0
[pid 5081] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 43.089423][ T5079] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 43.120505][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5081] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5081] close(3) = 0
[pid 5081] mkdir("./file0", 0777) = 0
[ 43.163184][ T5081] loop0: detected capacity change from 0 to 512
[ 43.172648][ T5081] EXT4-fs: Ignoring removed oldalloc option
[ 43.179409][ T5081] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 43.189596][ T5081] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 43.199328][ T5081] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5081] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5081] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5081] chdir("./file0") = 0
[pid 5081] ioctl(4, LOOP_CLR_FD) = 0
[pid 5081] close(4) = 0
[pid 5081] exit_group(0) = ?
[pid 5081] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5081, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./2/binderfs") = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./2/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./2") = 0
mkdir("./3", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5083
./strace-static-x86_64: Process 5083 attached
[pid 5083] chdir("./3") = 0
[pid 5083] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5083] setpgid(0, 0) = 0
[pid 5083] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5083] write(3, "1000", 4) = 4
[pid 5083] close(3) = 0
[pid 5083] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5083] memfd_create("syzkaller", 0) = 3
[pid 5083] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[ 43.229407][ T5081] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 43.252202][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5083] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5083] munmap(0x7fa925b50000, 262144) = 0
[pid 5083] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5083] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5083] close(3) = 0
[pid 5083] mkdir("./file0", 0777) = 0
[ 43.282619][ T5083] loop0: detected capacity change from 0 to 512
[ 43.285624][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 43.291078][ T5083] EXT4-fs: Ignoring removed oldalloc option
[ 43.305995][ T5083] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 43.316261][ T5083] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 43.326150][ T5083] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5083] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5083] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5083] chdir("./file0") = 0
[pid 5083] ioctl(4, LOOP_CLR_FD) = 0
[pid 5083] close(4) = 0
[pid 5083] exit_group(0) = ?
[pid 5083] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5083, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./3/binderfs") = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./3/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./3") = 0
mkdir("./4", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5085
./strace-static-x86_64: Process 5085 attached
[pid 5085] chdir("./4") = 0
[pid 5085] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5085] setpgid(0, 0) = 0
[pid 5085] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5085] write(3, "1000", 4) = 4
[pid 5085] close(3) = 0
[pid 5085] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5085] memfd_create("syzkaller", 0) = 3
[pid 5085] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5085] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5085] munmap(0x7fa925b50000, 262144) = 0
[pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 43.339867][ T5083] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 43.368877][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5085] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5085] close(3) = 0
[pid 5085] mkdir("./file0", 0777) = 0
[ 43.395775][ T5085] loop0: detected capacity change from 0 to 512
[ 43.397012][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 43.404341][ T5085] EXT4-fs: Ignoring removed oldalloc option
[ 43.420175][ T5085] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 43.430219][ T5085] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 43.441356][ T5085] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5085] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5085] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5085] chdir("./file0") = 0
[pid 5085] ioctl(4, LOOP_CLR_FD) = 0
[pid 5085] close(4) = 0
[pid 5085] exit_group(0) = ?
[pid 5085] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5085, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./4/binderfs") = 0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./4/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./4") = 0
mkdir("./5", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5087
./strace-static-x86_64: Process 5087 attached
[pid 5087] chdir("./5") = 0
[pid 5087] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5087] setpgid(0, 0) = 0
[pid 5087] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5087] write(3, "1000", 4) = 4
[pid 5087] close(3) = 0
[pid 5087] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5087] memfd_create("syzkaller", 0) = 3
[pid 5087] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5087] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5087] munmap(0x7fa925b50000, 262144) = 0
[pid 5087] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 43.469610][ T5085] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 43.498398][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5087] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5087] close(3) = 0
[pid 5087] mkdir("./file0", 0777) = 0
[ 43.540188][ T5087] loop0: detected capacity change from 0 to 512
[ 43.549092][ T5087] EXT4-fs: Ignoring removed oldalloc option
[ 43.556373][ T5087] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 43.566415][ T5087] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 43.576876][ T5087] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5087] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5087] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5087] chdir("./file0") = 0
[pid 5087] ioctl(4, LOOP_CLR_FD) = 0
[pid 5087] close(4) = 0
[pid 5087] exit_group(0) = ?
[pid 5087] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5087, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./5/binderfs") = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./5/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./5") = 0
mkdir("./6", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5089
./strace-static-x86_64: Process 5089 attached
[pid 5089] chdir("./6") = 0
[pid 5089] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5089] setpgid(0, 0) = 0
[pid 5089] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5089] write(3, "1000", 4) = 4
[pid 5089] close(3) = 0
[pid 5089] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5089] memfd_create("syzkaller", 0) = 3
[pid 5089] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5089] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5089] munmap(0x7fa925b50000, 262144) = 0
[pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 43.589529][ T5087] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 43.620675][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5089] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5089] close(3) = 0
[pid 5089] mkdir("./file0", 0777) = 0
[ 43.663955][ T5089] loop0: detected capacity change from 0 to 512
[ 43.672673][ T5089] EXT4-fs: Ignoring removed oldalloc option
[ 43.679219][ T5089] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 43.689718][ T5089] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 43.699490][ T5089] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5089] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5089] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5089] chdir("./file0") = 0
[pid 5089] ioctl(4, LOOP_CLR_FD) = 0
[pid 5089] close(4) = 0
[pid 5089] exit_group(0) = ?
[pid 5089] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5089, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./6/binderfs") = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./6/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./6") = 0
mkdir("./7", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5091
./strace-static-x86_64: Process 5091 attached
[pid 5091] chdir("./7") = 0
[pid 5091] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5091] setpgid(0, 0) = 0
[pid 5091] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5091] write(3, "1000", 4) = 4
[pid 5091] close(3) = 0
[pid 5091] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5091] memfd_create("syzkaller", 0) = 3
[pid 5091] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5091] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5091] munmap(0x7fa925b50000, 262144) = 0
[pid 5091] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 43.729979][ T5089] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 43.750170][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5091] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5091] close(3) = 0
[pid 5091] mkdir("./file0", 0777) = 0
[ 43.793105][ T5091] loop0: detected capacity change from 0 to 512
[ 43.801730][ T5091] EXT4-fs: Ignoring removed oldalloc option
[ 43.808269][ T5091] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 43.818965][ T5091] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 43.828693][ T5091] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5091] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5091] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5091] chdir("./file0") = 0
[pid 5091] ioctl(4, LOOP_CLR_FD) = 0
[pid 5091] close(4) = 0
[pid 5091] exit_group(0) = ?
[pid 5091] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5091, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./7/binderfs") = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./7/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./7") = 0
mkdir("./8", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5093
./strace-static-x86_64: Process 5093 attached
[pid 5093] chdir("./8") = 0
[pid 5093] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5093] setpgid(0, 0) = 0
[pid 5093] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5093] write(3, "1000", 4) = 4
[pid 5093] close(3) = 0
[pid 5093] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5093] memfd_create("syzkaller", 0) = 3
[pid 5093] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5093] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5093] munmap(0x7fa925b50000, 262144) = 0
[pid 5093] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 43.859366][ T5091] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 43.889622][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5093] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5093] close(3) = 0
[pid 5093] mkdir("./file0", 0777) = 0
[ 43.927546][ T5093] loop0: detected capacity change from 0 to 512
[ 43.936986][ T5093] EXT4-fs: Ignoring removed oldalloc option
[ 43.944548][ T5093] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 43.955177][ T5093] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 43.965254][ T5093] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5093] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5093] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5093] chdir("./file0") = 0
[pid 5093] ioctl(4, LOOP_CLR_FD) = 0
[pid 5093] close(4) = 0
[pid 5093] exit_group(0) = ?
[pid 5093] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5093, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./8/binderfs") = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./8/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./8") = 0
mkdir("./9", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5095
./strace-static-x86_64: Process 5095 attached
[pid 5095] chdir("./9") = 0
[pid 5095] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5095] setpgid(0, 0) = 0
[pid 5095] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5095] write(3, "1000", 4) = 4
[pid 5095] close(3) = 0
[pid 5095] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5095] memfd_create("syzkaller", 0) = 3
[pid 5095] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5095] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5095] munmap(0x7fa925b50000, 262144) = 0
[pid 5095] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 43.989478][ T5093] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 44.018538][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5095] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5095] close(3) = 0
[pid 5095] mkdir("./file0", 0777) = 0
[ 44.047959][ T5095] loop0: detected capacity change from 0 to 512
[ 44.051201][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 44.056535][ T5095] EXT4-fs: Ignoring removed oldalloc option
[ 44.071400][ T5095] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 44.081438][ T5095] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 44.092533][ T5095] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5095] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5095] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5095] chdir("./file0") = 0
[pid 5095] ioctl(4, LOOP_CLR_FD) = 0
[pid 5095] close(4) = 0
[pid 5095] exit_group(0) = ?
[pid 5095] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5095, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./9/binderfs") = 0
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./9/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./9") = 0
mkdir("./10", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5097
./strace-static-x86_64: Process 5097 attached
[pid 5097] chdir("./10") = 0
[pid 5097] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5097] setpgid(0, 0) = 0
[pid 5097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5097] write(3, "1000", 4) = 4
[pid 5097] close(3) = 0
[pid 5097] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5097] memfd_create("syzkaller", 0) = 3
[pid 5097] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5097] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5097] munmap(0x7fa925b50000, 262144) = 0
[pid 5097] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 44.119611][ T5095] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 44.151658][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5097] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5097] close(3) = 0
[pid 5097] mkdir("./file0", 0777) = 0
[ 44.180137][ T5097] loop0: detected capacity change from 0 to 512
[ 44.185036][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 44.188238][ T5097] EXT4-fs: Ignoring removed oldalloc option
[ 44.204538][ T5097] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 44.217308][ T5097] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 44.227074][ T5097] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5097] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5097] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5097] chdir("./file0") = 0
[pid 5097] ioctl(4, LOOP_CLR_FD) = 0
[pid 5097] close(4) = 0
[pid 5097] exit_group(0) = ?
[pid 5097] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5097, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./10/binderfs") = 0
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./10/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./10") = 0
mkdir("./11", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5099
./strace-static-x86_64: Process 5099 attached
[pid 5099] chdir("./11") = 0
[pid 5099] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5099] setpgid(0, 0) = 0
[pid 5099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5099] write(3, "1000", 4) = 4
[pid 5099] close(3) = 0
[pid 5099] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5099] memfd_create("syzkaller", 0) = 3
[pid 5099] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5099] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5099] munmap(0x7fa925b50000, 262144) = 0
[pid 5099] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 44.269396][ T5097] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 44.307782][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5099] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5099] close(3) = 0
[pid 5099] mkdir("./file0", 0777) = 0
[ 44.335767][ T5099] loop0: detected capacity change from 0 to 512
[ 44.344162][ T5099] EXT4-fs: Ignoring removed oldalloc option
[ 44.351463][ T5099] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 44.361359][ T5099] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 44.371780][ T5099] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5099] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5099] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5099] chdir("./file0") = 0
[pid 5099] ioctl(4, LOOP_CLR_FD) = 0
[pid 5099] close(4) = 0
[pid 5099] exit_group(0) = ?
[pid 5099] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5099, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./11/binderfs") = 0
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./11/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./11") = 0
mkdir("./12", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5101 attached
, child_tidptr=0x555555bf85d0) = 5101
[pid 5101] chdir("./12") = 0
[pid 5101] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5101] setpgid(0, 0) = 0
[pid 5101] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5101] write(3, "1000", 4) = 4
[pid 5101] close(3) = 0
[pid 5101] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5101] memfd_create("syzkaller", 0) = 3
[pid 5101] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5101] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5101] munmap(0x7fa925b50000, 262144) = 0
[pid 5101] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 44.399799][ T5099] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 44.431269][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5101] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5101] close(3) = 0
[pid 5101] mkdir("./file0", 0777) = 0
[ 44.477779][ T5101] loop0: detected capacity change from 0 to 512
[ 44.487343][ T5101] EXT4-fs: Ignoring removed oldalloc option
[ 44.493959][ T5101] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 44.503995][ T5101] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 44.513928][ T5101] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5101] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5101] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5101] chdir("./file0") = 0
[pid 5101] ioctl(4, LOOP_CLR_FD) = 0
[pid 5101] close(4) = 0
[pid 5101] exit_group(0) = ?
[pid 5101] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5101, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./12/binderfs") = 0
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./12/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./12") = 0
mkdir("./13", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5103
./strace-static-x86_64: Process 5103 attached
[pid 5103] chdir("./13") = 0
[pid 5103] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5103] setpgid(0, 0) = 0
[pid 5103] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5103] write(3, "1000", 4) = 4
[pid 5103] close(3) = 0
[pid 5103] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5103] memfd_create("syzkaller", 0) = 3
[pid 5103] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5103] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5103] munmap(0x7fa925b50000, 262144) = 0
[pid 5103] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 44.539594][ T5101] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 44.559934][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5103] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5103] close(3) = 0
[pid 5103] mkdir("./file0", 0777) = 0
[ 44.610297][ T5103] loop0: detected capacity change from 0 to 512
[ 44.618882][ T5103] EXT4-fs: Ignoring removed oldalloc option
[ 44.625855][ T5103] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 44.635667][ T5103] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 44.645491][ T5103] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5103] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5103] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5103] chdir("./file0") = 0
[pid 5103] ioctl(4, LOOP_CLR_FD) = 0
[pid 5103] close(4) = 0
[pid 5103] exit_group(0) = ?
[pid 5103] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5103, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./13/binderfs") = 0
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./13/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./13") = 0
mkdir("./14", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5105 attached
, child_tidptr=0x555555bf85d0) = 5105
[pid 5105] chdir("./14") = 0
[pid 5105] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5105] setpgid(0, 0) = 0
[pid 5105] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5105] write(3, "1000", 4) = 4
[pid 5105] close(3) = 0
[pid 5105] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5105] memfd_create("syzkaller", 0) = 3
[pid 5105] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5105] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5105] munmap(0x7fa925b50000, 262144) = 0
[pid 5105] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 44.669393][ T5103] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 44.700122][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5105] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5105] close(3) = 0
[pid 5105] mkdir("./file0", 0777) = 0
[ 44.739400][ T5105] loop0: detected capacity change from 0 to 512
[ 44.748229][ T5105] EXT4-fs: Ignoring removed oldalloc option
[ 44.755595][ T5105] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 44.767070][ T5105] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 44.776792][ T5105] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5105] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5105] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5105] chdir("./file0") = 0
[pid 5105] ioctl(4, LOOP_CLR_FD) = 0
[pid 5105] close(4) = 0
[pid 5105] exit_group(0) = ?
[pid 5105] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5105, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./14/binderfs") = 0
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./14/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./14") = 0
mkdir("./15", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5107 attached
<unfinished ...>
[pid 5107] chdir("./15") = 0
[pid 5107] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5107] setpgid(0, 0) = 0
[pid 5107] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5107] write(3, "1000", 4) = 4
[pid 5107] close(3) = 0
[pid 5107] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5107] memfd_create("syzkaller", 0) = 3
[pid 5107] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5075] <... clone resumed>, child_tidptr=0x555555bf85d0) = 5107
[pid 5107] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5107] munmap(0x7fa925b50000, 262144) = 0
[pid 5107] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 44.789391][ T5105] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 44.820649][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5107] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5107] close(3) = 0
[pid 5107] mkdir("./file0", 0777) = 0
[ 44.863696][ T5107] loop0: detected capacity change from 0 to 512
[ 44.871829][ T5107] EXT4-fs: Ignoring removed oldalloc option
[ 44.878355][ T5107] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 44.888872][ T5107] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 44.899582][ T5107] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5107] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5107] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5107] chdir("./file0") = 0
[pid 5107] ioctl(4, LOOP_CLR_FD) = 0
[pid 5107] close(4) = 0
[pid 5107] exit_group(0) = ?
[pid 5107] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5107, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./15/binderfs") = 0
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./15/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./15") = 0
mkdir("./16", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5109
./strace-static-x86_64: Process 5109 attached
[pid 5109] chdir("./16") = 0
[pid 5109] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5109] setpgid(0, 0) = 0
[pid 5109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5109] write(3, "1000", 4) = 4
[pid 5109] close(3) = 0
[pid 5109] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5109] memfd_create("syzkaller", 0) = 3
[pid 5109] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5109] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5109] munmap(0x7fa925b50000, 262144) = 0
[pid 5109] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 44.913660][ T5107] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 44.940122][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5109] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5109] close(3) = 0
[pid 5109] mkdir("./file0", 0777) = 0
[ 44.983113][ T5109] loop0: detected capacity change from 0 to 512
[ 44.992393][ T5109] EXT4-fs: Ignoring removed oldalloc option
[ 44.999022][ T5109] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 45.009851][ T5109] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 45.019639][ T5109] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5109] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5109] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5109] chdir("./file0") = 0
[pid 5109] ioctl(4, LOOP_CLR_FD) = 0
[pid 5109] close(4) = 0
[pid 5109] exit_group(0) = ?
[pid 5109] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5109, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./16/binderfs") = 0
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./16/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./16") = 0
mkdir("./17", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5111
./strace-static-x86_64: Process 5111 attached
[pid 5111] chdir("./17") = 0
[pid 5111] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5111] setpgid(0, 0) = 0
[pid 5111] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5111] write(3, "1000", 4) = 4
[pid 5111] close(3) = 0
[pid 5111] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5111] memfd_create("syzkaller", 0) = 3
[pid 5111] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5111] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5111] munmap(0x7fa925b50000, 262144) = 0
[pid 5111] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 45.049453][ T5109] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 45.075888][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5111] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5111] close(3) = 0
[pid 5111] mkdir("./file0", 0777) = 0
[ 45.107171][ T5111] loop0: detected capacity change from 0 to 512
[ 45.116331][ T5111] EXT4-fs: Ignoring removed oldalloc option
[ 45.123454][ T5111] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 45.133928][ T5111] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 45.143537][ T5111] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5111] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5111] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5111] chdir("./file0") = 0
[pid 5111] ioctl(4, LOOP_CLR_FD) = 0
[pid 5111] close(4) = 0
[pid 5111] exit_group(0) = ?
[pid 5111] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5111, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./17/binderfs") = 0
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./17/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./17") = 0
mkdir("./18", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5113
./strace-static-x86_64: Process 5113 attached
[pid 5113] chdir("./18") = 0
[pid 5113] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5113] setpgid(0, 0) = 0
[pid 5113] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5113] write(3, "1000", 4) = 4
[pid 5113] close(3) = 0
[pid 5113] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5113] memfd_create("syzkaller", 0) = 3
[pid 5113] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5113] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5113] munmap(0x7fa925b50000, 262144) = 0
[pid 5113] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 45.169496][ T5111] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 45.202008][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5113] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5113] close(3) = 0
[pid 5113] mkdir("./file0", 0777) = 0
[ 45.235597][ T5113] loop0: detected capacity change from 0 to 512
[ 45.244376][ T5113] EXT4-fs: Ignoring removed oldalloc option
[ 45.251015][ T5113] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 45.260922][ T5113] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 45.270534][ T5113] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5113] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5113] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5113] chdir("./file0") = 0
[pid 5113] ioctl(4, LOOP_CLR_FD) = 0
[pid 5113] close(4) = 0
[pid 5113] exit_group(0) = ?
[pid 5113] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5113, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./18/binderfs") = 0
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./18/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./18") = 0
mkdir("./19", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5115 attached
, child_tidptr=0x555555bf85d0) = 5115
[pid 5115] chdir("./19") = 0
[pid 5115] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5115] setpgid(0, 0) = 0
[pid 5115] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5115] write(3, "1000", 4) = 4
[pid 5115] close(3) = 0
[pid 5115] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5115] memfd_create("syzkaller", 0) = 3
[pid 5115] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5115] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5115] munmap(0x7fa925b50000, 262144) = 0
[pid 5115] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 45.299472][ T5113] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 45.318258][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5115] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5115] close(3) = 0
[pid 5115] mkdir("./file0", 0777) = 0
[ 45.364578][ T5115] loop0: detected capacity change from 0 to 512
[ 45.373047][ T5115] EXT4-fs: Ignoring removed oldalloc option
[ 45.380472][ T5115] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 45.391028][ T5115] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 45.400700][ T5115] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5115] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5115] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5115] chdir("./file0") = 0
[pid 5115] ioctl(4, LOOP_CLR_FD) = 0
[pid 5115] close(4) = 0
[pid 5115] exit_group(0) = ?
[pid 5115] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5115, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./19/binderfs") = 0
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./19/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./19") = 0
mkdir("./20", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5117 attached
, child_tidptr=0x555555bf85d0) = 5117
[pid 5117] chdir("./20") = 0
[pid 5117] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5117] setpgid(0, 0) = 0
[pid 5117] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5117] write(3, "1000", 4) = 4
[pid 5117] close(3) = 0
[pid 5117] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5117] memfd_create("syzkaller", 0) = 3
[pid 5117] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5117] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5117] munmap(0x7fa925b50000, 262144) = 0
[pid 5117] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 45.429567][ T5115] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 45.463134][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5117] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5117] close(3) = 0
[pid 5117] mkdir("./file0", 0777) = 0
[ 45.507613][ T5117] loop0: detected capacity change from 0 to 512
[ 45.517594][ T5117] EXT4-fs: Ignoring removed oldalloc option
[ 45.524561][ T5117] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 45.534700][ T5117] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 45.543923][ T5117] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5117] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5117] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5117] chdir("./file0") = 0
[pid 5117] ioctl(4, LOOP_CLR_FD) = 0
[pid 5117] close(4) = 0
[pid 5117] exit_group(0) = ?
[pid 5117] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5117, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./20/binderfs") = 0
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./20/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./20") = 0
mkdir("./21", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5119 attached
, child_tidptr=0x555555bf85d0) = 5119
[pid 5119] chdir("./21") = 0
[pid 5119] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5119] setpgid(0, 0) = 0
[pid 5119] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5119] write(3, "1000", 4) = 4
[pid 5119] close(3) = 0
[pid 5119] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5119] memfd_create("syzkaller", 0) = 3
[pid 5119] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5119] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5119] munmap(0x7fa925b50000, 262144) = 0
[pid 5119] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 45.569614][ T5117] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 45.599360][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5119] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5119] close(3) = 0
[pid 5119] mkdir("./file0", 0777) = 0
[ 45.647139][ T5119] loop0: detected capacity change from 0 to 512
[ 45.656068][ T5119] EXT4-fs: Ignoring removed oldalloc option
[ 45.662772][ T5119] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 45.672864][ T5119] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 45.682652][ T5119] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5119] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5119] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5119] chdir("./file0") = 0
[pid 5119] ioctl(4, LOOP_CLR_FD) = 0
[pid 5119] close(4) = 0
[pid 5119] exit_group(0) = ?
[pid 5119] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5119, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./21/binderfs") = 0
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./21/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./21") = 0
mkdir("./22", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5121 attached
, child_tidptr=0x555555bf85d0) = 5121
[pid 5121] chdir("./22") = 0
[pid 5121] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5121] setpgid(0, 0) = 0
[pid 5121] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5121] write(3, "1000", 4) = 4
[pid 5121] close(3) = 0
[pid 5121] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5121] memfd_create("syzkaller", 0) = 3
[pid 5121] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5121] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5121] munmap(0x7fa925b50000, 262144) = 0
[pid 5121] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 45.709439][ T5119] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 45.741752][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5121] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5121] close(3) = 0
[pid 5121] mkdir("./file0", 0777) = 0
[ 45.782311][ T5121] loop0: detected capacity change from 0 to 512
[ 45.791109][ T5121] EXT4-fs: Ignoring removed oldalloc option
[ 45.797832][ T5121] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 45.808183][ T5121] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 45.817873][ T5121] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5121] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5121] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5121] chdir("./file0") = 0
[pid 5121] ioctl(4, LOOP_CLR_FD) = 0
[pid 5121] close(4) = 0
[pid 5121] exit_group(0) = ?
[pid 5121] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5121, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./22/binderfs") = 0
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./22/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./22") = 0
mkdir("./23", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5123
./strace-static-x86_64: Process 5123 attached
[pid 5123] chdir("./23") = 0
[pid 5123] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5123] setpgid(0, 0) = 0
[pid 5123] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5123] write(3, "1000", 4) = 4
[pid 5123] close(3) = 0
[pid 5123] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5123] memfd_create("syzkaller", 0) = 3
[pid 5123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5123] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[ 45.849416][ T5121] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 45.881990][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5123] munmap(0x7fa925b50000, 262144) = 0
[pid 5123] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5123] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5123] close(3) = 0
[pid 5123] mkdir("./file0", 0777) = 0
[ 45.932139][ T5123] loop0: detected capacity change from 0 to 512
[ 45.941379][ T5123] EXT4-fs: Ignoring removed oldalloc option
[ 45.947841][ T5123] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 45.957712][ T5123] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 45.967513][ T5123] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5123] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5123] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5123] chdir("./file0") = 0
[pid 5123] ioctl(4, LOOP_CLR_FD) = 0
[pid 5123] close(4) = 0
[pid 5123] exit_group(0) = ?
[pid 5123] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5123, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./23/binderfs") = 0
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./23/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./23") = 0
mkdir("./24", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5125
./strace-static-x86_64: Process 5125 attached
[pid 5125] chdir("./24") = 0
[pid 5125] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5125] setpgid(0, 0) = 0
[pid 5125] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5125] write(3, "1000", 4) = 4
[pid 5125] close(3) = 0
[pid 5125] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5125] memfd_create("syzkaller", 0) = 3
[pid 5125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5125] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5125] munmap(0x7fa925b50000, 262144) = 0
[pid 5125] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 45.999421][ T5123] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 46.028978][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5125] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5125] close(3) = 0
[pid 5125] mkdir("./file0", 0777) = 0
[ 46.072500][ T5125] loop0: detected capacity change from 0 to 512
[ 46.081384][ T5125] EXT4-fs: Ignoring removed oldalloc option
[ 46.087995][ T5125] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 46.097861][ T5125] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 46.107404][ T5125] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5125] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5125] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5125] chdir("./file0") = 0
[pid 5125] ioctl(4, LOOP_CLR_FD) = 0
[pid 5125] close(4) = 0
[pid 5125] exit_group(0) = ?
[pid 5125] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5125, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./24/binderfs") = 0
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./24/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./24/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./24") = 0
mkdir("./25", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5127
./strace-static-x86_64: Process 5127 attached
[pid 5127] chdir("./25") = 0
[pid 5127] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5127] setpgid(0, 0) = 0
[pid 5127] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5127] write(3, "1000", 4) = 4
[pid 5127] close(3) = 0
[pid 5127] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5127] memfd_create("syzkaller", 0) = 3
[pid 5127] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5127] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5127] munmap(0x7fa925b50000, 262144) = 0
[pid 5127] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 46.119731][ T5125] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 46.149947][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5127] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5127] close(3) = 0
[pid 5127] mkdir("./file0", 0777) = 0
[ 46.190940][ T5127] loop0: detected capacity change from 0 to 512
[ 46.200057][ T5127] EXT4-fs: Ignoring removed oldalloc option
[ 46.206582][ T5127] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 46.217379][ T5127] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 46.226903][ T5127] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5127] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5127] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5127] chdir("./file0") = 0
[pid 5127] ioctl(4, LOOP_CLR_FD) = 0
[pid 5127] close(4) = 0
[pid 5127] exit_group(0) = ?
[pid 5127] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5127, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./25/binderfs") = 0
umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./25/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./25/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./25") = 0
mkdir("./26", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5129 attached
, child_tidptr=0x555555bf85d0) = 5129
[pid 5129] chdir("./26") = 0
[pid 5129] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5129] setpgid(0, 0) = 0
[pid 5129] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5129] write(3, "1000", 4) = 4
[pid 5129] close(3) = 0
[pid 5129] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5129] memfd_create("syzkaller", 0) = 3
[pid 5129] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5129] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5129] munmap(0x7fa925b50000, 262144) = 0
[pid 5129] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 46.239834][ T5127] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 46.271718][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5129] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5129] close(3) = 0
[pid 5129] mkdir("./file0", 0777) = 0
[ 46.319452][ T5129] loop0: detected capacity change from 0 to 512
[ 46.328419][ T5129] EXT4-fs: Ignoring removed oldalloc option
[ 46.335747][ T5129] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 46.346548][ T5129] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 46.357071][ T5129] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5129] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5129] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5129] chdir("./file0") = 0
[pid 5129] ioctl(4, LOOP_CLR_FD) = 0
[pid 5129] close(4) = 0
[pid 5129] exit_group(0) = ?
[pid 5129] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5129, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./26/binderfs") = 0
umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./26/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./26/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./26") = 0
mkdir("./27", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5131 attached
, child_tidptr=0x555555bf85d0) = 5131
[pid 5131] chdir("./27") = 0
[pid 5131] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5131] setpgid(0, 0) = 0
[pid 5131] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5131] write(3, "1000", 4) = 4
[pid 5131] close(3) = 0
[pid 5131] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5131] memfd_create("syzkaller", 0) = 3
[pid 5131] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5131] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5131] munmap(0x7fa925b50000, 262144) = 0
[pid 5131] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 46.369388][ T5129] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 46.400939][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5131] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5131] close(3) = 0
[pid 5131] mkdir("./file0", 0777) = 0
[ 46.450378][ T5131] loop0: detected capacity change from 0 to 512
[ 46.459299][ T5131] EXT4-fs: Ignoring removed oldalloc option
[ 46.466032][ T5131] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 46.475971][ T5131] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 46.485859][ T5131] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5131] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5131] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5131] chdir("./file0") = 0
[pid 5131] ioctl(4, LOOP_CLR_FD) = 0
[pid 5131] close(4) = 0
[pid 5131] exit_group(0) = ?
[pid 5131] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5131, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./27/binderfs") = 0
umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./27/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./27/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./27") = 0
mkdir("./28", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5133
./strace-static-x86_64: Process 5133 attached
[pid 5133] chdir("./28") = 0
[pid 5133] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5133] setpgid(0, 0) = 0
[pid 5133] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5133] write(3, "1000", 4) = 4
[pid 5133] close(3) = 0
[pid 5133] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5133] memfd_create("syzkaller", 0) = 3
[pid 5133] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5133] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5133] munmap(0x7fa925b50000, 262144) = 0
[pid 5133] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 46.509343][ T5131] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 46.529991][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5133] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5133] close(3) = 0
[pid 5133] mkdir("./file0", 0777) = 0
[ 46.560629][ T5133] loop0: detected capacity change from 0 to 512
[ 46.570457][ T5133] EXT4-fs: Ignoring removed oldalloc option
[ 46.576894][ T5133] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 46.586924][ T5133] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 46.596453][ T5133] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5133] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5133] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5133] chdir("./file0") = 0
[pid 5133] ioctl(4, LOOP_CLR_FD) = 0
[pid 5133] close(4) = 0
[pid 5133] exit_group(0) = ?
[pid 5133] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5133, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./28/binderfs") = 0
umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./28/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./28/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./28") = 0
mkdir("./29", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5135
./strace-static-x86_64: Process 5135 attached
[pid 5135] chdir("./29") = 0
[pid 5135] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5135] setpgid(0, 0) = 0
[pid 5135] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5135] write(3, "1000", 4) = 4
[pid 5135] close(3) = 0
[pid 5135] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5135] memfd_create("syzkaller", 0) = 3
[pid 5135] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5135] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5135] munmap(0x7fa925b50000, 262144) = 0
[pid 5135] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 46.629598][ T5133] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 46.654286][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5135] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5135] close(3) = 0
[pid 5135] mkdir("./file0", 0777) = 0
[ 46.684623][ T5135] loop0: detected capacity change from 0 to 512
[ 46.693609][ T5135] EXT4-fs: Ignoring removed oldalloc option
[ 46.700320][ T5135] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 46.711242][ T5135] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 46.720919][ T5135] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5135] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5135] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5135] chdir("./file0") = 0
[pid 5135] ioctl(4, LOOP_CLR_FD) = 0
[pid 5135] close(4) = 0
[pid 5135] exit_group(0) = ?
[pid 5135] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5135, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./29/binderfs") = 0
umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./29/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./29/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./29") = 0
mkdir("./30", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5137
./strace-static-x86_64: Process 5137 attached
[pid 5137] chdir("./30") = 0
[pid 5137] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5137] setpgid(0, 0) = 0
[pid 5137] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5137] write(3, "1000", 4) = 4
[pid 5137] close(3) = 0
[pid 5137] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5137] memfd_create("syzkaller", 0) = 3
[pid 5137] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5137] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5137] munmap(0x7fa925b50000, 262144) = 0
[pid 5137] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 46.769469][ T5135] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 46.798222][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5137] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5137] close(3) = 0
[pid 5137] mkdir("./file0", 0777) = 0
[ 46.846999][ T5137] loop0: detected capacity change from 0 to 512
[ 46.856355][ T5137] EXT4-fs: Ignoring removed oldalloc option
[ 46.863199][ T5137] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 46.873914][ T5137] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 46.883115][ T5137] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5137] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5137] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5137] chdir("./file0") = 0
[pid 5137] ioctl(4, LOOP_CLR_FD) = 0
[pid 5137] close(4) = 0
[pid 5137] exit_group(0) = ?
[pid 5137] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5137, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./30/binderfs") = 0
umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./30/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./30/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./30") = 0
mkdir("./31", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5139
./strace-static-x86_64: Process 5139 attached
[pid 5139] chdir("./31") = 0
[pid 5139] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5139] setpgid(0, 0) = 0
[pid 5139] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5139] write(3, "1000", 4) = 4
[pid 5139] close(3) = 0
[pid 5139] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5139] memfd_create("syzkaller", 0) = 3
[pid 5139] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5139] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5139] munmap(0x7fa925b50000, 262144) = 0
[pid 5139] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 46.909436][ T5137] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 46.934188][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5139] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5139] close(3) = 0
[pid 5139] mkdir("./file0", 0777) = 0
[ 46.969512][ T5139] loop0: detected capacity change from 0 to 512
[ 46.977586][ T5139] EXT4-fs: Ignoring removed oldalloc option
[ 46.984687][ T5139] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 46.994775][ T5139] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 47.004414][ T5139] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5139] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5139] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5139] chdir("./file0") = 0
[pid 5139] ioctl(4, LOOP_CLR_FD) = 0
[pid 5139] close(4) = 0
[pid 5139] exit_group(0) = ?
[pid 5139] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5139, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./31/binderfs") = 0
umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./31/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./31/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./31") = 0
mkdir("./32", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5141
./strace-static-x86_64: Process 5141 attached
[pid 5141] chdir("./32") = 0
[pid 5141] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5141] setpgid(0, 0) = 0
[pid 5141] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5141] write(3, "1000", 4) = 4
[pid 5141] close(3) = 0
[pid 5141] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5141] memfd_create("syzkaller", 0) = 3
[pid 5141] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[ 47.029433][ T5139] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 47.064197][ T5075] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5141] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5141] munmap(0x7fa925b50000, 262144) = 0
[pid 5141] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5141] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5141] close(3) = 0
[pid 5141] mkdir("./file0", 0777) = 0
[pid 5141] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5141] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5141] chdir("./file0") = 0
[pid 5141] ioctl(4, LOOP_CLR_FD) = 0
[pid 5141] close(4) = 0
[pid 5141] exit_group(0) = ?
[pid 5141] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5141, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
[ 47.112756][ T5141] loop0: detected capacity change from 0 to 512
[ 47.121739][ T5141] EXT4-fs: Ignoring removed oldalloc option
[ 47.128371][ T5141] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 47.138736][ T5141] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 47.148999][ T5141] EXT4-fs (loop0): 1 truncate cleaned up
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./32/binderfs") = 0
umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./32/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./32/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./32") = 0
mkdir("./33", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5143
./strace-static-x86_64: Process 5143 attached
[pid 5143] chdir("./33") = 0
[pid 5143] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5143] setpgid(0, 0) = 0
[pid 5143] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5143] write(3, "1000", 4) = 4
[pid 5143] close(3) = 0
[pid 5143] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5143] memfd_create("syzkaller", 0) = 3
[pid 5143] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5143] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5143] munmap(0x7fa925b50000, 262144) = 0
[pid 5143] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5143] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5143] close(3) = 0
[pid 5143] mkdir("./file0", 0777) = 0
[ 47.223599][ T5143] loop0: detected capacity change from 0 to 512
[ 47.232520][ T5143] EXT4-fs: Ignoring removed oldalloc option
[ 47.240224][ T5143] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 47.250832][ T5143] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 47.260859][ T5143] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5143] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5143] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5143] chdir("./file0") = 0
[pid 5143] ioctl(4, LOOP_CLR_FD) = 0
[pid 5143] close(4) = 0
[pid 5143] exit_group(0) = ?
[pid 5143] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5143, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./33/binderfs") = 0
umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./33/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./33/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./33") = 0
mkdir("./34", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5145 attached
, child_tidptr=0x555555bf85d0) = 5145
[pid 5145] chdir("./34") = 0
[pid 5145] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5145] setpgid(0, 0) = 0
[pid 5145] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5145] write(3, "1000", 4) = 4
[pid 5145] close(3) = 0
[pid 5145] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5145] memfd_create("syzkaller", 0) = 3
[pid 5145] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5145] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5145] munmap(0x7fa925b50000, 262144) = 0
[pid 5145] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5145] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5145] close(3) = 0
[pid 5145] mkdir("./file0", 0777) = 0
[ 47.383648][ T5145] loop0: detected capacity change from 0 to 512
[ 47.392939][ T5145] EXT4-fs: Ignoring removed oldalloc option
[ 47.399897][ T5145] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 47.410018][ T5145] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 47.419483][ T5145] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5145] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5145] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5145] chdir("./file0") = 0
[pid 5145] ioctl(4, LOOP_CLR_FD) = 0
[pid 5145] close(4) = 0
[pid 5145] exit_group(0) = ?
[pid 5145] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5145, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./34/binderfs") = 0
umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./34/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./34/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./34") = 0
mkdir("./35", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5147
./strace-static-x86_64: Process 5147 attached
[pid 5147] chdir("./35") = 0
[pid 5147] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5147] setpgid(0, 0) = 0
[pid 5147] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5147] write(3, "1000", 4) = 4
[pid 5147] close(3) = 0
[pid 5147] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5147] memfd_create("syzkaller", 0) = 3
[pid 5147] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5147] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5147] munmap(0x7fa925b50000, 262144) = 0
[pid 5147] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5147] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5147] close(3) = 0
[pid 5147] mkdir("./file0", 0777) = 0
[pid 5147] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5147] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5147] chdir("./file0") = 0
[pid 5147] ioctl(4, LOOP_CLR_FD) = 0
[ 47.524121][ T5147] loop0: detected capacity change from 0 to 512
[ 47.532970][ T5147] EXT4-fs: Ignoring removed oldalloc option
[ 47.539608][ T5147] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 47.550210][ T5147] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 47.559579][ T5147] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5147] close(4) = 0
[pid 5147] exit_group(0) = ?
[pid 5147] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5147, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./35/binderfs") = 0
umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./35/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./35/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./35/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./35") = 0
mkdir("./36", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5149 attached
, child_tidptr=0x555555bf85d0) = 5149
[pid 5149] chdir("./36") = 0
[pid 5149] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5149] setpgid(0, 0) = 0
[pid 5149] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5149] write(3, "1000", 4) = 4
[pid 5149] close(3) = 0
[pid 5149] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5149] memfd_create("syzkaller", 0) = 3
[pid 5149] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5149] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5149] munmap(0x7fa925b50000, 262144) = 0
[pid 5149] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5149] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5149] close(3) = 0
[pid 5149] mkdir("./file0", 0777) = 0
[pid 5149] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5149] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5149] chdir("./file0") = 0
[pid 5149] ioctl(4, LOOP_CLR_FD) = 0
[pid 5149] close(4) = 0
[ 47.657820][ T5149] loop0: detected capacity change from 0 to 512
[ 47.666536][ T5149] EXT4-fs: Ignoring removed oldalloc option
[ 47.673431][ T5149] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 47.683800][ T5149] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 47.693171][ T5149] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5149] exit_group(0) = ?
[pid 5149] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5149, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./36/binderfs") = 0
umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./36/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./36/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./36/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./36") = 0
mkdir("./37", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5151
./strace-static-x86_64: Process 5151 attached
[pid 5151] chdir("./37") = 0
[pid 5151] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5151] setpgid(0, 0) = 0
[pid 5151] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5151] write(3, "1000", 4) = 4
[pid 5151] close(3) = 0
[pid 5151] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5151] memfd_create("syzkaller", 0) = 3
[pid 5151] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5151] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5151] munmap(0x7fa925b50000, 262144) = 0
[pid 5151] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5151] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5151] close(3) = 0
[pid 5151] mkdir("./file0", 0777) = 0
[ 47.764084][ T5151] loop0: detected capacity change from 0 to 512
[ 47.764913][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 47.772348][ T5151] EXT4-fs: Ignoring removed oldalloc option
[ 47.787401][ T5151] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 47.797903][ T5151] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 47.807554][ T5151] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5151] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5151] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5151] chdir("./file0") = 0
[pid 5151] ioctl(4, LOOP_CLR_FD) = 0
[pid 5151] close(4) = 0
[pid 5151] exit_group(0) = ?
[pid 5151] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5151, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./37", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./37/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./37/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./37/binderfs") = 0
umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./37/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./37/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./37/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./37") = 0
mkdir("./38", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5153 attached
, child_tidptr=0x555555bf85d0) = 5153
[pid 5153] chdir("./38") = 0
[pid 5153] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5153] setpgid(0, 0) = 0
[pid 5153] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5153] write(3, "1000", 4) = 4
[pid 5153] close(3) = 0
[pid 5153] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5153] memfd_create("syzkaller", 0) = 3
[pid 5153] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5153] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5153] munmap(0x7fa925b50000, 262144) = 0
[pid 5153] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5153] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5153] close(3) = 0
[pid 5153] mkdir("./file0", 0777) = 0
[pid 5153] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5153] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5153] chdir("./file0") = 0
[pid 5153] ioctl(4, LOOP_CLR_FD) = 0
[pid 5153] close(4) = 0
[pid 5153] exit_group(0) = ?
[pid 5153] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5153, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./38", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./38/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./38/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./38/binderfs") = 0
[ 47.897511][ T5153] loop0: detected capacity change from 0 to 512
[ 47.906054][ T5153] EXT4-fs: Ignoring removed oldalloc option
[ 47.913458][ T5153] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 47.923672][ T5153] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 47.933211][ T5153] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./38/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./38/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./38/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./38") = 0
mkdir("./39", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5155
./strace-static-x86_64: Process 5155 attached
[pid 5155] chdir("./39") = 0
[pid 5155] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5155] setpgid(0, 0) = 0
[pid 5155] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5155] write(3, "1000", 4) = 4
[pid 5155] close(3) = 0
[pid 5155] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5155] memfd_create("syzkaller", 0) = 3
[pid 5155] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5155] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5155] munmap(0x7fa925b50000, 262144) = 0
[pid 5155] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5155] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5155] close(3) = 0
[pid 5155] mkdir("./file0", 0777) = 0
[ 47.995349][ T5155] loop0: detected capacity change from 0 to 512
[ 47.998911][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 48.003452][ T5155] EXT4-fs: Ignoring removed oldalloc option
[ 48.018965][ T5155] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 48.030625][ T5155] EXT4-fs (loop0): orphan cleanup on readonly fs
[pid 5155] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5155] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5155] chdir("./file0") = 0
[pid 5155] ioctl(4, LOOP_CLR_FD) = 0
[pid 5155] close(4) = 0
[pid 5155] exit_group(0) = ?
[pid 5155] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5155, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./39", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./39/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./39/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./39/binderfs") = 0
[ 48.040931][ T5155] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./39/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./39/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./39/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./39") = 0
mkdir("./40", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5157 attached
<unfinished ...>
[pid 5157] chdir("./40") = 0
[pid 5157] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5157] setpgid(0, 0) = 0
[pid 5157] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5157] write(3, "1000", 4) = 4
[pid 5157] close(3) = 0
[pid 5157] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5075] <... clone resumed>, child_tidptr=0x555555bf85d0) = 5157
[pid 5157] memfd_create("syzkaller", 0) = 3
[pid 5157] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5157] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5157] munmap(0x7fa925b50000, 262144) = 0
[pid 5157] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5157] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5157] close(3) = 0
[pid 5157] mkdir("./file0", 0777) = 0
[pid 5157] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5157] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5157] chdir("./file0") = 0
[pid 5157] ioctl(4, LOOP_CLR_FD) = 0
[pid 5157] close(4) = 0
[pid 5157] exit_group(0) = ?
[pid 5157] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5157, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./40", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./40/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./40/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./40/binderfs") = 0
umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./40/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./40/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./40/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./40") = 0
mkdir("./41", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
[ 48.121179][ T5157] loop0: detected capacity change from 0 to 512
[ 48.130954][ T5157] EXT4-fs: Ignoring removed oldalloc option
[ 48.137619][ T5157] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 48.147780][ T5157] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 48.157331][ T5157] EXT4-fs (loop0): 1 truncate cleaned up
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5159
./strace-static-x86_64: Process 5159 attached
[pid 5159] chdir("./41") = 0
[pid 5159] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5159] setpgid(0, 0) = 0
[pid 5159] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5159] write(3, "1000", 4) = 4
[pid 5159] close(3) = 0
[pid 5159] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5159] memfd_create("syzkaller", 0) = 3
[pid 5159] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5159] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5159] munmap(0x7fa925b50000, 262144) = 0
[pid 5159] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5159] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5159] close(3) = 0
[pid 5159] mkdir("./file0", 0777) = 0
[pid 5159] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5159] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5159] chdir("./file0") = 0
[pid 5159] ioctl(4, LOOP_CLR_FD) = 0
[pid 5159] close(4) = 0
[pid 5159] exit_group(0) = ?
[pid 5159] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5159, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
umount2("./41", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./41/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./41/binderfs") = 0
umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./41/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./41/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./41/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./41") = 0
mkdir("./42", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5161
./strace-static-x86_64: Process 5161 attached
[pid 5161] chdir("./42") = 0
[pid 5161] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5161] setpgid(0, 0) = 0
[pid 5161] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5161] write(3, "1000", 4) = 4
[pid 5161] close(3) = 0
[pid 5161] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5161] memfd_create("syzkaller", 0) = 3
[pid 5161] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[ 48.219209][ T5159] loop0: detected capacity change from 0 to 512
[ 48.228026][ T5159] EXT4-fs: Ignoring removed oldalloc option
[ 48.236251][ T5159] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 48.246329][ T5159] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 48.255815][ T5159] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5161] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5161] munmap(0x7fa925b50000, 262144) = 0
[pid 5161] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5161] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5161] close(3) = 0
[pid 5161] mkdir("./file0", 0777) = 0
[pid 5161] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5161] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5161] chdir("./file0") = 0
[pid 5161] ioctl(4, LOOP_CLR_FD) = 0
[pid 5161] close(4) = 0
[pid 5161] exit_group(0) = ?
[pid 5161] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5161, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./42", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./42/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./42/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./42/binderfs") = 0
[ 48.305748][ T5161] loop0: detected capacity change from 0 to 512
[ 48.314315][ T5161] EXT4-fs: Ignoring removed oldalloc option
[ 48.321001][ T5161] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 48.331818][ T5161] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 48.341563][ T5161] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./42/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./42/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./42/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./42") = 0
mkdir("./43", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5163
./strace-static-x86_64: Process 5163 attached
[pid 5163] chdir("./43") = 0
[pid 5163] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5163] setpgid(0, 0) = 0
[pid 5163] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5163] write(3, "1000", 4) = 4
[pid 5163] close(3) = 0
[pid 5163] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5163] memfd_create("syzkaller", 0) = 3
[pid 5163] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5163] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5163] munmap(0x7fa925b50000, 262144) = 0
[pid 5163] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5163] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5163] close(3) = 0
[pid 5163] mkdir("./file0", 0777) = 0
[pid 5163] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5163] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5163] chdir("./file0") = 0
[pid 5163] ioctl(4, LOOP_CLR_FD) = 0
[pid 5163] close(4) = 0
[pid 5163] exit_group(0) = ?
[pid 5163] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5163, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./43", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./43/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 48.425884][ T5163] loop0: detected capacity change from 0 to 512
[ 48.434854][ T5163] EXT4-fs: Ignoring removed oldalloc option
[ 48.441768][ T5163] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 48.451906][ T5163] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 48.462374][ T5163] EXT4-fs (loop0): 1 truncate cleaned up
lstat("./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./43/binderfs") = 0
umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./43/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./43/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./43/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./43") = 0
mkdir("./44", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5165 attached
<unfinished ...>
[pid 5165] chdir("./44") = 0
[pid 5165] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5165] setpgid(0, 0) = 0
[pid 5165] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5165] write(3, "1000", 4) = 4
[pid 5165] close(3) = 0
[pid 5165] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5165] memfd_create("syzkaller", 0) = 3
[pid 5165] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid 5075] <... clone resumed>, child_tidptr=0x555555bf85d0) = 5165
[pid 5165] <... mmap resumed>) = 0x7fa925b50000
[pid 5165] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5165] munmap(0x7fa925b50000, 262144) = 0
[pid 5165] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5165] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5165] close(3) = 0
[pid 5165] mkdir("./file0", 0777) = 0
[pid 5165] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5165] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5165] chdir("./file0") = 0
[pid 5165] ioctl(4, LOOP_CLR_FD) = 0
[pid 5165] close(4) = 0
[pid 5165] exit_group(0) = ?
[pid 5165] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5165, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./44", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./44/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./44/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./44/binderfs") = 0
umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./44/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./44/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
[ 48.541200][ T5165] loop0: detected capacity change from 0 to 512
[ 48.549576][ T5165] EXT4-fs: Ignoring removed oldalloc option
[ 48.556419][ T5165] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 48.566677][ T5165] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 48.576794][ T5165] EXT4-fs (loop0): 1 truncate cleaned up
close(4) = 0
rmdir("./44/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./44") = 0
mkdir("./45", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5167 attached
, child_tidptr=0x555555bf85d0) = 5167
[pid 5167] chdir("./45") = 0
[pid 5167] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5167] setpgid(0, 0) = 0
[pid 5167] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5167] write(3, "1000", 4) = 4
[pid 5167] close(3) = 0
[pid 5167] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5167] memfd_create("syzkaller", 0) = 3
[pid 5167] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5167] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5167] munmap(0x7fa925b50000, 262144) = 0
[pid 5167] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5167] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5167] close(3) = 0
[pid 5167] mkdir("./file0", 0777) = 0
[pid 5167] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5167] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5167] chdir("./file0") = 0
[pid 5167] ioctl(4, LOOP_CLR_FD) = 0
[pid 5167] close(4) = 0
[pid 5167] exit_group(0) = ?
[pid 5167] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5167, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./45", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./45/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./45/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[ 48.646436][ T5167] loop0: detected capacity change from 0 to 512
[ 48.655557][ T5167] EXT4-fs: Ignoring removed oldalloc option
[ 48.662357][ T5167] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 48.672284][ T5167] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 48.682502][ T5167] EXT4-fs (loop0): 1 truncate cleaned up
unlink("./45/binderfs") = 0
umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./45/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./45/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./45/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./45") = 0
mkdir("./46", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5169
./strace-static-x86_64: Process 5169 attached
[pid 5169] chdir("./46") = 0
[pid 5169] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5169] setpgid(0, 0) = 0
[pid 5169] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5169] write(3, "1000", 4) = 4
[pid 5169] close(3) = 0
[pid 5169] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5169] memfd_create("syzkaller", 0) = 3
[pid 5169] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5169] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5169] munmap(0x7fa925b50000, 262144) = 0
[pid 5169] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5169] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5169] close(3) = 0
[pid 5169] mkdir("./file0", 0777) = 0
[pid 5169] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5169] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5169] chdir("./file0") = 0
[pid 5169] ioctl(4, LOOP_CLR_FD) = 0
[pid 5169] close(4) = 0
[pid 5169] exit_group(0) = ?
[pid 5169] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5169, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./46", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./46/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./46/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./46/binderfs") = 0
[ 48.766929][ T5169] loop0: detected capacity change from 0 to 512
[ 48.774905][ T5169] EXT4-fs: Ignoring removed oldalloc option
[ 48.781442][ T5169] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 48.791987][ T5169] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 48.802196][ T5169] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./46/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./46/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./46/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./46") = 0
mkdir("./47", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5171
./strace-static-x86_64: Process 5171 attached
[pid 5171] chdir("./47") = 0
[pid 5171] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5171] setpgid(0, 0) = 0
[pid 5171] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5171] write(3, "1000", 4) = 4
[pid 5171] close(3) = 0
[pid 5171] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5171] memfd_create("syzkaller", 0) = 3
[pid 5171] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5171] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5171] munmap(0x7fa925b50000, 262144) = 0
[pid 5171] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5171] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5171] close(3) = 0
[pid 5171] mkdir("./file0", 0777) = 0
[pid 5171] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5171] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5171] chdir("./file0") = 0
[pid 5171] ioctl(4, LOOP_CLR_FD) = 0
[pid 5171] close(4) = 0
[pid 5171] exit_group(0) = ?
[pid 5171] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5171, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./47", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./47/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./47/binderfs") = 0
umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./47/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./47/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./47/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./47") = 0
mkdir("./48", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
[ 48.894662][ T5171] loop0: detected capacity change from 0 to 512
[ 48.904157][ T5171] EXT4-fs: Ignoring removed oldalloc option
[ 48.910818][ T5171] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 48.920739][ T5171] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 48.931030][ T5171] EXT4-fs (loop0): 1 truncate cleaned up
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5173 attached
, child_tidptr=0x555555bf85d0) = 5173
[pid 5173] chdir("./48") = 0
[pid 5173] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5173] setpgid(0, 0) = 0
[pid 5173] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5173] write(3, "1000", 4) = 4
[pid 5173] close(3) = 0
[pid 5173] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5173] memfd_create("syzkaller", 0) = 3
[pid 5173] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5173] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5173] munmap(0x7fa925b50000, 262144) = 0
[pid 5173] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5173] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5173] close(3) = 0
[pid 5173] mkdir("./file0", 0777) = 0
[pid 5173] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5173] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5173] chdir("./file0") = 0
[pid 5173] ioctl(4, LOOP_CLR_FD) = 0
[pid 5173] close(4) = 0
[pid 5173] exit_group(0) = ?
[pid 5173] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5173, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./48", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./48/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./48/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./48/binderfs") = 0
[ 48.988914][ T5173] loop0: detected capacity change from 0 to 512
[ 48.997341][ T5173] EXT4-fs: Ignoring removed oldalloc option
[ 49.003998][ T5173] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 49.014395][ T5173] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 49.024018][ T5173] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./48/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./48/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./48/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./48") = 0
mkdir("./49", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5175
./strace-static-x86_64: Process 5175 attached
[pid 5175] chdir("./49") = 0
[pid 5175] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5175] setpgid(0, 0) = 0
[pid 5175] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5175] write(3, "1000", 4) = 4
[pid 5175] close(3) = 0
[pid 5175] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5175] memfd_create("syzkaller", 0) = 3
[pid 5175] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5175] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5175] munmap(0x7fa925b50000, 262144) = 0
[pid 5175] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5175] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5175] close(3) = 0
[pid 5175] mkdir("./file0", 0777) = 0
[ 49.126042][ T5175] loop0: detected capacity change from 0 to 512
[ 49.144663][ T5175] EXT4-fs: Ignoring removed oldalloc option
[ 49.151266][ T5175] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 49.161139][ T5175] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 49.170435][ T5175] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5175] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5175] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5175] chdir("./file0") = 0
[pid 5175] ioctl(4, LOOP_CLR_FD) = 0
[pid 5175] close(4) = 0
[pid 5175] exit_group(0) = ?
[pid 5175] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5175, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./49", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./49/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./49/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./49/binderfs") = 0
umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./49/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./49/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./49/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./49") = 0
mkdir("./50", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5177
./strace-static-x86_64: Process 5177 attached
[pid 5177] chdir("./50") = 0
[pid 5177] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5177] setpgid(0, 0) = 0
[pid 5177] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5177] write(3, "1000", 4) = 4
[pid 5177] close(3) = 0
[pid 5177] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5177] memfd_create("syzkaller", 0) = 3
[pid 5177] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5177] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5177] munmap(0x7fa925b50000, 262144) = 0
[pid 5177] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5177] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5177] close(3) = 0
[pid 5177] mkdir("./file0", 0777) = 0
[pid 5177] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5177] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5177] chdir("./file0") = 0
[pid 5177] ioctl(4, LOOP_CLR_FD) = 0
[pid 5177] close(4) = 0
[pid 5177] exit_group(0) = ?
[pid 5177] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5177, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
[ 49.255787][ T5177] loop0: detected capacity change from 0 to 512
[ 49.263933][ T5177] EXT4-fs: Ignoring removed oldalloc option
[ 49.270789][ T5177] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 49.280925][ T5177] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 49.290612][ T5177] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./50", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./50/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./50/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./50/binderfs") = 0
umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./50/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./50/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./50/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./50") = 0
mkdir("./51", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5179
./strace-static-x86_64: Process 5179 attached
[pid 5179] chdir("./51") = 0
[pid 5179] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5179] setpgid(0, 0) = 0
[pid 5179] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5179] write(3, "1000", 4) = 4
[pid 5179] close(3) = 0
[pid 5179] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5179] memfd_create("syzkaller", 0) = 3
[pid 5179] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5179] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5179] munmap(0x7fa925b50000, 262144) = 0
[pid 5179] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5179] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5179] close(3) = 0
[pid 5179] mkdir("./file0", 0777) = 0
[pid 5179] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5179] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5179] chdir("./file0") = 0
[pid 5179] ioctl(4, LOOP_CLR_FD) = 0
[pid 5179] close(4) = 0
[pid 5179] exit_group(0) = ?
[pid 5179] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5179, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./51", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./51/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./51/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./51/binderfs") = 0
[ 49.369413][ T5179] loop0: detected capacity change from 0 to 512
[ 49.377822][ T5179] EXT4-fs: Ignoring removed oldalloc option
[ 49.385090][ T5179] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 49.395137][ T5179] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 49.405633][ T5179] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./51/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./51/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./51/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./51") = 0
mkdir("./52", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5181
./strace-static-x86_64: Process 5181 attached
[pid 5181] chdir("./52") = 0
[pid 5181] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5181] setpgid(0, 0) = 0
[pid 5181] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5181] write(3, "1000", 4) = 4
[pid 5181] close(3) = 0
[pid 5181] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5181] memfd_create("syzkaller", 0) = 3
[pid 5181] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5181] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5181] munmap(0x7fa925b50000, 262144) = 0
[pid 5181] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5181] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5181] close(3) = 0
[pid 5181] mkdir("./file0", 0777) = 0
[pid 5181] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5181] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5181] chdir("./file0") = 0
[pid 5181] ioctl(4, LOOP_CLR_FD) = 0
[pid 5181] close(4) = 0
[pid 5181] exit_group(0) = ?
[pid 5181] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5181, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./52", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./52/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./52/binderfs") = 0
[ 49.478923][ T5181] loop0: detected capacity change from 0 to 512
[ 49.487404][ T5181] EXT4-fs: Ignoring removed oldalloc option
[ 49.495174][ T5181] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 49.505470][ T5181] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 49.515469][ T5181] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./52/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./52/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./52/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./52") = 0
mkdir("./53", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5183 attached
, child_tidptr=0x555555bf85d0) = 5183
[pid 5183] chdir("./53") = 0
[pid 5183] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5183] setpgid(0, 0) = 0
[pid 5183] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5183] write(3, "1000", 4) = 4
[pid 5183] close(3) = 0
[pid 5183] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5183] memfd_create("syzkaller", 0) = 3
[pid 5183] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5183] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5183] munmap(0x7fa925b50000, 262144) = 0
[pid 5183] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5183] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5183] close(3) = 0
[pid 5183] mkdir("./file0", 0777) = 0
[pid 5183] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5183] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5183] chdir("./file0") = 0
[pid 5183] ioctl(4, LOOP_CLR_FD) = 0
[pid 5183] close(4) = 0
[pid 5183] exit_group(0) = ?
[pid 5183] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5183, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./53", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./53/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./53/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./53/binderfs") = 0
umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./53/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./53/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./53/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./53") = 0
mkdir("./54", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5185
./strace-static-x86_64: Process 5185 attached
[pid 5185] chdir("./54") = 0
[pid 5185] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5185] setpgid(0, 0) = 0
[pid 5185] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5185] write(3, "1000", 4) = 4
[pid 5185] close(3) = 0
[pid 5185] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5185] memfd_create("syzkaller", 0) = 3
[pid 5185] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5185] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[ 49.591654][ T5183] loop0: detected capacity change from 0 to 512
[ 49.600698][ T5183] EXT4-fs: Ignoring removed oldalloc option
[ 49.607236][ T5183] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 49.618025][ T5183] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 49.627581][ T5183] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5185] munmap(0x7fa925b50000, 262144) = 0
[pid 5185] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5185] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5185] close(3) = 0
[pid 5185] mkdir("./file0", 0777) = 0
[pid 5185] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5185] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5185] chdir("./file0") = 0
[pid 5185] ioctl(4, LOOP_CLR_FD) = 0
[pid 5185] close(4) = 0
[pid 5185] exit_group(0) = ?
[pid 5185] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5185, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
umount2("./54", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./54/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./54/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./54/binderfs") = 0
umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./54/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./54/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./54/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./54") = 0
mkdir("./55", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
[ 49.674905][ T5185] loop0: detected capacity change from 0 to 512
[ 49.683879][ T5185] EXT4-fs: Ignoring removed oldalloc option
[ 49.690831][ T5185] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 49.701238][ T5185] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 49.711143][ T5185] EXT4-fs (loop0): 1 truncate cleaned up
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5187 attached
<unfinished ...>
[pid 5187] chdir("./55") = 0
[pid 5187] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5187] setpgid(0, 0) = 0
[pid 5187] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid 5075] <... clone resumed>, child_tidptr=0x555555bf85d0) = 5187
[pid 5187] <... openat resumed>) = 3
[pid 5187] write(3, "1000", 4) = 4
[pid 5187] close(3) = 0
[pid 5187] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5187] memfd_create("syzkaller", 0) = 3
[pid 5187] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5187] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5187] munmap(0x7fa925b50000, 262144) = 0
[pid 5187] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5187] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5187] close(3) = 0
[pid 5187] mkdir("./file0", 0777) = 0
[pid 5187] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5187] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5187] chdir("./file0") = 0
[pid 5187] ioctl(4, LOOP_CLR_FD) = 0
[pid 5187] close(4) = 0
[pid 5187] exit_group(0) = ?
[pid 5187] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5187, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./55", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./55/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./55/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./55/binderfs") = 0
umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./55/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./55/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./55/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./55") = 0
[ 49.771053][ T5187] loop0: detected capacity change from 0 to 512
[ 49.780525][ T5187] EXT4-fs: Ignoring removed oldalloc option
[ 49.787134][ T5187] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 49.797400][ T5187] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 49.807812][ T5187] EXT4-fs (loop0): 1 truncate cleaned up
mkdir("./56", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5189 attached
<unfinished ...>
[pid 5189] chdir("./56" <unfinished ...>
[pid 5075] <... clone resumed>, child_tidptr=0x555555bf85d0) = 5189
[pid 5189] <... chdir resumed>) = 0
[pid 5189] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5189] setpgid(0, 0) = 0
[pid 5189] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5189] write(3, "1000", 4) = 4
[pid 5189] close(3) = 0
[pid 5189] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5189] memfd_create("syzkaller", 0) = 3
[pid 5189] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5189] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5189] munmap(0x7fa925b50000, 262144) = 0
[pid 5189] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5189] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5189] close(3) = 0
[pid 5189] mkdir("./file0", 0777) = 0
[ 49.869014][ T5189] loop0: detected capacity change from 0 to 512
[ 49.878308][ T5189] EXT4-fs: Ignoring removed oldalloc option
[ 49.885005][ T5189] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 49.894910][ T5189] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 49.904715][ T5189]
[ 49.907057][ T5189] ======================================================
[ 49.914156][ T5189] WARNING: possible circular locking dependency detected
[ 49.921162][ T5189] 6.3.0-rc2-syzkaller-00235-g8d3c682a5e3d #0 Not tainted
[ 49.928163][ T5189] ------------------------------------------------------
[ 49.935162][ T5189] syz-executor339/5189 is trying to acquire lock:
[ 49.941552][ T5189] ffff888076d80968 (&dquot->dq_lock){+.+.}-{3:3}, at: dquot_commit+0x51/0x570
[ 49.950434][ T5189]
[ 49.950434][ T5189] but task is already holding lock:
[ 49.957778][ T5189] ffff888073d43eb8 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_truncate+0xd50/0x1340
[ 49.967100][ T5189]
[ 49.967100][ T5189] which lock already depends on the new lock.
[ 49.967100][ T5189]
[ 49.977488][ T5189]
[ 49.977488][ T5189] the existing dependency chain (in reverse order) is:
[ 49.986785][ T5189]
[ 49.986785][ T5189] -> #2 (&ei->i_data_sem/2){++++}-{3:3}:
[ 49.994586][ T5189] down_read+0x3d/0x50
[ 49.999254][ T5189] ext4_map_blocks+0x267/0x18d0
[ 50.004616][ T5189] ext4_getblk+0x61f/0x850
[ 50.009543][ T5189] ext4_bread+0x2e/0x190
[ 50.014326][ T5189] ext4_quota_write+0x218/0x620
[ 50.019698][ T5189] write_blk+0x12e/0x220
[ 50.024467][ T5189] get_free_dqblk+0x104/0x2f0
[ 50.029749][ T5189] do_insert_tree+0x3c5/0x12d0
[ 50.035035][ T5189] do_insert_tree+0x696/0x12d0
[ 50.040333][ T5189] do_insert_tree+0x696/0x12d0
[ 50.045606][ T5189] do_insert_tree+0x696/0x12d0
[ 50.050882][ T5189] qtree_write_dquot+0x3b4/0x570
[ 50.056349][ T5189] v2_write_dquot+0x120/0x250
[ 50.061532][ T5189] dquot_acquire+0x3d1/0x6c0
[ 50.066632][ T5189] ext4_acquire_dquot+0x2b1/0x3d0
[ 50.072175][ T5189] dqget+0x67d/0x1080
[ 50.076668][ T5189] __dquot_initialize+0x560/0xbe0
[ 50.082203][ T5189] ext4_process_orphan+0x47/0x410
[ 50.087827][ T5189] ext4_orphan_cleanup+0x6e5/0x1110
[ 50.093657][ T5189] ext4_fill_super+0x9630/0xad90
[ 50.099147][ T5189] get_tree_bdev+0x444/0x760
[ 50.104267][ T5189] vfs_get_tree+0x8d/0x350
[ 50.109196][ T5189] path_mount+0x1342/0x1e40
[ 50.114218][ T5189] __x64_sys_mount+0x283/0x300
[ 50.119658][ T5189] do_syscall_64+0x39/0xb0
[ 50.124592][ T5189] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 50.131005][ T5189]
[ 50.131005][ T5189] -> #1 (&s->s_dquot.dqio_sem){++++}-{3:3}:
[ 50.139066][ T5189] down_read+0x3d/0x50
[ 50.143679][ T5189] v2_read_dquot+0x4d/0x120
[ 50.148694][ T5189] dquot_acquire+0x1b3/0x6c0
[ 50.153801][ T5189] ext4_acquire_dquot+0x2b1/0x3d0
[ 50.159364][ T5189] dqget+0x67d/0x1080
[ 50.163886][ T5189] __dquot_initialize+0x560/0xbe0
[ 50.169419][ T5189] ext4_process_orphan+0x47/0x410
[ 50.174950][ T5189] ext4_orphan_cleanup+0x6e5/0x1110
[ 50.180674][ T5189] ext4_fill_super+0x9630/0xad90
[ 50.186124][ T5189] get_tree_bdev+0x444/0x760
[ 50.191246][ T5189] vfs_get_tree+0x8d/0x350
[ 50.196171][ T5189] path_mount+0x1342/0x1e40
[ 50.201188][ T5189] __x64_sys_mount+0x283/0x300
[ 50.206472][ T5189] do_syscall_64+0x39/0xb0
[ 50.211419][ T5189] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 50.217824][ T5189]
[ 50.217824][ T5189] -> #0 (&dquot->dq_lock){+.+.}-{3:3}:
[ 50.225459][ T5189] __lock_acquire+0x2ec7/0x5d40
[ 50.230819][ T5189] lock_acquire+0x1af/0x520
[ 50.235852][ T5189] __mutex_lock+0x12f/0x1350
[ 50.241041][ T5189] dquot_commit+0x51/0x570
[ 50.245999][ T5189] ext4_write_dquot+0x25f/0x330
[ 50.251357][ T5189] ext4_mark_dquot_dirty+0x115/0x1b0
[ 50.257152][ T5189] __dquot_free_space+0x773/0xaf0
[ 50.262709][ T5189] ext4_free_blocks+0x1132/0x20d0
[ 50.268252][ T5189] ext4_ext_remove_space+0x1ec4/0x4210
[ 50.274223][ T5189] ext4_ext_truncate+0x34b/0x400
[ 50.279669][ T5189] ext4_truncate+0xdb5/0x1340
[ 50.284880][ T5189] ext4_process_orphan+0x158/0x410
[ 50.290518][ T5189] ext4_orphan_cleanup+0x6e5/0x1110
[ 50.296236][ T5189] ext4_fill_super+0x9630/0xad90
[ 50.302001][ T5189] get_tree_bdev+0x444/0x760
[ 50.307452][ T5189] vfs_get_tree+0x8d/0x350
[ 50.312378][ T5189] path_mount+0x1342/0x1e40
[ 50.317420][ T5189] __x64_sys_mount+0x283/0x300
[ 50.322704][ T5189] do_syscall_64+0x39/0xb0
[ 50.327662][ T5189] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 50.334067][ T5189]
[ 50.334067][ T5189] other info that might help us debug this:
[ 50.334067][ T5189]
[ 50.344629][ T5189] Chain exists of:
[ 50.344629][ T5189] &dquot->dq_lock --> &s->s_dquot.dqio_sem --> &ei->i_data_sem/2
[ 50.344629][ T5189]
[ 50.358255][ T5189] Possible unsafe locking scenario:
[ 50.358255][ T5189]
[ 50.365684][ T5189] CPU0 CPU1
[ 50.371030][ T5189] ---- ----
[ 50.376397][ T5189] lock(&ei->i_data_sem/2);
[ 50.380995][ T5189] lock(&s->s_dquot.dqio_sem);
[ 50.388363][ T5189] lock(&ei->i_data_sem/2);
[ 50.395490][ T5189] lock(&dquot->dq_lock);
[ 50.399917][ T5189]
[ 50.399917][ T5189] *** DEADLOCK ***
[ 50.399917][ T5189]
[ 50.408041][ T5189] 4 locks held by syz-executor339/5189:
[ 50.413569][ T5189] #0: ffff88802218e0e0 (&type->s_umount_key#27/1){+.+.}-{3:3}, at: alloc_super+0x22e/0xb60
[ 50.423651][ T5189] #1: ffff888073d44030 (&sb->s_type->i_mutex_key#8){++++}-{3:3}, at: ext4_process_orphan+0x109/0x410
[ 50.434593][ T5189] #2: ffff888073d43eb8 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_truncate+0xd50/0x1340
[ 50.444335][ T5189] #3: ffffffff8c989aa8 (dquot_srcu){....}-{0:0}, at: __dquot_free_space+0x1a8/0xaf0
[ 50.453816][ T5189]
[ 50.453816][ T5189] stack backtrace:
[ 50.459684][ T5189] CPU: 0 PID: 5189 Comm: syz-executor339 Not tainted 6.3.0-rc2-syzkaller-00235-g8d3c682a5e3d #0
[ 50.470077][ T5189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[ 50.480134][ T5189] Call Trace:
[ 50.483405][ T5189] <TASK>
[ 50.486335][ T5189] dump_stack_lvl+0xd9/0x150
[ 50.490947][ T5189] check_noncircular+0x25f/0x2e0
[ 50.495893][ T5189] ? print_circular_bug+0x5c0/0x5c0
[ 50.501109][ T5189] ? print_usage_bug.part.0+0x660/0x660
[ 50.506657][ T5189] ? check_irq_usage+0x198/0x1a40
[ 50.511696][ T5189] __lock_acquire+0x2ec7/0x5d40
[ 50.516534][ T5189] ? mark_lock.part.0+0xee/0x1970
[ 50.521569][ T5189] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 50.527538][ T5189] ? check_path.constprop.0+0x24/0x50
[ 50.532896][ T5189] lock_acquire+0x1af/0x520
[ 50.537414][ T5189] ? dquot_commit+0x51/0x570
[ 50.541994][ T5189] ? lock_release+0x670/0x670
[ 50.546732][ T5189] __mutex_lock+0x12f/0x1350
[ 50.551309][ T5189] ? dquot_commit+0x51/0x570
[ 50.555891][ T5189] ? dquot_commit+0x51/0x570
[ 50.560484][ T5189] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 50.566485][ T5189] ? mutex_lock_io_nested+0x11a0/0x11a0
[ 50.572050][ T5189] ? find_held_lock+0x2d/0x110
[ 50.576832][ T5189] dquot_commit+0x51/0x570
[ 50.581291][ T5189] ? ext4_write_dquot+0x236/0x330
[ 50.586340][ T5189] ext4_write_dquot+0x25f/0x330
[ 50.591184][ T5189] ext4_mark_dquot_dirty+0x115/0x1b0
[ 50.596472][ T5189] __dquot_free_space+0x773/0xaf0
[ 50.601526][ T5189] ? dquot_claim_space_nodirty+0x6b0/0x6b0
[ 50.607326][ T5189] ? ext4_free_blocks+0x1610/0x20d0
[ 50.612521][ T5189] ? lock_downgrade+0x690/0x690
[ 50.617363][ T5189] ext4_free_blocks+0x1132/0x20d0
[ 50.622386][ T5189] ? ext4_mb_new_blocks+0x4b20/0x4b20
[ 50.627838][ T5189] ? __ext4_journal_ensure_credits+0x264/0x2e0
[ 50.633984][ T5189] ext4_ext_remove_space+0x1ec4/0x4210
[ 50.639447][ T5189] ? ext4_ext_index_trans_blocks+0x160/0x160
[ 50.645459][ T5189] ? ext4_es_remove_extent+0x107/0x3c0
[ 50.651021][ T5189] ? ext4_es_lookup_extent+0xb60/0xb60
[ 50.656493][ T5189] ? down_write+0x14f/0x200
[ 50.661021][ T5189] ext4_ext_truncate+0x34b/0x400
[ 50.665984][ T5189] ext4_truncate+0xdb5/0x1340
[ 50.670679][ T5189] ? ext4_punch_hole+0x1140/0x1140
[ 50.675812][ T5189] ? rwsem_down_write_slowpath+0x1220/0x1220
[ 50.681785][ T5189] ? __brelse+0x88/0xa0
[ 50.685981][ T5189] ext4_process_orphan+0x158/0x410
[ 50.691092][ T5189] ext4_orphan_cleanup+0x6e5/0x1110
[ 50.696400][ T5189] ? ext4_process_orphan+0x410/0x410
[ 50.701796][ T5189] ext4_fill_super+0x9630/0xad90
[ 50.706734][ T5189] ? ext4_reconfigure+0x2b60/0x2b60
[ 50.711934][ T5189] ? snprintf+0xbf/0x100
[ 50.716349][ T5189] ? vsprintf+0x30/0x30
[ 50.720523][ T5189] ? wait_for_completion_io_timeout+0x20/0x20
[ 50.726760][ T5189] get_tree_bdev+0x444/0x760
[ 50.731343][ T5189] ? ext4_reconfigure+0x2b60/0x2b60
[ 50.736549][ T5189] vfs_get_tree+0x8d/0x350
[ 50.740992][ T5189] path_mount+0x1342/0x1e40
[ 50.745517][ T5189] ? kmem_cache_free+0xe9/0x480
[ 50.750359][ T5189] ? finish_automount+0x9b0/0x9b0
[ 50.755379][ T5189] ? putname+0x102/0x140
[ 50.759657][ T5189] __x64_sys_mount+0x283/0x300
[ 50.764454][ T5189] ? copy_mnt_ns+0xb30/0xb30
[ 50.769062][ T5189] ? lockdep_hardirqs_on+0x7d/0x100
[ 50.774258][ T5189] ? _raw_spin_unlock_irq+0x2e/0x50
[ 50.779461][ T5189] ? ptrace_notify+0xfe/0x140
[ 50.784127][ T5189] do_syscall_64+0x39/0xb0
[ 50.788539][ T5189] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 50.794439][ T5189] RIP: 0033:0x7fa92df9ee8a
[ 50.798861][ T5189] Code: 48 c7 c2 c0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 a8 00 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 50.818547][ T5189] RSP: 002b:00007ffdd2f0fdb8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 50.826944][ T5189] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fa92df9ee8a
[ 50.834903][ T5189] RDX: 00000000200004c0 RSI: 00000000200000c0 RDI: 00007ffdd2f0fdc0
[ 50.842858][ T5189] RBP: 00007ffdd2f0fdc0 R08: 00007ffdd2f0fe00 R09: 00007ffdd2f0fe30
[ 50.850817][ T5189] R10: 0000000000000047 R11: 0000000000000206 R12: 0000000000000004
[ 50.858778][ T5189] R13: 0000555555bf82c0 R14: 00007ffdd2f0fe00 R15: 0000000000000000
[ 50.866763][ T5189] </TASK>
[pid 5189] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5189] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5189] chdir("./file0") = 0
[pid 5189] ioctl(4, LOOP_CLR_FD) = 0
[pid 5189] close(4) = 0
[pid 5189] exit_group(0) = ?
[pid 5189] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5189, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./56", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./56/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./56/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./56/binderfs") = 0
[ 50.871689][ T5189] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./56/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./56/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./56/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./56") = 0
mkdir("./57", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5191
./strace-static-x86_64: Process 5191 attached
[pid 5191] chdir("./57") = 0
[pid 5191] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5191] setpgid(0, 0) = 0
[pid 5191] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5191] write(3, "1000", 4) = 4
[pid 5191] close(3) = 0
[pid 5191] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5191] memfd_create("syzkaller", 0) = 3
[pid 5191] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5191] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5191] munmap(0x7fa925b50000, 262144) = 0
[pid 5191] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5191] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5191] close(3) = 0
[pid 5191] mkdir("./file0", 0777) = 0
[pid 5191] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5191] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5191] chdir("./file0") = 0
[pid 5191] ioctl(4, LOOP_CLR_FD) = 0
[pid 5191] close(4) = 0
[pid 5191] exit_group(0) = ?
[pid 5191] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5191, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./57", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./57/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./57/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./57/binderfs") = 0
umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./57/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./57/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./57/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./57") = 0
[ 50.931729][ T5191] loop0: detected capacity change from 0 to 512
[ 50.939456][ T5191] EXT4-fs: Ignoring removed oldalloc option
[ 50.945965][ T5191] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 50.956484][ T5191] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 50.965991][ T5191] EXT4-fs (loop0): 1 truncate cleaned up
mkdir("./58", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5193
./strace-static-x86_64: Process 5193 attached
[pid 5193] chdir("./58") = 0
[pid 5193] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5193] setpgid(0, 0) = 0
[pid 5193] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5193] write(3, "1000", 4) = 4
[pid 5193] close(3) = 0
[pid 5193] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5193] memfd_create("syzkaller", 0) = 3
[pid 5193] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5193] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5193] munmap(0x7fa925b50000, 262144) = 0
[pid 5193] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5193] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5193] close(3) = 0
[pid 5193] mkdir("./file0", 0777) = 0
[pid 5193] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5193] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5193] chdir("./file0") = 0
[pid 5193] ioctl(4, LOOP_CLR_FD) = 0
[pid 5193] close(4) = 0
[pid 5193] exit_group(0) = ?
[pid 5193] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5193, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./58", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./58/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./58/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./58/binderfs") = 0
umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 51.026544][ T5193] loop0: detected capacity change from 0 to 512
[ 51.035155][ T5193] EXT4-fs: Ignoring removed oldalloc option
[ 51.041731][ T5193] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 51.051758][ T5193] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 51.060534][ T5193] EXT4-fs (loop0): 1 truncate cleaned up
lstat("./58/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./58/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./58/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./58") = 0
mkdir("./59", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5195 attached
<unfinished ...>
[pid 5195] chdir("./59") = 0
[pid 5195] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5195] setpgid(0, 0 <unfinished ...>
[pid 5075] <... clone resumed>, child_tidptr=0x555555bf85d0) = 5195
[pid 5195] <... setpgid resumed>) = 0
[pid 5195] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5195] write(3, "1000", 4) = 4
[pid 5195] close(3) = 0
[pid 5195] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5195] memfd_create("syzkaller", 0) = 3
[pid 5195] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5195] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5195] munmap(0x7fa925b50000, 262144) = 0
[pid 5195] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5195] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5195] close(3) = 0
[pid 5195] mkdir("./file0", 0777) = 0
[pid 5195] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5195] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5195] chdir("./file0") = 0
[pid 5195] ioctl(4, LOOP_CLR_FD) = 0
[pid 5195] close(4) = 0
[pid 5195] exit_group(0) = ?
[pid 5195] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5195, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./59", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./59/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./59/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./59/binderfs") = 0
[ 51.133359][ T5195] loop0: detected capacity change from 0 to 512
[ 51.141939][ T5195] EXT4-fs: Ignoring removed oldalloc option
[ 51.148523][ T5195] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 51.158229][ T5195] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 51.168753][ T5195] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./59/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./59/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./59/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./59") = 0
mkdir("./60", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5197
./strace-static-x86_64: Process 5197 attached
[pid 5197] chdir("./60") = 0
[pid 5197] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5197] setpgid(0, 0) = 0
[pid 5197] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5197] write(3, "1000", 4) = 4
[pid 5197] close(3) = 0
[pid 5197] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5197] memfd_create("syzkaller", 0) = 3
[pid 5197] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5197] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5197] munmap(0x7fa925b50000, 262144) = 0
[pid 5197] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5197] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5197] close(3) = 0
[pid 5197] mkdir("./file0", 0777) = 0
[pid 5197] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5197] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5197] chdir("./file0") = 0
[pid 5197] ioctl(4, LOOP_CLR_FD) = 0
[pid 5197] close(4) = 0
[pid 5197] exit_group(0) = ?
[pid 5197] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5197, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./60", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./60/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./60/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./60/binderfs") = 0
umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./60/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./60/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./60/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./60") = 0
mkdir("./61", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5199
./strace-static-x86_64: Process 5199 attached
[pid 5199] chdir("./61") = 0
[pid 5199] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5199] setpgid(0, 0) = 0
[pid 5199] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5199] write(3, "1000", 4) = 4
[pid 5199] close(3) = 0
[pid 5199] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5199] memfd_create("syzkaller", 0) = 3
[pid 5199] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5199] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5199] munmap(0x7fa925b50000, 262144) = 0
[pid 5199] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 51.237484][ T5197] loop0: detected capacity change from 0 to 512
[ 51.245531][ T5197] EXT4-fs: Ignoring removed oldalloc option
[ 51.251990][ T5197] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 51.261820][ T5197] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 51.270745][ T5197] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5199] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5199] close(3) = 0
[pid 5199] mkdir("./file0", 0777) = 0
[pid 5199] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5199] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5199] chdir("./file0") = 0
[pid 5199] ioctl(4, LOOP_CLR_FD) = 0
[pid 5199] close(4) = 0
[pid 5199] exit_group(0) = ?
[pid 5199] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5199, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./61/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./61/binderfs") = 0
[ 51.301928][ T5199] loop0: detected capacity change from 0 to 512
[ 51.303905][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 51.309830][ T5199] EXT4-fs: Ignoring removed oldalloc option
[ 51.324393][ T5199] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 51.334426][ T5199] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 51.343172][ T5199] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./61/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./61/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./61") = 0
mkdir("./62", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5201
./strace-static-x86_64: Process 5201 attached
[pid 5201] chdir("./62") = 0
[pid 5201] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5201] setpgid(0, 0) = 0
[pid 5201] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5201] write(3, "1000", 4) = 4
[pid 5201] close(3) = 0
[pid 5201] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5201] memfd_create("syzkaller", 0) = 3
[pid 5201] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5201] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5201] munmap(0x7fa925b50000, 262144) = 0
[pid 5201] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5201] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5201] close(3) = 0
[pid 5201] mkdir("./file0", 0777) = 0
[pid 5201] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5201] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5201] chdir("./file0") = 0
[pid 5201] ioctl(4, LOOP_CLR_FD) = 0
[pid 5201] close(4) = 0
[pid 5201] exit_group(0) = ?
[pid 5201] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5201, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./62/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./62/binderfs") = 0
[ 51.407232][ T5201] loop0: detected capacity change from 0 to 512
[ 51.415371][ T5201] EXT4-fs: Ignoring removed oldalloc option
[ 51.422331][ T5201] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 51.431938][ T5201] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 51.440521][ T5201] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./62/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./62/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./62") = 0
mkdir("./63", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5203
./strace-static-x86_64: Process 5203 attached
[pid 5203] chdir("./63") = 0
[pid 5203] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5203] setpgid(0, 0) = 0
[pid 5203] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5203] write(3, "1000", 4) = 4
[pid 5203] close(3) = 0
[pid 5203] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5203] memfd_create("syzkaller", 0) = 3
[pid 5203] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5203] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5203] munmap(0x7fa925b50000, 262144) = 0
[pid 5203] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5203] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5203] close(3) = 0
[pid 5203] mkdir("./file0", 0777) = 0
[pid 5203] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5203] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5203] chdir("./file0") = 0
[pid 5203] ioctl(4, LOOP_CLR_FD) = 0
[pid 5203] close(4) = 0
[pid 5203] exit_group(0) = ?
[pid 5203] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5203, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./63/binderfs") = 0
umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./63/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
[ 51.511688][ T5203] loop0: detected capacity change from 0 to 512
[ 51.521823][ T5203] EXT4-fs: Ignoring removed oldalloc option
[ 51.528204][ T5203] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 51.537812][ T5203] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 51.546531][ T5203] EXT4-fs (loop0): 1 truncate cleaned up
rmdir("./63/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./63") = 0
mkdir("./64", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5205
./strace-static-x86_64: Process 5205 attached
[pid 5205] chdir("./64") = 0
[pid 5205] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5205] setpgid(0, 0) = 0
[pid 5205] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5205] write(3, "1000", 4) = 4
[pid 5205] close(3) = 0
[pid 5205] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5205] memfd_create("syzkaller", 0) = 3
[pid 5205] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5205] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5205] munmap(0x7fa925b50000, 262144) = 0
[pid 5205] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5205] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5205] close(3) = 0
[pid 5205] mkdir("./file0", 0777) = 0
[pid 5205] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5205] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5205] chdir("./file0") = 0
[pid 5205] ioctl(4, LOOP_CLR_FD) = 0
[pid 5205] close(4) = 0
[pid 5205] exit_group(0) = ?
[pid 5205] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5205, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./64/binderfs") = 0
umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[ 51.602266][ T5205] loop0: detected capacity change from 0 to 512
[ 51.609704][ T5205] EXT4-fs: Ignoring removed oldalloc option
[ 51.616227][ T5205] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 51.628928][ T5205] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 51.637643][ T5205] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./64/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./64/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./64") = 0
mkdir("./65", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5207
./strace-static-x86_64: Process 5207 attached
[pid 5207] chdir("./65") = 0
[pid 5207] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5207] setpgid(0, 0) = 0
[pid 5207] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5207] write(3, "1000", 4) = 4
[pid 5207] close(3) = 0
[pid 5207] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5207] memfd_create("syzkaller", 0) = 3
[pid 5207] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5207] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5207] munmap(0x7fa925b50000, 262144) = 0
[pid 5207] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5207] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5207] close(3) = 0
[pid 5207] mkdir("./file0", 0777) = 0
[pid 5207] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5207] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5207] chdir("./file0") = 0
[pid 5207] ioctl(4, LOOP_CLR_FD) = 0
[pid 5207] close(4) = 0
[pid 5207] exit_group(0) = ?
[pid 5207] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5207, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./65/binderfs") = 0
umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./65/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./65/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./65") = 0
[ 51.702854][ T5207] loop0: detected capacity change from 0 to 512
[ 51.711545][ T5207] EXT4-fs: Ignoring removed oldalloc option
[ 51.717886][ T5207] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 51.727664][ T5207] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 51.736887][ T5207] EXT4-fs (loop0): 1 truncate cleaned up
mkdir("./66", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5209 attached
<unfinished ...>
[pid 5209] chdir("./66") = 0
[pid 5209] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5209] setpgid(0, 0) = 0
[pid 5209] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid 5075] <... clone resumed>, child_tidptr=0x555555bf85d0) = 5209
[pid 5209] <... openat resumed>) = 3
[pid 5209] write(3, "1000", 4) = 4
[pid 5209] close(3) = 0
[pid 5209] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5209] memfd_create("syzkaller", 0) = 3
[pid 5209] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5209] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5209] munmap(0x7fa925b50000, 262144) = 0
[pid 5209] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5209] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5209] close(3) = 0
[pid 5209] mkdir("./file0", 0777) = 0
[pid 5209] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5209] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5209] chdir("./file0") = 0
[pid 5209] ioctl(4, LOOP_CLR_FD) = 0
[pid 5209] close(4) = 0
[pid 5209] exit_group(0) = ?
[pid 5209] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5209, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./66/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./66/binderfs") = 0
[ 51.795302][ T5209] loop0: detected capacity change from 0 to 512
[ 51.803169][ T5209] EXT4-fs: Ignoring removed oldalloc option
[ 51.810036][ T5209] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 51.819726][ T5209] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 51.828296][ T5209] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./66/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./66/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./66") = 0
mkdir("./67", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5211
./strace-static-x86_64: Process 5211 attached
[pid 5211] chdir("./67") = 0
[pid 5211] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5211] setpgid(0, 0) = 0
[pid 5211] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5211] write(3, "1000", 4) = 4
[pid 5211] close(3) = 0
[pid 5211] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5211] memfd_create("syzkaller", 0) = 3
[pid 5211] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5211] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5211] munmap(0x7fa925b50000, 262144) = 0
[pid 5211] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5211] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5211] close(3) = 0
[pid 5211] mkdir("./file0", 0777) = 0
[pid 5211] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5211] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5211] chdir("./file0") = 0
[pid 5211] ioctl(4, LOOP_CLR_FD) = 0
[pid 5211] close(4) = 0
[pid 5211] exit_group(0) = ?
[pid 5211] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5211, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./67/binderfs") = 0
umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./67/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
[ 51.897977][ T5211] loop0: detected capacity change from 0 to 512
[ 51.905601][ T5211] EXT4-fs: Ignoring removed oldalloc option
[ 51.912520][ T5211] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 51.921950][ T5211] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 51.930802][ T5211] EXT4-fs (loop0): 1 truncate cleaned up
rmdir("./67/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./67") = 0
mkdir("./68", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5213 attached
, child_tidptr=0x555555bf85d0) = 5213
[pid 5213] chdir("./68") = 0
[pid 5213] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5213] setpgid(0, 0) = 0
[pid 5213] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5213] write(3, "1000", 4) = 4
[pid 5213] close(3) = 0
[pid 5213] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5213] memfd_create("syzkaller", 0) = 3
[pid 5213] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5213] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5213] munmap(0x7fa925b50000, 262144) = 0
[pid 5213] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5213] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5213] close(3) = 0
[pid 5213] mkdir("./file0", 0777) = 0
[pid 5213] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5213] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5213] chdir("./file0") = 0
[pid 5213] ioctl(4, LOOP_CLR_FD) = 0
[pid 5213] close(4) = 0
[pid 5213] exit_group(0) = ?
[pid 5213] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5213, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./68/binderfs") = 0
umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./68/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
[ 51.991472][ T5213] loop0: detected capacity change from 0 to 512
[ 51.999716][ T5213] EXT4-fs: Ignoring removed oldalloc option
[ 52.006190][ T5213] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 52.016174][ T5213] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 52.024932][ T5213] EXT4-fs (loop0): 1 truncate cleaned up
close(4) = 0
rmdir("./68/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./68") = 0
mkdir("./69", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5215
./strace-static-x86_64: Process 5215 attached
[pid 5215] chdir("./69") = 0
[pid 5215] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5215] setpgid(0, 0) = 0
[pid 5215] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5215] write(3, "1000", 4) = 4
[pid 5215] close(3) = 0
[pid 5215] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5215] memfd_create("syzkaller", 0) = 3
[pid 5215] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5215] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5215] munmap(0x7fa925b50000, 262144) = 0
[pid 5215] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5215] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5215] close(3) = 0
[pid 5215] mkdir("./file0", 0777) = 0
[pid 5215] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5215] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5215] chdir("./file0") = 0
[pid 5215] ioctl(4, LOOP_CLR_FD) = 0
[pid 5215] close(4) = 0
[pid 5215] exit_group(0) = ?
[pid 5215] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5215, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./69/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./69/binderfs") = 0
[ 52.085938][ T5215] loop0: detected capacity change from 0 to 512
[ 52.093872][ T5215] EXT4-fs: Ignoring removed oldalloc option
[ 52.100340][ T5215] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 52.110466][ T5215] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 52.119217][ T5215] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./69/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./69/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./69") = 0
mkdir("./70", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5217 attached
<unfinished ...>
[pid 5217] chdir("./70" <unfinished ...>
[pid 5075] <... clone resumed>, child_tidptr=0x555555bf85d0) = 5217
[pid 5217] <... chdir resumed>) = 0
[pid 5217] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5217] setpgid(0, 0) = 0
[pid 5217] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5217] write(3, "1000", 4) = 4
[pid 5217] close(3) = 0
[pid 5217] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5217] memfd_create("syzkaller", 0) = 3
[pid 5217] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5217] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5217] munmap(0x7fa925b50000, 262144) = 0
[pid 5217] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5217] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5217] close(3) = 0
[pid 5217] mkdir("./file0", 0777) = 0
[pid 5217] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5217] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5217] chdir("./file0") = 0
[pid 5217] ioctl(4, LOOP_CLR_FD) = 0
[pid 5217] close(4) = 0
[pid 5217] exit_group(0) = ?
[pid 5217] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5217, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./70/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./70/binderfs") = 0
umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./70/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./70/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
[ 52.183750][ T5217] loop0: detected capacity change from 0 to 512
[ 52.191770][ T5217] EXT4-fs: Ignoring removed oldalloc option
[ 52.198207][ T5217] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 52.208349][ T5217] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 52.217039][ T5217] EXT4-fs (loop0): 1 truncate cleaned up
rmdir("./70") = 0
mkdir("./71", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5219
./strace-static-x86_64: Process 5219 attached
[pid 5219] chdir("./71") = 0
[pid 5219] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5219] setpgid(0, 0) = 0
[pid 5219] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5219] write(3, "1000", 4) = 4
[pid 5219] close(3) = 0
[pid 5219] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5219] memfd_create("syzkaller", 0) = 3
[pid 5219] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5219] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5219] munmap(0x7fa925b50000, 262144) = 0
[pid 5219] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5219] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5219] close(3) = 0
[pid 5219] mkdir("./file0", 0777) = 0
[ 52.280448][ T5219] loop0: detected capacity change from 0 to 512
[ 52.288192][ T5219] EXT4-fs: Ignoring removed oldalloc option
[ 52.295127][ T5219] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 52.304747][ T5219] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 52.313425][ T5219] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5219] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5219] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5219] chdir("./file0") = 0
[pid 5219] ioctl(4, LOOP_CLR_FD) = 0
[pid 5219] close(4) = 0
[pid 5219] exit_group(0) = ?
[pid 5219] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5219, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./71/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./71/binderfs") = 0
umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./71/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./71/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./71") = 0
mkdir("./72", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5221
./strace-static-x86_64: Process 5221 attached
[pid 5221] chdir("./72") = 0
[pid 5221] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5221] setpgid(0, 0) = 0
[pid 5221] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5221] write(3, "1000", 4) = 4
[pid 5221] close(3) = 0
[pid 5221] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5221] memfd_create("syzkaller", 0) = 3
[pid 5221] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5221] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5221] munmap(0x7fa925b50000, 262144) = 0
[pid 5221] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5221] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5221] close(3) = 0
[pid 5221] mkdir("./file0", 0777) = 0
[pid 5221] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5221] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5221] chdir("./file0") = 0
[pid 5221] ioctl(4, LOOP_CLR_FD) = 0
[pid 5221] close(4) = 0
[pid 5221] exit_group(0) = ?
[pid 5221] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5221, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./72/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./72/binderfs") = 0
[ 52.409950][ T5221] loop0: detected capacity change from 0 to 512
[ 52.418636][ T5221] EXT4-fs: Ignoring removed oldalloc option
[ 52.425735][ T5221] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 52.435380][ T5221] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 52.443828][ T5221] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./72/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./72/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./72") = 0
mkdir("./73", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5223 attached
, child_tidptr=0x555555bf85d0) = 5223
[pid 5223] chdir("./73") = 0
[pid 5223] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5223] setpgid(0, 0) = 0
[pid 5223] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5223] write(3, "1000", 4) = 4
[pid 5223] close(3) = 0
[pid 5223] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5223] memfd_create("syzkaller", 0) = 3
[pid 5223] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5223] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5223] munmap(0x7fa925b50000, 262144) = 0
[pid 5223] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5223] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5223] close(3) = 0
[pid 5223] mkdir("./file0", 0777) = 0
[pid 5223] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5223] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5223] chdir("./file0") = 0
[pid 5223] ioctl(4, LOOP_CLR_FD) = 0
[pid 5223] close(4) = 0
[pid 5223] exit_group(0) = ?
[pid 5223] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5223, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./73", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./73/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./73/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./73/binderfs") = 0
umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./73/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
[ 52.507706][ T5223] loop0: detected capacity change from 0 to 512
[ 52.516366][ T5223] EXT4-fs: Ignoring removed oldalloc option
[ 52.522922][ T5223] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 52.532505][ T5223] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 52.541369][ T5223] EXT4-fs (loop0): 1 truncate cleaned up
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./73/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./73") = 0
mkdir("./74", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5225 attached
<unfinished ...>
[pid 5225] chdir("./74") = 0
[pid 5075] <... clone resumed>, child_tidptr=0x555555bf85d0) = 5225
[pid 5225] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5225] setpgid(0, 0) = 0
[pid 5225] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5225] write(3, "1000", 4) = 4
[pid 5225] close(3) = 0
[pid 5225] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5225] memfd_create("syzkaller", 0) = 3
[pid 5225] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5225] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5225] munmap(0x7fa925b50000, 262144) = 0
[pid 5225] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5225] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5225] close(3) = 0
[pid 5225] mkdir("./file0", 0777) = 0
[pid 5225] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5225] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5225] chdir("./file0") = 0
[pid 5225] ioctl(4, LOOP_CLR_FD) = 0
[pid 5225] close(4) = 0
[pid 5225] exit_group(0) = ?
[pid 5225] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5225, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./74", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./74/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./74/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./74/binderfs") = 0
umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./74/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./74/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
[ 52.602761][ T5225] loop0: detected capacity change from 0 to 512
[ 52.610892][ T5225] EXT4-fs: Ignoring removed oldalloc option
[ 52.617266][ T5225] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 52.627349][ T5225] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 52.635859][ T5225] EXT4-fs (loop0): 1 truncate cleaned up
rmdir("./74") = 0
mkdir("./75", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5227 attached
<unfinished ...>
[pid 5227] chdir("./75") = 0
[pid 5075] <... clone resumed>, child_tidptr=0x555555bf85d0) = 5227
[pid 5227] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5227] setpgid(0, 0) = 0
[pid 5227] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5227] write(3, "1000", 4) = 4
[pid 5227] close(3) = 0
[pid 5227] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5227] memfd_create("syzkaller", 0) = 3
[pid 5227] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5227] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5227] munmap(0x7fa925b50000, 262144) = 0
[pid 5227] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5227] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5227] close(3) = 0
[pid 5227] mkdir("./file0", 0777) = 0
[ 52.695877][ T5227] loop0: detected capacity change from 0 to 512
[ 52.704146][ T5227] EXT4-fs: Ignoring removed oldalloc option
[ 52.710926][ T5227] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 52.721070][ T5227] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 52.729757][ T5227] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5227] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5227] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5227] chdir("./file0") = 0
[pid 5227] ioctl(4, LOOP_CLR_FD) = 0
[pid 5227] close(4) = 0
[pid 5227] exit_group(0) = ?
[pid 5227] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5227, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./75", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./75/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./75/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./75/binderfs") = 0
umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./75/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./75/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./75") = 0
mkdir("./76", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5229
./strace-static-x86_64: Process 5229 attached
[pid 5229] chdir("./76") = 0
[pid 5229] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5229] setpgid(0, 0) = 0
[pid 5229] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5229] write(3, "1000", 4) = 4
[pid 5229] close(3) = 0
[pid 5229] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5229] memfd_create("syzkaller", 0) = 3
[pid 5229] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5229] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5229] munmap(0x7fa925b50000, 262144) = 0
[pid 5229] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5229] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5229] close(3) = 0
[pid 5229] mkdir("./file0", 0777) = 0
[pid 5229] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5229] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5229] chdir("./file0") = 0
[pid 5229] ioctl(4, LOOP_CLR_FD) = 0
[pid 5229] close(4) = 0
[pid 5229] exit_group(0) = ?
[ 52.806083][ T5229] loop0: detected capacity change from 0 to 512
[ 52.808900][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 52.823508][ T5229] EXT4-fs: Ignoring removed oldalloc option
[ 52.830171][ T5229] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 52.840299][ T5229] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 52.849109][ T5229] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5229] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5229, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./76", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./76/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./76/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./76/binderfs") = 0
umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./76/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./76/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./76") = 0
mkdir("./77", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5231 attached
, child_tidptr=0x555555bf85d0) = 5231
[pid 5231] chdir("./77") = 0
[pid 5231] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5231] setpgid(0, 0) = 0
[pid 5231] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5231] write(3, "1000", 4) = 4
[pid 5231] close(3) = 0
[pid 5231] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5231] memfd_create("syzkaller", 0) = 3
[pid 5231] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5231] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5231] munmap(0x7fa925b50000, 262144) = 0
[pid 5231] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5231] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5231] close(3) = 0
[pid 5231] mkdir("./file0", 0777) = 0
[pid 5231] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5231] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5231] chdir("./file0") = 0
[pid 5231] ioctl(4, LOOP_CLR_FD) = 0
[pid 5231] close(4) = 0
[pid 5231] exit_group(0) = ?
[pid 5231] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5231, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./77", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./77/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./77/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./77/binderfs") = 0
[ 52.914469][ T5231] loop0: detected capacity change from 0 to 512
[ 52.922797][ T5231] EXT4-fs: Ignoring removed oldalloc option
[ 52.929083][ T5231] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 52.938981][ T5231] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 52.948084][ T5231] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./77/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./77/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./77") = 0
mkdir("./78", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5233
./strace-static-x86_64: Process 5233 attached
[pid 5233] chdir("./78") = 0
[pid 5233] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5233] setpgid(0, 0) = 0
[pid 5233] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5233] write(3, "1000", 4) = 4
[pid 5233] close(3) = 0
[pid 5233] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5233] memfd_create("syzkaller", 0) = 3
[pid 5233] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5233] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5233] munmap(0x7fa925b50000, 262144) = 0
[pid 5233] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5233] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5233] close(3) = 0
[pid 5233] mkdir("./file0", 0777) = 0
[pid 5233] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5233] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5233] chdir("./file0") = 0
[pid 5233] ioctl(4, LOOP_CLR_FD) = 0
[pid 5233] close(4) = 0
[pid 5233] exit_group(0) = ?
[pid 5233] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5233, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./78", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./78/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./78/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./78/binderfs") = 0
umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./78/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
[ 53.021361][ T5233] loop0: detected capacity change from 0 to 512
[ 53.029789][ T5233] EXT4-fs: Ignoring removed oldalloc option
[ 53.036334][ T5233] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 53.047106][ T5233] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.056055][ T5233] EXT4-fs (loop0): 1 truncate cleaned up
close(4) = 0
rmdir("./78/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./78") = 0
mkdir("./79", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5235 attached
, child_tidptr=0x555555bf85d0) = 5235
[pid 5235] chdir("./79") = 0
[pid 5235] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5235] setpgid(0, 0) = 0
[pid 5235] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5235] write(3, "1000", 4) = 4
[pid 5235] close(3) = 0
[pid 5235] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5235] memfd_create("syzkaller", 0) = 3
[pid 5235] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5235] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5235] munmap(0x7fa925b50000, 262144) = 0
[pid 5235] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5235] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5235] close(3) = 0
[pid 5235] mkdir("./file0", 0777) = 0
[pid 5235] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5235] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5235] chdir("./file0") = 0
[pid 5235] ioctl(4, LOOP_CLR_FD) = 0
[pid 5235] close(4) = 0
[pid 5235] exit_group(0) = ?
[pid 5235] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5235, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./79", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./79/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./79/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./79/binderfs") = 0
umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./79/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 53.113669][ T5235] loop0: detected capacity change from 0 to 512
[ 53.121629][ T5235] EXT4-fs: Ignoring removed oldalloc option
[ 53.128137][ T5235] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 53.138481][ T5235] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.147014][ T5235] EXT4-fs (loop0): 1 truncate cleaned up
openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./79/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./79") = 0
mkdir("./80", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5237 attached
<unfinished ...>
[pid 5237] chdir("./80") = 0
[pid 5237] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5237] setpgid(0, 0) = 0
[pid 5237] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5237] write(3, "1000", 4) = 4
[pid 5237] close(3) = 0
[pid 5237] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5237] memfd_create("syzkaller", 0) = 3
[pid 5237] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5075] <... clone resumed>, child_tidptr=0x555555bf85d0) = 5237
[pid 5237] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5237] munmap(0x7fa925b50000, 262144) = 0
[pid 5237] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5237] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5237] close(3) = 0
[pid 5237] mkdir("./file0", 0777) = 0
[pid 5237] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5237] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5237] chdir("./file0") = 0
[pid 5237] ioctl(4, LOOP_CLR_FD) = 0
[pid 5237] close(4) = 0
[pid 5237] exit_group(0) = ?
[pid 5237] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5237, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./80", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./80/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./80/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./80/binderfs") = 0
umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./80/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
[ 53.210434][ T5237] loop0: detected capacity change from 0 to 512
[ 53.218510][ T5237] EXT4-fs: Ignoring removed oldalloc option
[ 53.225118][ T5237] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 53.235184][ T5237] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.243801][ T5237] EXT4-fs (loop0): 1 truncate cleaned up
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./80/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./80") = 0
mkdir("./81", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5239
./strace-static-x86_64: Process 5239 attached
[pid 5239] chdir("./81") = 0
[pid 5239] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5239] setpgid(0, 0) = 0
[pid 5239] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5239] write(3, "1000", 4) = 4
[pid 5239] close(3) = 0
[pid 5239] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5239] memfd_create("syzkaller", 0) = 3
[pid 5239] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5239] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5239] munmap(0x7fa925b50000, 262144) = 0
[pid 5239] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5239] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5239] close(3) = 0
[pid 5239] mkdir("./file0", 0777) = 0
[pid 5239] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5239] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5239] chdir("./file0") = 0
[pid 5239] ioctl(4, LOOP_CLR_FD) = 0
[pid 5239] close(4) = 0
[pid 5239] exit_group(0) = ?
[pid 5239] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5239, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./81", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./81/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./81/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./81/binderfs") = 0
umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./81/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
[ 53.305562][ T5239] loop0: detected capacity change from 0 to 512
[ 53.314026][ T5239] EXT4-fs: Ignoring removed oldalloc option
[ 53.320765][ T5239] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 53.330826][ T5239] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.339474][ T5239] EXT4-fs (loop0): 1 truncate cleaned up
rmdir("./81/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./81") = 0
mkdir("./82", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5241
./strace-static-x86_64: Process 5241 attached
[pid 5241] chdir("./82") = 0
[pid 5241] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5241] setpgid(0, 0) = 0
[pid 5241] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5241] write(3, "1000", 4) = 4
[pid 5241] close(3) = 0
[pid 5241] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5241] memfd_create("syzkaller", 0) = 3
[pid 5241] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5241] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5241] munmap(0x7fa925b50000, 262144) = 0
[pid 5241] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5241] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5241] close(3) = 0
[pid 5241] mkdir("./file0", 0777) = 0
[pid 5241] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5241] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5241] chdir("./file0") = 0
[pid 5241] ioctl(4, LOOP_CLR_FD) = 0
[pid 5241] close(4) = 0
[pid 5241] exit_group(0) = ?
[pid 5241] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5241, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./82", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./82/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./82/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./82/binderfs") = 0
umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./82/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[ 53.399193][ T5241] loop0: detected capacity change from 0 to 512
[ 53.407372][ T5241] EXT4-fs: Ignoring removed oldalloc option
[ 53.413912][ T5241] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 53.424076][ T5241] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.432670][ T5241] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./82/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./82") = 0
mkdir("./83", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5243 attached
, child_tidptr=0x555555bf85d0) = 5243
[pid 5243] chdir("./83") = 0
[pid 5243] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5243] setpgid(0, 0) = 0
[pid 5243] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5243] write(3, "1000", 4) = 4
[pid 5243] close(3) = 0
[pid 5243] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5243] memfd_create("syzkaller", 0) = 3
[pid 5243] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5243] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5243] munmap(0x7fa925b50000, 262144) = 0
[pid 5243] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5243] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5243] close(3) = 0
[pid 5243] mkdir("./file0", 0777) = 0
[pid 5243] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5243] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5243] chdir("./file0") = 0
[pid 5243] ioctl(4, LOOP_CLR_FD) = 0
[pid 5243] close(4) = 0
[pid 5243] exit_group(0) = ?
[pid 5243] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5243, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./83", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./83/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./83/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./83/binderfs") = 0
umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./83/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./83/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./83") = 0
[ 53.498327][ T5243] loop0: detected capacity change from 0 to 512
[ 53.506482][ T5243] EXT4-fs: Ignoring removed oldalloc option
[ 53.513170][ T5243] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 53.523491][ T5243] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.532028][ T5243] EXT4-fs (loop0): 1 truncate cleaned up
mkdir("./84", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5245
./strace-static-x86_64: Process 5245 attached
[pid 5245] chdir("./84") = 0
[pid 5245] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5245] setpgid(0, 0) = 0
[pid 5245] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5245] write(3, "1000", 4) = 4
[pid 5245] close(3) = 0
[pid 5245] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5245] memfd_create("syzkaller", 0) = 3
[pid 5245] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5245] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5245] munmap(0x7fa925b50000, 262144) = 0
[pid 5245] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5245] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5245] close(3) = 0
[pid 5245] mkdir("./file0", 0777) = 0
[pid 5245] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5245] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5245] chdir("./file0") = 0
[pid 5245] ioctl(4, LOOP_CLR_FD) = 0
[pid 5245] close(4) = 0
[pid 5245] exit_group(0) = ?
[pid 5245] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5245, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./84", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./84/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./84/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./84/binderfs") = 0
umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./84/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[ 53.589462][ T5245] loop0: detected capacity change from 0 to 512
[ 53.597069][ T5245] EXT4-fs: Ignoring removed oldalloc option
[ 53.603737][ T5245] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 53.613953][ T5245] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.622828][ T5245] EXT4-fs (loop0): 1 truncate cleaned up
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./84/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./84") = 0
mkdir("./85", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5247 attached
, child_tidptr=0x555555bf85d0) = 5247
[pid 5247] chdir("./85") = 0
[pid 5247] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5247] setpgid(0, 0) = 0
[pid 5247] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5247] write(3, "1000", 4) = 4
[pid 5247] close(3) = 0
[pid 5247] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5247] memfd_create("syzkaller", 0) = 3
[pid 5247] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5247] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5247] munmap(0x7fa925b50000, 262144) = 0
[pid 5247] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5247] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5247] close(3) = 0
[pid 5247] mkdir("./file0", 0777) = 0
[pid 5247] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5247] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5247] chdir("./file0") = 0
[pid 5247] ioctl(4, LOOP_CLR_FD) = 0
[pid 5247] close(4) = 0
[pid 5247] exit_group(0) = ?
[pid 5247] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5247, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./85", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./85/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./85/binderfs") = 0
[ 53.685430][ T5247] loop0: detected capacity change from 0 to 512
[ 53.693063][ T5247] EXT4-fs: Ignoring removed oldalloc option
[ 53.699720][ T5247] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 53.709100][ T5247] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.717744][ T5247] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./85/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./85/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./85") = 0
mkdir("./86", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5249
./strace-static-x86_64: Process 5249 attached
[pid 5249] chdir("./86") = 0
[pid 5249] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5249] setpgid(0, 0) = 0
[pid 5249] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5249] write(3, "1000", 4) = 4
[pid 5249] close(3) = 0
[pid 5249] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5249] memfd_create("syzkaller", 0) = 3
[pid 5249] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5249] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5249] munmap(0x7fa925b50000, 262144) = 0
[pid 5249] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5249] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5249] close(3) = 0
[pid 5249] mkdir("./file0", 0777) = 0
[pid 5249] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5249] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5249] chdir("./file0") = 0
[pid 5249] ioctl(4, LOOP_CLR_FD) = 0
[pid 5249] close(4) = 0
[pid 5249] exit_group(0) = ?
[pid 5249] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5249, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./86", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./86/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./86/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./86/binderfs") = 0
umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./86/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
[ 53.790210][ T5249] loop0: detected capacity change from 0 to 512
[ 53.797480][ T5249] EXT4-fs: Ignoring removed oldalloc option
[ 53.804261][ T5249] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 53.813877][ T5249] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.822518][ T5249] EXT4-fs (loop0): 1 truncate cleaned up
close(4) = 0
rmdir("./86/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./86") = 0
mkdir("./87", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5251
./strace-static-x86_64: Process 5251 attached
[pid 5251] chdir("./87") = 0
[pid 5251] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5251] setpgid(0, 0) = 0
[pid 5251] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5251] write(3, "1000", 4) = 4
[pid 5251] close(3) = 0
[pid 5251] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5251] memfd_create("syzkaller", 0) = 3
[pid 5251] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5251] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5251] munmap(0x7fa925b50000, 262144) = 0
[pid 5251] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5251] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5251] close(3) = 0
[pid 5251] mkdir("./file0", 0777) = 0
[pid 5251] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5251] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5251] chdir("./file0") = 0
[pid 5251] ioctl(4, LOOP_CLR_FD) = 0
[pid 5251] close(4) = 0
[pid 5251] exit_group(0) = ?
[pid 5251] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5251, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./87", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./87/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./87/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./87/binderfs") = 0
[ 53.885553][ T5251] loop0: detected capacity change from 0 to 512
[ 53.893258][ T5251] EXT4-fs: Ignoring removed oldalloc option
[ 53.900082][ T5251] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 53.909630][ T5251] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.918611][ T5251] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./87/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./87/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./87") = 0
mkdir("./88", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5253
./strace-static-x86_64: Process 5253 attached
[pid 5253] chdir("./88") = 0
[pid 5253] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5253] setpgid(0, 0) = 0
[pid 5253] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5253] write(3, "1000", 4) = 4
[pid 5253] close(3) = 0
[pid 5253] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5253] memfd_create("syzkaller", 0) = 3
[pid 5253] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5253] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5253] munmap(0x7fa925b50000, 262144) = 0
[pid 5253] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5253] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5253] close(3) = 0
[pid 5253] mkdir("./file0", 0777) = 0
[pid 5253] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5253] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5253] chdir("./file0") = 0
[pid 5253] ioctl(4, LOOP_CLR_FD) = 0
[pid 5253] close(4) = 0
[pid 5253] exit_group(0) = ?
[pid 5253] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5253, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./88", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./88/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./88/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./88/binderfs") = 0
umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./88/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[ 53.990550][ T5253] loop0: detected capacity change from 0 to 512
[ 53.998846][ T5253] EXT4-fs: Ignoring removed oldalloc option
[ 54.005348][ T5253] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 54.015672][ T5253] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.024526][ T5253] EXT4-fs (loop0): 1 truncate cleaned up
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./88/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./88") = 0
mkdir("./89", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5255 attached
, child_tidptr=0x555555bf85d0) = 5255
[pid 5255] chdir("./89") = 0
[pid 5255] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5255] setpgid(0, 0) = 0
[pid 5255] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5255] write(3, "1000", 4) = 4
[pid 5255] close(3) = 0
[pid 5255] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5255] memfd_create("syzkaller", 0) = 3
[pid 5255] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5255] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5255] munmap(0x7fa925b50000, 262144) = 0
[pid 5255] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5255] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5255] close(3) = 0
[pid 5255] mkdir("./file0", 0777) = 0
[pid 5255] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5255] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5255] chdir("./file0") = 0
[pid 5255] ioctl(4, LOOP_CLR_FD) = 0
[pid 5255] close(4) = 0
[pid 5255] exit_group(0) = ?
[pid 5255] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5255, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./89", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./89/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./89/binderfs") = 0
umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./89/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[ 54.087669][ T5255] loop0: detected capacity change from 0 to 512
[ 54.096291][ T5255] EXT4-fs: Ignoring removed oldalloc option
[ 54.102792][ T5255] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 54.112893][ T5255] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.121362][ T5255] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./89/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./89") = 0
mkdir("./90", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5257
./strace-static-x86_64: Process 5257 attached
[pid 5257] chdir("./90") = 0
[pid 5257] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5257] setpgid(0, 0) = 0
[pid 5257] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5257] write(3, "1000", 4) = 4
[pid 5257] close(3) = 0
[pid 5257] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5257] memfd_create("syzkaller", 0) = 3
[pid 5257] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5257] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5257] munmap(0x7fa925b50000, 262144) = 0
[pid 5257] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5257] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5257] close(3) = 0
[pid 5257] mkdir("./file0", 0777) = 0
[pid 5257] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5257] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5257] chdir("./file0") = 0
[pid 5257] ioctl(4, LOOP_CLR_FD) = 0
[pid 5257] close(4) = 0
[pid 5257] exit_group(0) = ?
[pid 5257] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5257, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./90", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./90/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./90/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./90/binderfs") = 0
umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[ 54.184931][ T5257] loop0: detected capacity change from 0 to 512
[ 54.193697][ T5257] EXT4-fs: Ignoring removed oldalloc option
[ 54.200247][ T5257] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 54.210340][ T5257] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.219325][ T5257] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./90/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./90/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./90") = 0
mkdir("./91", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5259
./strace-static-x86_64: Process 5259 attached
[pid 5259] chdir("./91") = 0
[pid 5259] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5259] setpgid(0, 0) = 0
[pid 5259] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5259] write(3, "1000", 4) = 4
[pid 5259] close(3) = 0
[pid 5259] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5259] memfd_create("syzkaller", 0) = 3
[pid 5259] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5259] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5259] munmap(0x7fa925b50000, 262144) = 0
[pid 5259] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5259] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5259] close(3) = 0
[pid 5259] mkdir("./file0", 0777) = 0
[pid 5259] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5259] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5259] chdir("./file0") = 0
[pid 5259] ioctl(4, LOOP_CLR_FD) = 0
[pid 5259] close(4) = 0
[pid 5259] exit_group(0) = ?
[pid 5259] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5259, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./91", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./91/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./91/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./91/binderfs") = 0
[ 54.287789][ T5259] loop0: detected capacity change from 0 to 512
[ 54.296486][ T5259] EXT4-fs: Ignoring removed oldalloc option
[ 54.302932][ T5259] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 54.312949][ T5259] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.321684][ T5259] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./91/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./91/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./91") = 0
mkdir("./92", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5261 attached
, child_tidptr=0x555555bf85d0) = 5261
[pid 5261] chdir("./92") = 0
[pid 5261] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5261] setpgid(0, 0) = 0
[pid 5261] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5261] write(3, "1000", 4) = 4
[pid 5261] close(3) = 0
[pid 5261] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5261] memfd_create("syzkaller", 0) = 3
[pid 5261] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5261] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5261] munmap(0x7fa925b50000, 262144) = 0
[pid 5261] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5261] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5261] close(3) = 0
[pid 5261] mkdir("./file0", 0777) = 0
[pid 5261] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5261] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5261] chdir("./file0") = 0
[pid 5261] ioctl(4, LOOP_CLR_FD) = 0
[pid 5261] close(4) = 0
[pid 5261] exit_group(0) = ?
[pid 5261] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5261, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./92", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./92/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./92/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./92/binderfs") = 0
[ 54.384693][ T5261] loop0: detected capacity change from 0 to 512
[ 54.393482][ T5261] EXT4-fs: Ignoring removed oldalloc option
[ 54.399975][ T5261] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 54.410293][ T5261] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.418959][ T5261] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./92/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./92/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./92") = 0
mkdir("./93", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5263 attached
<unfinished ...>
[pid 5263] chdir("./93") = 0
[pid 5263] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5263] setpgid(0, 0) = 0
[pid 5075] <... clone resumed>, child_tidptr=0x555555bf85d0) = 5263
[pid 5263] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5263] write(3, "1000", 4) = 4
[pid 5263] close(3) = 0
[pid 5263] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5263] memfd_create("syzkaller", 0) = 3
[pid 5263] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5263] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5263] munmap(0x7fa925b50000, 262144) = 0
[pid 5263] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5263] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5263] close(3) = 0
[pid 5263] mkdir("./file0", 0777) = 0
[pid 5263] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5263] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5263] chdir("./file0") = 0
[pid 5263] ioctl(4, LOOP_CLR_FD) = 0
[pid 5263] close(4) = 0
[pid 5263] exit_group(0) = ?
[pid 5263] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5263, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./93", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./93/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./93/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./93/binderfs") = 0
umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./93/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./93/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./93") = 0
mkdir("./94", 0777) = 0
[ 54.489760][ T5263] loop0: detected capacity change from 0 to 512
[ 54.497985][ T5263] EXT4-fs: Ignoring removed oldalloc option
[ 54.504436][ T5263] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 54.514097][ T5263] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.522807][ T5263] EXT4-fs (loop0): 1 truncate cleaned up
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5265
./strace-static-x86_64: Process 5265 attached
[pid 5265] chdir("./94") = 0
[pid 5265] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5265] setpgid(0, 0) = 0
[pid 5265] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5265] write(3, "1000", 4) = 4
[pid 5265] close(3) = 0
[pid 5265] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5265] memfd_create("syzkaller", 0) = 3
[pid 5265] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5265] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5265] munmap(0x7fa925b50000, 262144) = 0
[pid 5265] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5265] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5265] close(3) = 0
[pid 5265] mkdir("./file0", 0777) = 0
[pid 5265] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5265] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5265] chdir("./file0") = 0
[pid 5265] ioctl(4, LOOP_CLR_FD) = 0
[pid 5265] close(4) = 0
[pid 5265] exit_group(0) = ?
[pid 5265] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5265, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./94", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./94/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./94/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./94/binderfs") = 0
[ 54.584858][ T5265] loop0: detected capacity change from 0 to 512
[ 54.593925][ T5265] EXT4-fs: Ignoring removed oldalloc option
[ 54.600517][ T5265] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 54.610138][ T5265] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.618738][ T5265] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./94/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./94/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./94") = 0
mkdir("./95", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5267 attached
, child_tidptr=0x555555bf85d0) = 5267
[pid 5267] chdir("./95") = 0
[pid 5267] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5267] setpgid(0, 0) = 0
[pid 5267] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5267] write(3, "1000", 4) = 4
[pid 5267] close(3) = 0
[pid 5267] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5267] memfd_create("syzkaller", 0) = 3
[pid 5267] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5267] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5267] munmap(0x7fa925b50000, 262144) = 0
[pid 5267] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5267] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5267] close(3) = 0
[pid 5267] mkdir("./file0", 0777) = 0
[ 54.687623][ T5267] loop0: detected capacity change from 0 to 512
[ 54.695803][ T5267] EXT4-fs: Ignoring removed oldalloc option
[ 54.702476][ T5267] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 54.712671][ T5267] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.721742][ T5267] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5267] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5267] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5267] chdir("./file0") = 0
[pid 5267] ioctl(4, LOOP_CLR_FD) = 0
[pid 5267] close(4) = 0
[pid 5267] exit_group(0) = ?
[pid 5267] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5267, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./95", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./95/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./95/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./95/binderfs") = 0
umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./95/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./95/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./95") = 0
mkdir("./96", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5269
./strace-static-x86_64: Process 5269 attached
[pid 5269] chdir("./96") = 0
[pid 5269] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5269] setpgid(0, 0) = 0
[pid 5269] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5269] write(3, "1000", 4) = 4
[pid 5269] close(3) = 0
[pid 5269] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5269] memfd_create("syzkaller", 0) = 3
[pid 5269] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5269] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5269] munmap(0x7fa925b50000, 262144) = 0
[pid 5269] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5269] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5269] close(3) = 0
[pid 5269] mkdir("./file0", 0777) = 0
[pid 5269] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5269] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5269] chdir("./file0") = 0
[pid 5269] ioctl(4, LOOP_CLR_FD) = 0
[pid 5269] close(4) = 0
[pid 5269] exit_group(0) = ?
[pid 5269] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5269, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./96", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./96/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./96/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./96/binderfs") = 0
umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 54.805601][ T5269] loop0: detected capacity change from 0 to 512
[ 54.813899][ T5269] EXT4-fs: Ignoring removed oldalloc option
[ 54.820810][ T5269] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 54.830321][ T5269] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.838698][ T5269] EXT4-fs (loop0): 1 truncate cleaned up
lstat("./96/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./96/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./96") = 0
mkdir("./97", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5271 attached
<unfinished ...>
[pid 5271] chdir("./97") = 0
[pid 5271] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5271] setpgid(0, 0) = 0
[pid 5271] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5271] write(3, "1000", 4) = 4
[pid 5271] close(3) = 0
[pid 5271] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5271] memfd_create("syzkaller", 0) = 3
[pid 5075] <... clone resumed>, child_tidptr=0x555555bf85d0) = 5271
[pid 5271] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5271] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5271] munmap(0x7fa925b50000, 262144) = 0
[pid 5271] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5271] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5271] close(3) = 0
[pid 5271] mkdir("./file0", 0777) = 0
[pid 5271] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5271] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5271] chdir("./file0") = 0
[pid 5271] ioctl(4, LOOP_CLR_FD) = 0
[pid 5271] close(4) = 0
[pid 5271] exit_group(0) = ?
[pid 5271] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5271, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./97", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./97/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./97/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./97/binderfs") = 0
umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./97/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./97/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./97") = 0
mkdir("./98", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 54.903502][ T5271] loop0: detected capacity change from 0 to 512
[ 54.911206][ T5271] EXT4-fs: Ignoring removed oldalloc option
[ 54.917636][ T5271] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 54.927916][ T5271] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.936511][ T5271] EXT4-fs (loop0): 1 truncate cleaned up
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5273
./strace-static-x86_64: Process 5273 attached
[pid 5273] chdir("./98") = 0
[pid 5273] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5273] setpgid(0, 0) = 0
[pid 5273] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5273] write(3, "1000", 4) = 4
[pid 5273] close(3) = 0
[pid 5273] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5273] memfd_create("syzkaller", 0) = 3
[pid 5273] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5273] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5273] munmap(0x7fa925b50000, 262144) = 0
[pid 5273] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5273] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5273] close(3) = 0
[pid 5273] mkdir("./file0", 0777) = 0
[pid 5273] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5273] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5273] chdir("./file0") = 0
[pid 5273] ioctl(4, LOOP_CLR_FD) = 0
[pid 5273] close(4) = 0
[pid 5273] exit_group(0) = ?
[pid 5273] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5273, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./98", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./98/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./98/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./98/binderfs") = 0
umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./98/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./98/file0") = 0
[ 54.996852][ T5273] loop0: detected capacity change from 0 to 512
[ 55.005371][ T5273] EXT4-fs: Ignoring removed oldalloc option
[ 55.012644][ T5273] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 55.022336][ T5273] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.030991][ T5273] EXT4-fs (loop0): 1 truncate cleaned up
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./98") = 0
mkdir("./99", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5275
./strace-static-x86_64: Process 5275 attached
[pid 5275] chdir("./99") = 0
[pid 5275] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5275] setpgid(0, 0) = 0
[pid 5275] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5275] write(3, "1000", 4) = 4
[pid 5275] close(3) = 0
[pid 5275] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5275] memfd_create("syzkaller", 0) = 3
[pid 5275] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5275] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5275] munmap(0x7fa925b50000, 262144) = 0
[pid 5275] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5275] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5275] close(3) = 0
[pid 5275] mkdir("./file0", 0777) = 0
[pid 5275] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5275] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5275] chdir("./file0") = 0
[pid 5275] ioctl(4, LOOP_CLR_FD) = 0
[pid 5275] close(4) = 0
[pid 5275] exit_group(0) = ?
[pid 5275] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5275, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./99", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./99/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./99/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./99/binderfs") = 0
[ 55.093671][ T5275] loop0: detected capacity change from 0 to 512
[ 55.102445][ T5275] EXT4-fs: Ignoring removed oldalloc option
[ 55.108827][ T5275] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 55.118655][ T5275] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.127466][ T5275] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./99/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./99/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./99") = 0
mkdir("./100", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5277 attached
, child_tidptr=0x555555bf85d0) = 5277
[pid 5277] chdir("./100") = 0
[pid 5277] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5277] setpgid(0, 0) = 0
[pid 5277] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5277] write(3, "1000", 4) = 4
[pid 5277] close(3) = 0
[pid 5277] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5277] memfd_create("syzkaller", 0) = 3
[pid 5277] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5277] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5277] munmap(0x7fa925b50000, 262144) = 0
[pid 5277] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5277] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5277] close(3) = 0
[pid 5277] mkdir("./file0", 0777) = 0
[pid 5277] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5277] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5277] chdir("./file0") = 0
[pid 5277] ioctl(4, LOOP_CLR_FD) = 0
[pid 5277] close(4) = 0
[pid 5277] exit_group(0) = ?
[pid 5277] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5277, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./100", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./100/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./100/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./100/binderfs") = 0
umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./100/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./100/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./100") = 0
mkdir("./101", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5279
./strace-static-x86_64: Process 5279 attached
[pid 5279] chdir("./101") = 0
[pid 5279] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5279] setpgid(0, 0) = 0
[pid 5279] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5279] write(3, "1000", 4) = 4
[pid 5279] close(3) = 0
[pid 5279] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5279] memfd_create("syzkaller", 0) = 3
[pid 5279] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5279] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5279] munmap(0x7fa925b50000, 262144) = 0
[pid 5279] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 55.197055][ T5277] loop0: detected capacity change from 0 to 512
[ 55.205121][ T5277] EXT4-fs: Ignoring removed oldalloc option
[ 55.211889][ T5277] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 55.221624][ T5277] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.230258][ T5277] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5279] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5279] close(3) = 0
[pid 5279] mkdir("./file0", 0777) = 0
[pid 5279] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5279] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5279] chdir("./file0") = 0
[pid 5279] ioctl(4, LOOP_CLR_FD) = 0
[pid 5279] close(4) = 0
[pid 5279] exit_group(0) = ?
[pid 5279] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5279, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./101", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./101/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./101/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./101/binderfs") = 0
umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./101/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./101/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./101") = 0
mkdir("./102", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
[ 55.263029][ T5279] loop0: detected capacity change from 0 to 512
[ 55.270961][ T5279] EXT4-fs: Ignoring removed oldalloc option
[ 55.277223][ T5279] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 55.286868][ T5279] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.295695][ T5279] EXT4-fs (loop0): 1 truncate cleaned up
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5281
./strace-static-x86_64: Process 5281 attached
[pid 5281] chdir("./102") = 0
[pid 5281] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5281] setpgid(0, 0) = 0
[pid 5281] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5281] write(3, "1000", 4) = 4
[pid 5281] close(3) = 0
[pid 5281] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5281] memfd_create("syzkaller", 0) = 3
[pid 5281] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5281] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5281] munmap(0x7fa925b50000, 262144) = 0
[pid 5281] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5281] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5281] close(3) = 0
[pid 5281] mkdir("./file0", 0777) = 0
[pid 5281] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5281] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5281] chdir("./file0") = 0
[pid 5281] ioctl(4, LOOP_CLR_FD) = 0
[pid 5281] close(4) = 0
[pid 5281] exit_group(0) = ?
[pid 5281] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5281, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./102", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./102/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./102/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./102/binderfs") = 0
umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./102/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./102/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./102") = 0
mkdir("./103", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5283
./strace-static-x86_64: Process 5283 attached
[pid 5283] chdir("./103") = 0
[pid 5283] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5283] setpgid(0, 0) = 0
[pid 5283] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5283] write(3, "1000", 4) = 4
[pid 5283] close(3) = 0
[pid 5283] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5283] memfd_create("syzkaller", 0) = 3
[pid 5283] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5283] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5283] munmap(0x7fa925b50000, 262144) = 0
[pid 5283] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 55.356871][ T5281] loop0: detected capacity change from 0 to 512
[ 55.364579][ T5281] EXT4-fs: Ignoring removed oldalloc option
[ 55.371501][ T5281] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 55.381044][ T5281] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.389789][ T5281] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5283] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5283] close(3) = 0
[pid 5283] mkdir("./file0", 0777) = 0
[pid 5283] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5283] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5283] chdir("./file0") = 0
[pid 5283] ioctl(4, LOOP_CLR_FD) = 0
[pid 5283] close(4) = 0
[pid 5283] exit_group(0) = ?
[pid 5283] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5283, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./103", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./103/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./103/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./103/binderfs") = 0
umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./103/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./103/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./103") = 0
mkdir("./104", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5285 attached
, child_tidptr=0x555555bf85d0) = 5285
[pid 5285] chdir("./104") = 0
[pid 5285] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5285] setpgid(0, 0) = 0
[pid 5285] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5285] write(3, "1000", 4) = 4
[pid 5285] close(3) = 0
[pid 5285] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5285] memfd_create("syzkaller", 0) = 3
[pid 5285] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[ 55.434883][ T5283] loop0: detected capacity change from 0 to 512
[ 55.443100][ T5283] EXT4-fs: Ignoring removed oldalloc option
[ 55.450733][ T5283] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 55.460232][ T5283] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.468771][ T5283] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5285] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5285] munmap(0x7fa925b50000, 262144) = 0
[pid 5285] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5285] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5285] close(3) = 0
[pid 5285] mkdir("./file0", 0777) = 0
[pid 5285] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5285] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5285] chdir("./file0") = 0
[pid 5285] ioctl(4, LOOP_CLR_FD) = 0
[pid 5285] close(4) = 0
[pid 5285] exit_group(0) = ?
[pid 5285] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5285, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./104", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./104/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./104/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./104/binderfs") = 0
umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[ 55.518214][ T5285] loop0: detected capacity change from 0 to 512
[ 55.526708][ T5285] EXT4-fs: Ignoring removed oldalloc option
[ 55.533243][ T5285] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 55.543433][ T5285] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.552243][ T5285] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./104/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./104/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./104") = 0
mkdir("./105", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5287
./strace-static-x86_64: Process 5287 attached
[pid 5287] chdir("./105") = 0
[pid 5287] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5287] setpgid(0, 0) = 0
[pid 5287] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5287] write(3, "1000", 4) = 4
[pid 5287] close(3) = 0
[pid 5287] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5287] memfd_create("syzkaller", 0) = 3
[pid 5287] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5287] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5287] munmap(0x7fa925b50000, 262144) = 0
[pid 5287] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5287] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5287] close(3) = 0
[pid 5287] mkdir("./file0", 0777) = 0
[pid 5287] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5287] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5287] chdir("./file0") = 0
[pid 5287] ioctl(4, LOOP_CLR_FD) = 0
[pid 5287] close(4) = 0
[pid 5287] exit_group(0) = ?
[pid 5287] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5287, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./105", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./105/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./105/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./105/binderfs") = 0
umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./105/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
[ 55.620416][ T5287] loop0: detected capacity change from 0 to 512
[ 55.627875][ T5287] EXT4-fs: Ignoring removed oldalloc option
[ 55.634398][ T5287] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 55.644424][ T5287] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.652997][ T5287] EXT4-fs (loop0): 1 truncate cleaned up
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./105/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./105") = 0
mkdir("./106", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5289
./strace-static-x86_64: Process 5289 attached
[pid 5289] chdir("./106") = 0
[pid 5289] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5289] setpgid(0, 0) = 0
[pid 5289] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5289] write(3, "1000", 4) = 4
[pid 5289] close(3) = 0
[pid 5289] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5289] memfd_create("syzkaller", 0) = 3
[pid 5289] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5289] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5289] munmap(0x7fa925b50000, 262144) = 0
[pid 5289] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5289] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5289] close(3) = 0
[pid 5289] mkdir("./file0", 0777) = 0
[pid 5289] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5289] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5289] chdir("./file0") = 0
[pid 5289] ioctl(4, LOOP_CLR_FD) = 0
[pid 5289] close(4) = 0
[pid 5289] exit_group(0) = ?
[pid 5289] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5289, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./106", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./106/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./106/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./106/binderfs") = 0
umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./106/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
[ 55.720286][ T5289] loop0: detected capacity change from 0 to 512
[ 55.727912][ T5289] EXT4-fs: Ignoring removed oldalloc option
[ 55.734566][ T5289] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 55.744329][ T5289] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.752870][ T5289] EXT4-fs (loop0): 1 truncate cleaned up
close(4) = 0
rmdir("./106/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./106") = 0
mkdir("./107", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5291
./strace-static-x86_64: Process 5291 attached
[pid 5291] chdir("./107") = 0
[pid 5291] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5291] setpgid(0, 0) = 0
[pid 5291] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5291] write(3, "1000", 4) = 4
[pid 5291] close(3) = 0
[pid 5291] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5291] memfd_create("syzkaller", 0) = 3
[pid 5291] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5291] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5291] munmap(0x7fa925b50000, 262144) = 0
[pid 5291] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5291] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5291] close(3) = 0
[pid 5291] mkdir("./file0", 0777) = 0
[pid 5291] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5291] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5291] chdir("./file0") = 0
[pid 5291] ioctl(4, LOOP_CLR_FD) = 0
[pid 5291] close(4) = 0
[pid 5291] exit_group(0) = ?
[pid 5291] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5291, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./107", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./107/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./107/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./107/binderfs") = 0
umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./107/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./107/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./107") = 0
mkdir("./108", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5293
./strace-static-x86_64: Process 5293 attached
[pid 5293] chdir("./108") = 0
[pid 5293] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5293] setpgid(0, 0) = 0
[pid 5293] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5293] write(3, "1000", 4) = 4
[pid 5293] close(3) = 0
[pid 5293] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5293] memfd_create("syzkaller", 0) = 3
[pid 5293] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[ 55.816286][ T5291] loop0: detected capacity change from 0 to 512
[ 55.825593][ T5291] EXT4-fs: Ignoring removed oldalloc option
[ 55.832256][ T5291] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 55.841975][ T5291] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.851112][ T5291] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5293] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5293] munmap(0x7fa925b50000, 262144) = 0
[pid 5293] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5293] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5293] close(3) = 0
[pid 5293] mkdir("./file0", 0777) = 0
[pid 5293] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5293] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5293] chdir("./file0") = 0
[pid 5293] ioctl(4, LOOP_CLR_FD) = 0
[pid 5293] close(4) = 0
[pid 5293] exit_group(0) = ?
[pid 5293] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5293, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./108", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 55.898886][ T5293] loop0: detected capacity change from 0 to 512
[ 55.901497][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 55.906203][ T5293] EXT4-fs: Ignoring removed oldalloc option
[ 55.921663][ T5293] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 55.931203][ T5293] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.940340][ T5293] EXT4-fs (loop0): 1 truncate cleaned up
openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./108/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./108/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./108/binderfs") = 0
umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./108/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./108/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./108") = 0
mkdir("./109", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5295
./strace-static-x86_64: Process 5295 attached
[pid 5295] chdir("./109") = 0
[pid 5295] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5295] setpgid(0, 0) = 0
[pid 5295] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5295] write(3, "1000", 4) = 4
[pid 5295] close(3) = 0
[pid 5295] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5295] memfd_create("syzkaller", 0) = 3
[pid 5295] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5295] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5295] munmap(0x7fa925b50000, 262144) = 0
[pid 5295] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5295] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5295] close(3) = 0
[pid 5295] mkdir("./file0", 0777) = 0
[pid 5295] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5295] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5295] chdir("./file0") = 0
[pid 5295] ioctl(4, LOOP_CLR_FD) = 0
[pid 5295] close(4) = 0
[pid 5295] exit_group(0) = ?
[pid 5295] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5295, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./109", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./109/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./109/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./109/binderfs") = 0
umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[ 56.006547][ T5295] loop0: detected capacity change from 0 to 512
[ 56.014399][ T5295] EXT4-fs: Ignoring removed oldalloc option
[ 56.021448][ T5295] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 56.031265][ T5295] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.040065][ T5295] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./109/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./109/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./109") = 0
mkdir("./110", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5297 attached
<unfinished ...>
[pid 5297] chdir("./110") = 0
[pid 5297] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5297] setpgid(0, 0) = 0
[pid 5297] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5075] <... clone resumed>, child_tidptr=0x555555bf85d0) = 5297
[pid 5297] write(3, "1000", 4) = 4
[pid 5297] close(3) = 0
[pid 5297] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5297] memfd_create("syzkaller", 0) = 3
[pid 5297] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5297] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5297] munmap(0x7fa925b50000, 262144) = 0
[pid 5297] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5297] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5297] close(3) = 0
[pid 5297] mkdir("./file0", 0777) = 0
[pid 5297] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5297] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5297] chdir("./file0") = 0
[pid 5297] ioctl(4, LOOP_CLR_FD) = 0
[pid 5297] close(4) = 0
[pid 5297] exit_group(0) = ?
[pid 5297] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5297, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./110", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./110/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./110/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./110/binderfs") = 0
umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./110/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./110/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./110") = 0
mkdir("./111", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5299
./strace-static-x86_64: Process 5299 attached
[pid 5299] chdir("./111") = 0
[pid 5299] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5299] setpgid(0, 0) = 0
[pid 5299] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5299] write(3, "1000", 4) = 4
[pid 5299] close(3) = 0
[pid 5299] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5299] memfd_create("syzkaller", 0) = 3
[pid 5299] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5299] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5299] munmap(0x7fa925b50000, 262144) = 0
[pid 5299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 56.105083][ T5297] loop0: detected capacity change from 0 to 512
[ 56.112476][ T5297] EXT4-fs: Ignoring removed oldalloc option
[ 56.119004][ T5297] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 56.128914][ T5297] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.137586][ T5297] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5299] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5299] close(3) = 0
[pid 5299] mkdir("./file0", 0777) = 0
[pid 5299] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5299] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5299] chdir("./file0") = 0
[pid 5299] ioctl(4, LOOP_CLR_FD) = 0
[pid 5299] close(4) = 0
[pid 5299] exit_group(0) = ?
[pid 5299] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5299, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./111", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./111/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./111/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./111/binderfs") = 0
umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./111/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./111/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
[ 56.183032][ T5299] loop0: detected capacity change from 0 to 512
[ 56.190893][ T5299] EXT4-fs: Ignoring removed oldalloc option
[ 56.197304][ T5299] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 56.207557][ T5299] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.216319][ T5299] EXT4-fs (loop0): 1 truncate cleaned up
close(3) = 0
rmdir("./111") = 0
mkdir("./112", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5301
./strace-static-x86_64: Process 5301 attached
[pid 5301] chdir("./112") = 0
[pid 5301] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5301] setpgid(0, 0) = 0
[pid 5301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5301] write(3, "1000", 4) = 4
[pid 5301] close(3) = 0
[pid 5301] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5301] memfd_create("syzkaller", 0) = 3
[pid 5301] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5301] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5301] munmap(0x7fa925b50000, 262144) = 0
[pid 5301] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5301] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5301] close(3) = 0
[pid 5301] mkdir("./file0", 0777) = 0
[pid 5301] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5301] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5301] chdir("./file0") = 0
[pid 5301] ioctl(4, LOOP_CLR_FD) = 0
[pid 5301] close(4) = 0
[pid 5301] exit_group(0) = ?
[pid 5301] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5301, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./112", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./112/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./112/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./112/binderfs") = 0
umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./112/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[ 56.279877][ T5301] loop0: detected capacity change from 0 to 512
[ 56.287983][ T5301] EXT4-fs: Ignoring removed oldalloc option
[ 56.295028][ T5301] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 56.304643][ T5301] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.313576][ T5301] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./112/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./112") = 0
mkdir("./113", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5303 attached
<unfinished ...>
[pid 5303] chdir("./113") = 0
[pid 5303] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid 5075] <... clone resumed>, child_tidptr=0x555555bf85d0) = 5303
[pid 5303] <... prctl resumed>) = 0
[pid 5303] setpgid(0, 0) = 0
[pid 5303] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5303] write(3, "1000", 4) = 4
[pid 5303] close(3) = 0
[pid 5303] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5303] memfd_create("syzkaller", 0) = 3
[pid 5303] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5303] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5303] munmap(0x7fa925b50000, 262144) = 0
[pid 5303] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5303] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5303] close(3) = 0
[pid 5303] mkdir("./file0", 0777) = 0
[pid 5303] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5303] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5303] chdir("./file0") = 0
[pid 5303] ioctl(4, LOOP_CLR_FD) = 0
[pid 5303] close(4) = 0
[pid 5303] exit_group(0) = ?
[pid 5303] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5303, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./113", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./113/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./113/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./113/binderfs") = 0
[ 56.378382][ T5303] loop0: detected capacity change from 0 to 512
[ 56.387418][ T5303] EXT4-fs: Ignoring removed oldalloc option
[ 56.394020][ T5303] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 56.403800][ T5303] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.412538][ T5303] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./113/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./113/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./113") = 0
mkdir("./114", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5305
./strace-static-x86_64: Process 5305 attached
[pid 5305] chdir("./114") = 0
[pid 5305] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5305] setpgid(0, 0) = 0
[pid 5305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5305] write(3, "1000", 4) = 4
[pid 5305] close(3) = 0
[pid 5305] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5305] memfd_create("syzkaller", 0) = 3
[pid 5305] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5305] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5305] munmap(0x7fa925b50000, 262144) = 0
[pid 5305] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5305] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5305] close(3) = 0
[pid 5305] mkdir("./file0", 0777) = 0
[pid 5305] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5305] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5305] chdir("./file0") = 0
[pid 5305] ioctl(4, LOOP_CLR_FD) = 0
[pid 5305] close(4) = 0
[pid 5305] exit_group(0) = ?
[pid 5305] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5305, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./114", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./114/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./114/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[ 56.482624][ T5305] loop0: detected capacity change from 0 to 512
[ 56.501443][ T5305] EXT4-fs: Ignoring removed oldalloc option
[ 56.507970][ T5305] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 56.517673][ T5305] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.526254][ T5305] EXT4-fs (loop0): 1 truncate cleaned up
unlink("./114/binderfs") = 0
umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./114/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./114/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./114") = 0
mkdir("./115", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5307
./strace-static-x86_64: Process 5307 attached
[pid 5307] chdir("./115") = 0
[pid 5307] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5307] setpgid(0, 0) = 0
[pid 5307] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5307] write(3, "1000", 4) = 4
[pid 5307] close(3) = 0
[pid 5307] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5307] memfd_create("syzkaller", 0) = 3
[pid 5307] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5307] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5307] munmap(0x7fa925b50000, 262144) = 0
[pid 5307] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5307] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5307] close(3) = 0
[pid 5307] mkdir("./file0", 0777) = 0
[pid 5307] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5307] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5307] chdir("./file0") = 0
[pid 5307] ioctl(4, LOOP_CLR_FD) = 0
[pid 5307] close(4) = 0
[pid 5307] exit_group(0) = ?
[pid 5307] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5307, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./115", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./115/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./115/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./115/binderfs") = 0
umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[ 56.587635][ T5307] loop0: detected capacity change from 0 to 512
[ 56.595537][ T5307] EXT4-fs: Ignoring removed oldalloc option
[ 56.602348][ T5307] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 56.611929][ T5307] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.620640][ T5307] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./115/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./115/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./115") = 0
mkdir("./116", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5309 attached
<unfinished ...>
[pid 5309] chdir("./116") = 0
[pid 5309] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5309] setpgid(0, 0) = 0
[pid 5075] <... clone resumed>, child_tidptr=0x555555bf85d0) = 5309
[pid 5309] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5309] write(3, "1000", 4) = 4
[pid 5309] close(3) = 0
[pid 5309] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5309] memfd_create("syzkaller", 0) = 3
[pid 5309] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5309] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5309] munmap(0x7fa925b50000, 262144) = 0
[pid 5309] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5309] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5309] close(3) = 0
[pid 5309] mkdir("./file0", 0777) = 0
[pid 5309] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5309] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5309] chdir("./file0") = 0
[pid 5309] ioctl(4, LOOP_CLR_FD) = 0
[pid 5309] close(4) = 0
[pid 5309] exit_group(0) = ?
[pid 5309] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5309, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./116", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./116/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./116/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./116/binderfs") = 0
[ 56.694451][ T5309] loop0: detected capacity change from 0 to 512
[ 56.705038][ T5309] EXT4-fs: Ignoring removed oldalloc option
[ 56.712164][ T5309] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 56.721772][ T5309] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.732094][ T5309] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./116/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./116/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./116") = 0
mkdir("./117", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5311
./strace-static-x86_64: Process 5311 attached
[pid 5311] chdir("./117") = 0
[pid 5311] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5311] setpgid(0, 0) = 0
[pid 5311] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5311] write(3, "1000", 4) = 4
[pid 5311] close(3) = 0
[pid 5311] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5311] memfd_create("syzkaller", 0) = 3
[pid 5311] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5311] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5311] munmap(0x7fa925b50000, 262144) = 0
[pid 5311] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5311] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5311] close(3) = 0
[pid 5311] mkdir("./file0", 0777) = 0
[pid 5311] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5311] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5311] chdir("./file0") = 0
[pid 5311] ioctl(4, LOOP_CLR_FD) = 0
[pid 5311] close(4) = 0
[pid 5311] exit_group(0) = ?
[pid 5311] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5311, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./117", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./117/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./117/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./117/binderfs") = 0
umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./117/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[ 56.798830][ T5311] loop0: detected capacity change from 0 to 512
[ 56.807682][ T5311] EXT4-fs: Ignoring removed oldalloc option
[ 56.814390][ T5311] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 56.824314][ T5311] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.832931][ T5311] EXT4-fs (loop0): 1 truncate cleaned up
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./117/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./117") = 0
mkdir("./118", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5313 attached
, child_tidptr=0x555555bf85d0) = 5313
[pid 5313] chdir("./118") = 0
[pid 5313] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5313] setpgid(0, 0) = 0
[pid 5313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5313] write(3, "1000", 4) = 4
[pid 5313] close(3) = 0
[pid 5313] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5313] memfd_create("syzkaller", 0) = 3
[pid 5313] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5313] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5313] munmap(0x7fa925b50000, 262144) = 0
[pid 5313] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5313] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5313] close(3) = 0
[pid 5313] mkdir("./file0", 0777) = 0
[pid 5313] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5313] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5313] chdir("./file0") = 0
[pid 5313] ioctl(4, LOOP_CLR_FD) = 0
[pid 5313] close(4) = 0
[pid 5313] exit_group(0) = ?
[pid 5313] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5313, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./118", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./118/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./118/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./118/binderfs") = 0
umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./118/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./118/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
[ 56.900487][ T5313] loop0: detected capacity change from 0 to 512
[ 56.907994][ T5313] EXT4-fs: Ignoring removed oldalloc option
[ 56.915446][ T5313] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 56.925192][ T5313] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.934032][ T5313] EXT4-fs (loop0): 1 truncate cleaned up
close(3) = 0
rmdir("./118") = 0
mkdir("./119", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5315
./strace-static-x86_64: Process 5315 attached
[pid 5315] chdir("./119") = 0
[pid 5315] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5315] setpgid(0, 0) = 0
[pid 5315] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5315] write(3, "1000", 4) = 4
[pid 5315] close(3) = 0
[pid 5315] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5315] memfd_create("syzkaller", 0) = 3
[pid 5315] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5315] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5315] munmap(0x7fa925b50000, 262144) = 0
[pid 5315] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5315] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5315] close(3) = 0
[pid 5315] mkdir("./file0", 0777) = 0
[pid 5315] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5315] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5315] chdir("./file0") = 0
[pid 5315] ioctl(4, LOOP_CLR_FD) = 0
[pid 5315] close(4) = 0
[pid 5315] exit_group(0) = ?
[pid 5315] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5315, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./119", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./119/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./119/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./119/binderfs") = 0
umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./119/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./119/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./119/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./119") = 0
mkdir("./120", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5317
./strace-static-x86_64: Process 5317 attached
[pid 5317] chdir("./120") = 0
[pid 5317] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5317] setpgid(0, 0) = 0
[pid 5317] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5317] write(3, "1000", 4) = 4
[pid 5317] close(3) = 0
[pid 5317] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5317] memfd_create("syzkaller", 0) = 3
[pid 5317] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5317] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5317] munmap(0x7fa925b50000, 262144) = 0
[pid 5317] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 56.994285][ T5315] loop0: detected capacity change from 0 to 512
[ 57.002973][ T5315] EXT4-fs: Ignoring removed oldalloc option
[ 57.009708][ T5315] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.019700][ T5315] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.028329][ T5315] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5317] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5317] close(3) = 0
[pid 5317] mkdir("./file0", 0777) = 0
[pid 5317] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5317] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5317] chdir("./file0") = 0
[pid 5317] ioctl(4, LOOP_CLR_FD) = 0
[pid 5317] close(4) = 0
[pid 5317] exit_group(0) = ?
[pid 5317] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5317, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./120", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./120/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./120/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./120/binderfs") = 0
umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./120/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./120/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./120/file0") = 0
[ 57.062265][ T5317] loop0: detected capacity change from 0 to 512
[ 57.070631][ T5317] EXT4-fs: Ignoring removed oldalloc option
[ 57.077311][ T5317] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.087092][ T5317] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.096157][ T5317] EXT4-fs (loop0): 1 truncate cleaned up
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./120") = 0
mkdir("./121", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5319 attached
, child_tidptr=0x555555bf85d0) = 5319
[pid 5319] chdir("./121") = 0
[pid 5319] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5319] setpgid(0, 0) = 0
[pid 5319] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5319] write(3, "1000", 4) = 4
[pid 5319] close(3) = 0
[pid 5319] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5319] memfd_create("syzkaller", 0) = 3
[pid 5319] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5319] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5319] munmap(0x7fa925b50000, 262144) = 0
[pid 5319] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5319] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5319] close(3) = 0
[pid 5319] mkdir("./file0", 0777) = 0
[pid 5319] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5319] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5319] chdir("./file0") = 0
[pid 5319] ioctl(4, LOOP_CLR_FD) = 0
[pid 5319] close(4) = 0
[pid 5319] exit_group(0) = ?
[pid 5319] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5319, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./121", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./121/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./121/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./121/binderfs") = 0
umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[ 57.158297][ T5319] loop0: detected capacity change from 0 to 512
[ 57.166792][ T5319] EXT4-fs: Ignoring removed oldalloc option
[ 57.173326][ T5319] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.182995][ T5319] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.191703][ T5319] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./121/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./121/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./121/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./121") = 0
mkdir("./122", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5321
./strace-static-x86_64: Process 5321 attached
[pid 5321] chdir("./122") = 0
[pid 5321] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5321] setpgid(0, 0) = 0
[pid 5321] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5321] write(3, "1000", 4) = 4
[pid 5321] close(3) = 0
[pid 5321] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5321] memfd_create("syzkaller", 0) = 3
[pid 5321] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5321] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5321] munmap(0x7fa925b50000, 262144) = 0
[pid 5321] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5321] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5321] close(3) = 0
[pid 5321] mkdir("./file0", 0777) = 0
[pid 5321] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5321] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5321] chdir("./file0") = 0
[pid 5321] ioctl(4, LOOP_CLR_FD) = 0
[pid 5321] close(4) = 0
[pid 5321] exit_group(0) = ?
[pid 5321] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5321, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./122", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./122/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./122/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./122/binderfs") = 0
umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./122/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./122/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./122/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
[ 57.259005][ T5321] loop0: detected capacity change from 0 to 512
[ 57.267283][ T5321] EXT4-fs: Ignoring removed oldalloc option
[ 57.273864][ T5321] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.283511][ T5321] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.292389][ T5321] EXT4-fs (loop0): 1 truncate cleaned up
rmdir("./122") = 0
mkdir("./123", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5323
./strace-static-x86_64: Process 5323 attached
[pid 5323] chdir("./123") = 0
[pid 5323] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5323] setpgid(0, 0) = 0
[pid 5323] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5323] write(3, "1000", 4) = 4
[pid 5323] close(3) = 0
[pid 5323] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5323] memfd_create("syzkaller", 0) = 3
[pid 5323] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5323] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5323] munmap(0x7fa925b50000, 262144) = 0
[pid 5323] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5323] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5323] close(3) = 0
[pid 5323] mkdir("./file0", 0777) = 0
[pid 5323] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5323] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5323] chdir("./file0") = 0
[pid 5323] ioctl(4, LOOP_CLR_FD) = 0
[pid 5323] close(4) = 0
[pid 5323] exit_group(0) = ?
[pid 5323] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5323, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./123", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./123/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./123/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./123/binderfs") = 0
umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./123/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./123/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./123/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
[ 57.349983][ T5323] loop0: detected capacity change from 0 to 512
[ 57.358173][ T5323] EXT4-fs: Ignoring removed oldalloc option
[ 57.364672][ T5323] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.375011][ T5323] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.383841][ T5323] EXT4-fs (loop0): 1 truncate cleaned up
rmdir("./123") = 0
mkdir("./124", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5325 attached
, child_tidptr=0x555555bf85d0) = 5325
[pid 5325] chdir("./124") = 0
[pid 5325] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5325] setpgid(0, 0) = 0
[pid 5325] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5325] write(3, "1000", 4) = 4
[pid 5325] close(3) = 0
[pid 5325] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5325] memfd_create("syzkaller", 0) = 3
[pid 5325] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5325] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5325] munmap(0x7fa925b50000, 262144) = 0
[pid 5325] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5325] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5325] close(3) = 0
[pid 5325] mkdir("./file0", 0777) = 0
[pid 5325] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5325] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5325] chdir("./file0") = 0
[pid 5325] ioctl(4, LOOP_CLR_FD) = 0
[pid 5325] close(4) = 0
[pid 5325] exit_group(0) = ?
[pid 5325] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5325, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./124", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./124/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./124/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./124/binderfs") = 0
[ 57.455531][ T5325] loop0: detected capacity change from 0 to 512
[ 57.463800][ T5325] EXT4-fs: Ignoring removed oldalloc option
[ 57.470328][ T5325] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.479947][ T5325] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.488482][ T5325] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./124/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./124/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./124/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./124") = 0
mkdir("./125", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5327
./strace-static-x86_64: Process 5327 attached
[pid 5327] chdir("./125") = 0
[pid 5327] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5327] setpgid(0, 0) = 0
[pid 5327] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5327] write(3, "1000", 4) = 4
[pid 5327] close(3) = 0
[pid 5327] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5327] memfd_create("syzkaller", 0) = 3
[pid 5327] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5327] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5327] munmap(0x7fa925b50000, 262144) = 0
[pid 5327] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5327] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5327] close(3) = 0
[pid 5327] mkdir("./file0", 0777) = 0
[pid 5327] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5327] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5327] chdir("./file0") = 0
[pid 5327] ioctl(4, LOOP_CLR_FD) = 0
[pid 5327] close(4) = 0
[pid 5327] exit_group(0) = ?
[pid 5327] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5327, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./125", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./125/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./125/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./125/binderfs") = 0
[ 57.554111][ T5327] loop0: detected capacity change from 0 to 512
[ 57.562853][ T5327] EXT4-fs: Ignoring removed oldalloc option
[ 57.569913][ T5327] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.579568][ T5327] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.588188][ T5327] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./125/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./125/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./125/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./125") = 0
mkdir("./126", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5329
./strace-static-x86_64: Process 5329 attached
[pid 5329] chdir("./126") = 0
[pid 5329] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5329] setpgid(0, 0) = 0
[pid 5329] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5329] write(3, "1000", 4) = 4
[pid 5329] close(3) = 0
[pid 5329] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5329] memfd_create("syzkaller", 0) = 3
[pid 5329] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5329] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5329] munmap(0x7fa925b50000, 262144) = 0
[pid 5329] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5329] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5329] close(3) = 0
[pid 5329] mkdir("./file0", 0777) = 0
[pid 5329] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5329] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5329] chdir("./file0") = 0
[pid 5329] ioctl(4, LOOP_CLR_FD) = 0
[pid 5329] close(4) = 0
[pid 5329] exit_group(0) = ?
[pid 5329] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5329, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./126", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./126/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./126/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./126/binderfs") = 0
umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 57.658984][ T5329] loop0: detected capacity change from 0 to 512
[ 57.667138][ T5329] EXT4-fs: Ignoring removed oldalloc option
[ 57.674170][ T5329] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.683917][ T5329] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.692858][ T5329] EXT4-fs (loop0): 1 truncate cleaned up
lstat("./126/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./126/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./126/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./126") = 0
mkdir("./127", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5331
./strace-static-x86_64: Process 5331 attached
[pid 5331] chdir("./127") = 0
[pid 5331] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5331] setpgid(0, 0) = 0
[pid 5331] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5331] write(3, "1000", 4) = 4
[pid 5331] close(3) = 0
[pid 5331] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5331] memfd_create("syzkaller", 0) = 3
[pid 5331] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5331] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5331] munmap(0x7fa925b50000, 262144) = 0
[pid 5331] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5331] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5331] close(3) = 0
[pid 5331] mkdir("./file0", 0777) = 0
[pid 5331] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5331] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5331] chdir("./file0") = 0
[pid 5331] ioctl(4, LOOP_CLR_FD) = 0
[pid 5331] close(4) = 0
[pid 5331] exit_group(0) = ?
[pid 5331] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5331, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./127", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./127/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./127/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./127/binderfs") = 0
umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 57.758510][ T5331] loop0: detected capacity change from 0 to 512
[ 57.766436][ T5331] EXT4-fs: Ignoring removed oldalloc option
[ 57.772901][ T5331] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.783070][ T5331] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.791597][ T5331] EXT4-fs (loop0): 1 truncate cleaned up
lstat("./127/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./127/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./127/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./127") = 0
mkdir("./128", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5333 attached
, child_tidptr=0x555555bf85d0) = 5333
[pid 5333] chdir("./128") = 0
[pid 5333] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5333] setpgid(0, 0) = 0
[pid 5333] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5333] write(3, "1000", 4) = 4
[pid 5333] close(3) = 0
[pid 5333] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5333] memfd_create("syzkaller", 0) = 3
[pid 5333] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5333] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5333] munmap(0x7fa925b50000, 262144) = 0
[pid 5333] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5333] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5333] close(3) = 0
[pid 5333] mkdir("./file0", 0777) = 0
[pid 5333] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5333] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5333] chdir("./file0") = 0
[pid 5333] ioctl(4, LOOP_CLR_FD) = 0
[pid 5333] close(4) = 0
[pid 5333] exit_group(0) = ?
[pid 5333] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5333, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./128", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./128/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./128/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./128/binderfs") = 0
umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 57.859439][ T5333] loop0: detected capacity change from 0 to 512
[ 57.867419][ T5333] EXT4-fs: Ignoring removed oldalloc option
[ 57.873835][ T5333] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.883638][ T5333] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.892534][ T5333] EXT4-fs (loop0): 1 truncate cleaned up
lstat("./128/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./128/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./128/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./128") = 0
mkdir("./129", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5335
./strace-static-x86_64: Process 5335 attached
[pid 5335] chdir("./129") = 0
[pid 5335] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5335] setpgid(0, 0) = 0
[pid 5335] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5335] write(3, "1000", 4) = 4
[pid 5335] close(3) = 0
[pid 5335] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5335] memfd_create("syzkaller", 0) = 3
[pid 5335] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5335] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5335] munmap(0x7fa925b50000, 262144) = 0
[pid 5335] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5335] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5335] close(3) = 0
[pid 5335] mkdir("./file0", 0777) = 0
[pid 5335] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5335] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5335] chdir("./file0") = 0
[pid 5335] ioctl(4, LOOP_CLR_FD) = 0
[pid 5335] close(4) = 0
[pid 5335] exit_group(0) = ?
[pid 5335] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5335, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./129", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./129/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./129/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./129/binderfs") = 0
umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./129/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./129/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
[ 57.961590][ T5335] loop0: detected capacity change from 0 to 512
[ 57.970311][ T5335] EXT4-fs: Ignoring removed oldalloc option
[ 57.976764][ T5335] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.986436][ T5335] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.995279][ T5335] EXT4-fs (loop0): 1 truncate cleaned up
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./129/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./129") = 0
mkdir("./130", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5337
./strace-static-x86_64: Process 5337 attached
[pid 5337] chdir("./130") = 0
[pid 5337] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5337] setpgid(0, 0) = 0
[pid 5337] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5337] write(3, "1000", 4) = 4
[pid 5337] close(3) = 0
[pid 5337] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5337] memfd_create("syzkaller", 0) = 3
[pid 5337] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5337] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5337] munmap(0x7fa925b50000, 262144) = 0
[pid 5337] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5337] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5337] close(3) = 0
[pid 5337] mkdir("./file0", 0777) = 0
[pid 5337] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5337] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5337] chdir("./file0") = 0
[pid 5337] ioctl(4, LOOP_CLR_FD) = 0
[pid 5337] close(4) = 0
[pid 5337] exit_group(0) = ?
[pid 5337] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5337, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./130", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./130/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./130/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./130/binderfs") = 0
umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./130/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 58.057090][ T5337] loop0: detected capacity change from 0 to 512
[ 58.065037][ T5337] EXT4-fs: Ignoring removed oldalloc option
[ 58.072683][ T5337] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 58.083076][ T5337] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.091654][ T5337] EXT4-fs (loop0): 1 truncate cleaned up
openat(AT_FDCWD, "./130/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./130/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./130") = 0
mkdir("./131", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5339 attached
<unfinished ...>
[pid 5339] chdir("./131") = 0
[pid 5339] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5339] setpgid(0, 0) = 0
[pid 5339] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5339] write(3, "1000", 4) = 4
[pid 5339] close(3) = 0
[pid 5339] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5339] memfd_create("syzkaller", 0) = 3
[pid 5339] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5075] <... clone resumed>, child_tidptr=0x555555bf85d0) = 5339
[pid 5339] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5339] munmap(0x7fa925b50000, 262144) = 0
[pid 5339] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5339] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5339] close(3) = 0
[pid 5339] mkdir("./file0", 0777) = 0
[pid 5339] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5339] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5339] chdir("./file0") = 0
[pid 5339] ioctl(4, LOOP_CLR_FD) = 0
[pid 5339] close(4) = 0
[pid 5339] exit_group(0) = ?
[pid 5339] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5339, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./131", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./131/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./131/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./131/binderfs") = 0
[ 58.153846][ T5339] loop0: detected capacity change from 0 to 512
[ 58.162390][ T5339] EXT4-fs: Ignoring removed oldalloc option
[ 58.168778][ T5339] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 58.178814][ T5339] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.187840][ T5339] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./131/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./131/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./131/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./131") = 0
mkdir("./132", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5341
./strace-static-x86_64: Process 5341 attached
[pid 5341] chdir("./132") = 0
[pid 5341] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5341] setpgid(0, 0) = 0
[pid 5341] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5341] write(3, "1000", 4) = 4
[pid 5341] close(3) = 0
[pid 5341] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5341] memfd_create("syzkaller", 0) = 3
[pid 5341] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5341] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5341] munmap(0x7fa925b50000, 262144) = 0
[pid 5341] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5341] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5341] close(3) = 0
[pid 5341] mkdir("./file0", 0777) = 0
[pid 5341] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5341] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5341] chdir("./file0") = 0
[pid 5341] ioctl(4, LOOP_CLR_FD) = 0
[pid 5341] close(4) = 0
[pid 5341] exit_group(0) = ?
[pid 5341] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5341, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./132", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./132/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./132/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./132/binderfs") = 0
[ 58.264569][ T5341] loop0: detected capacity change from 0 to 512
[ 58.272773][ T5341] EXT4-fs: Ignoring removed oldalloc option
[ 58.279097][ T5341] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 58.288747][ T5341] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.297525][ T5341] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./132/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./132/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./132/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./132") = 0
mkdir("./133", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5343
./strace-static-x86_64: Process 5343 attached
[pid 5343] chdir("./133") = 0
[pid 5343] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5343] setpgid(0, 0) = 0
[pid 5343] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5343] write(3, "1000", 4) = 4
[pid 5343] close(3) = 0
[pid 5343] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5343] memfd_create("syzkaller", 0) = 3
[pid 5343] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5343] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5343] munmap(0x7fa925b50000, 262144) = 0
[pid 5343] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5343] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5343] close(3) = 0
[pid 5343] mkdir("./file0", 0777) = 0
[pid 5343] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5343] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5343] chdir("./file0") = 0
[pid 5343] ioctl(4, LOOP_CLR_FD) = 0
[pid 5343] close(4) = 0
[pid 5343] exit_group(0) = ?
[pid 5343] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5343, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./133", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./133/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./133/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./133/binderfs") = 0
umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./133/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./133/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
[ 58.362102][ T5343] loop0: detected capacity change from 0 to 512
[ 58.370371][ T5343] EXT4-fs: Ignoring removed oldalloc option
[ 58.376838][ T5343] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 58.386514][ T5343] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.396042][ T5343] EXT4-fs (loop0): 1 truncate cleaned up
close(4) = 0
rmdir("./133/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./133") = 0
mkdir("./134", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5345
./strace-static-x86_64: Process 5345 attached
[pid 5345] chdir("./134") = 0
[pid 5345] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5345] setpgid(0, 0) = 0
[pid 5345] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5345] write(3, "1000", 4) = 4
[pid 5345] close(3) = 0
[pid 5345] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5345] memfd_create("syzkaller", 0) = 3
[pid 5345] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5345] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5345] munmap(0x7fa925b50000, 262144) = 0
[pid 5345] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5345] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5345] close(3) = 0
[pid 5345] mkdir("./file0", 0777) = 0
[pid 5345] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5345] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5345] chdir("./file0") = 0
[pid 5345] ioctl(4, LOOP_CLR_FD) = 0
[pid 5345] close(4) = 0
[pid 5345] exit_group(0) = ?
[pid 5345] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5345, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./134", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./134/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./134/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./134/binderfs") = 0
umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 58.459505][ T5345] loop0: detected capacity change from 0 to 512
[ 58.467309][ T5345] EXT4-fs: Ignoring removed oldalloc option
[ 58.474163][ T5345] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 58.483723][ T5345] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.492492][ T5345] EXT4-fs (loop0): 1 truncate cleaned up
lstat("./134/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./134/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./134/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./134") = 0
mkdir("./135", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5347 attached
, child_tidptr=0x555555bf85d0) = 5347
[pid 5347] chdir("./135") = 0
[pid 5347] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5347] setpgid(0, 0) = 0
[pid 5347] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5347] write(3, "1000", 4) = 4
[pid 5347] close(3) = 0
[pid 5347] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5347] memfd_create("syzkaller", 0) = 3
[pid 5347] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5347] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5347] munmap(0x7fa925b50000, 262144) = 0
[pid 5347] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5347] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5347] close(3) = 0
[pid 5347] mkdir("./file0", 0777) = 0
[pid 5347] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5347] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5347] chdir("./file0") = 0
[pid 5347] ioctl(4, LOOP_CLR_FD) = 0
[pid 5347] close(4) = 0
[pid 5347] exit_group(0) = ?
[pid 5347] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5347, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./135", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./135/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./135/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./135/binderfs") = 0
umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./135/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./135/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
[ 58.561240][ T5347] loop0: detected capacity change from 0 to 512
[ 58.568589][ T5347] EXT4-fs: Ignoring removed oldalloc option
[ 58.575358][ T5347] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 58.585357][ T5347] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.594179][ T5347] EXT4-fs (loop0): 1 truncate cleaned up
close(4) = 0
rmdir("./135/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./135") = 0
mkdir("./136", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5349
./strace-static-x86_64: Process 5349 attached
[pid 5349] chdir("./136") = 0
[pid 5349] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5349] setpgid(0, 0) = 0
[pid 5349] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5349] write(3, "1000", 4) = 4
[pid 5349] close(3) = 0
[pid 5349] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5349] memfd_create("syzkaller", 0) = 3
[pid 5349] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5349] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5349] munmap(0x7fa925b50000, 262144) = 0
[pid 5349] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5349] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5349] close(3) = 0
[pid 5349] mkdir("./file0", 0777) = 0
[pid 5349] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5349] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5349] chdir("./file0") = 0
[pid 5349] ioctl(4, LOOP_CLR_FD) = 0
[pid 5349] close(4) = 0
[pid 5349] exit_group(0) = ?
[pid 5349] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5349, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./136", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./136/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./136/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./136/binderfs") = 0
umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[ 58.658652][ T5349] loop0: detected capacity change from 0 to 512
[ 58.667444][ T5349] EXT4-fs: Ignoring removed oldalloc option
[ 58.673951][ T5349] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 58.684867][ T5349] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.693653][ T5349] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./136/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./136/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./136/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./136") = 0
mkdir("./137", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5351
./strace-static-x86_64: Process 5351 attached
[pid 5351] chdir("./137") = 0
[pid 5351] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5351] setpgid(0, 0) = 0
[pid 5351] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5351] write(3, "1000", 4) = 4
[pid 5351] close(3) = 0
[pid 5351] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5351] memfd_create("syzkaller", 0) = 3
[pid 5351] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5351] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5351] munmap(0x7fa925b50000, 262144) = 0
[pid 5351] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5351] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5351] close(3) = 0
[pid 5351] mkdir("./file0", 0777) = 0
[pid 5351] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5351] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5351] chdir("./file0") = 0
[pid 5351] ioctl(4, LOOP_CLR_FD) = 0
[pid 5351] close(4) = 0
[pid 5351] exit_group(0) = ?
[pid 5351] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5351, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./137", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./137/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./137/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./137/binderfs") = 0
umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./137/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./137/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[ 58.759882][ T5351] loop0: detected capacity change from 0 to 512
[ 58.767749][ T5351] EXT4-fs: Ignoring removed oldalloc option
[ 58.774176][ T5351] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 58.784432][ T5351] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.793009][ T5351] EXT4-fs (loop0): 1 truncate cleaned up
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./137/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./137") = 0
mkdir("./138", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5353
./strace-static-x86_64: Process 5353 attached
[pid 5353] chdir("./138") = 0
[pid 5353] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5353] setpgid(0, 0) = 0
[pid 5353] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5353] write(3, "1000", 4) = 4
[pid 5353] close(3) = 0
[pid 5353] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5353] memfd_create("syzkaller", 0) = 3
[pid 5353] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5353] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5353] munmap(0x7fa925b50000, 262144) = 0
[pid 5353] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5353] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5353] close(3) = 0
[pid 5353] mkdir("./file0", 0777) = 0
[pid 5353] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5353] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5353] chdir("./file0") = 0
[pid 5353] ioctl(4, LOOP_CLR_FD) = 0
[pid 5353] close(4) = 0
[pid 5353] exit_group(0) = ?
[pid 5353] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5353, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./138", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./138/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./138/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./138/binderfs") = 0
umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./138/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./138/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
[ 58.858880][ T5353] loop0: detected capacity change from 0 to 512
[ 58.867275][ T5353] EXT4-fs: Ignoring removed oldalloc option
[ 58.873769][ T5353] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 58.883794][ T5353] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.893072][ T5353] EXT4-fs (loop0): 1 truncate cleaned up
close(4) = 0
rmdir("./138/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./138") = 0
mkdir("./139", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5355
./strace-static-x86_64: Process 5355 attached
[pid 5355] chdir("./139") = 0
[pid 5355] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5355] setpgid(0, 0) = 0
[pid 5355] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5355] write(3, "1000", 4) = 4
[pid 5355] close(3) = 0
[pid 5355] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5355] memfd_create("syzkaller", 0) = 3
[pid 5355] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5355] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5355] munmap(0x7fa925b50000, 262144) = 0
[pid 5355] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5355] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5355] close(3) = 0
[pid 5355] mkdir("./file0", 0777) = 0
[pid 5355] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5355] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5355] chdir("./file0") = 0
[pid 5355] ioctl(4, LOOP_CLR_FD) = 0
[pid 5355] close(4) = 0
[pid 5355] exit_group(0) = ?
[pid 5355] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5355, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./139", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./139", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./139/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./139/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./139/binderfs") = 0
umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./139/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./139/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./139/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./139") = 0
mkdir("./140", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5357
./strace-static-x86_64: Process 5357 attached
[pid 5357] chdir("./140") = 0
[pid 5357] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5357] setpgid(0, 0) = 0
[pid 5357] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5357] write(3, "1000", 4) = 4
[pid 5357] close(3) = 0
[pid 5357] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5357] memfd_create("syzkaller", 0) = 3
[pid 5357] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5357] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5357] munmap(0x7fa925b50000, 262144) = 0
[pid 5357] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 58.955764][ T5355] loop0: detected capacity change from 0 to 512
[ 58.964429][ T5355] EXT4-fs: Ignoring removed oldalloc option
[ 58.971146][ T5355] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 58.980708][ T5355] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.989667][ T5355] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5357] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5357] close(3) = 0
[pid 5357] mkdir("./file0", 0777) = 0
[pid 5357] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5357] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5357] chdir("./file0") = 0
[pid 5357] ioctl(4, LOOP_CLR_FD) = 0
[pid 5357] close(4) = 0
[pid 5357] exit_group(0) = ?
[pid 5357] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5357, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
umount2("./140", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./140", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./140/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./140/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./140/binderfs") = 0
[ 59.022994][ T5357] loop0: detected capacity change from 0 to 512
[ 59.024251][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 59.030242][ T5357] EXT4-fs: Ignoring removed oldalloc option
[ 59.045459][ T5357] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 59.054960][ T5357] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.063652][ T5357] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./140/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./140/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./140/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./140") = 0
mkdir("./141", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5359
./strace-static-x86_64: Process 5359 attached
[pid 5359] chdir("./141") = 0
[pid 5359] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5359] setpgid(0, 0) = 0
[pid 5359] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5359] write(3, "1000", 4) = 4
[pid 5359] close(3) = 0
[pid 5359] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5359] memfd_create("syzkaller", 0) = 3
[pid 5359] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5359] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5359] munmap(0x7fa925b50000, 262144) = 0
[pid 5359] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5359] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5359] close(3) = 0
[pid 5359] mkdir("./file0", 0777) = 0
[pid 5359] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5359] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5359] chdir("./file0") = 0
[pid 5359] ioctl(4, LOOP_CLR_FD) = 0
[pid 5359] close(4) = 0
[pid 5359] exit_group(0) = ?
[pid 5359] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5359, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./141", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./141", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./141/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./141/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./141/binderfs") = 0
umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./141/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./141/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./141/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./141") = 0
mkdir("./142", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5361
./strace-static-x86_64: Process 5361 attached
[pid 5361] chdir("./142") = 0
[pid 5361] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5361] setpgid(0, 0) = 0
[ 59.126845][ T5359] loop0: detected capacity change from 0 to 512
[ 59.135211][ T5359] EXT4-fs: Ignoring removed oldalloc option
[ 59.141753][ T5359] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 59.151447][ T5359] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.160262][ T5359] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5361] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5361] write(3, "1000", 4) = 4
[pid 5361] close(3) = 0
[pid 5361] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5361] memfd_create("syzkaller", 0) = 3
[pid 5361] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5361] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5361] munmap(0x7fa925b50000, 262144) = 0
[pid 5361] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5361] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5361] close(3) = 0
[pid 5361] mkdir("./file0", 0777) = 0
[pid 5361] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5361] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5361] chdir("./file0") = 0
[pid 5361] ioctl(4, LOOP_CLR_FD) = 0
[pid 5361] close(4) = 0
[pid 5361] exit_group(0) = ?
[pid 5361] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5361, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
umount2("./142", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./142", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./142/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./142/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./142/binderfs") = 0
umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[ 59.212530][ T5361] loop0: detected capacity change from 0 to 512
[ 59.215364][ T5076] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 59.220006][ T5361] EXT4-fs: Ignoring removed oldalloc option
[ 59.235005][ T5361] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 59.244958][ T5361] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.253843][ T5361] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./142/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./142/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./142/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./142") = 0
mkdir("./143", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5363
./strace-static-x86_64: Process 5363 attached
[pid 5363] chdir("./143") = 0
[pid 5363] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5363] setpgid(0, 0) = 0
[pid 5363] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5363] write(3, "1000", 4) = 4
[pid 5363] close(3) = 0
[pid 5363] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5363] memfd_create("syzkaller", 0) = 3
[pid 5363] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5363] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5363] munmap(0x7fa925b50000, 262144) = 0
[pid 5363] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5363] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5363] close(3) = 0
[pid 5363] mkdir("./file0", 0777) = 0
[pid 5363] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5363] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5363] chdir("./file0") = 0
[pid 5363] ioctl(4, LOOP_CLR_FD) = 0
[pid 5363] close(4) = 0
[pid 5363] exit_group(0) = ?
[pid 5363] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5363, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./143", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./143", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./143/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./143/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./143/binderfs") = 0
umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./143/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./143/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./143/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
[ 59.315181][ T5363] loop0: detected capacity change from 0 to 512
[ 59.323607][ T5363] EXT4-fs: Ignoring removed oldalloc option
[ 59.330427][ T5363] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 59.340720][ T5363] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.349695][ T5363] EXT4-fs (loop0): 1 truncate cleaned up
close(3) = 0
rmdir("./143") = 0
mkdir("./144", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5365 attached
, child_tidptr=0x555555bf85d0) = 5365
[pid 5365] chdir("./144") = 0
[pid 5365] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5365] setpgid(0, 0) = 0
[pid 5365] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5365] write(3, "1000", 4) = 4
[pid 5365] close(3) = 0
[pid 5365] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5365] memfd_create("syzkaller", 0) = 3
[pid 5365] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5365] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5365] munmap(0x7fa925b50000, 262144) = 0
[pid 5365] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5365] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5365] close(3) = 0
[pid 5365] mkdir("./file0", 0777) = 0
[pid 5365] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5365] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5365] chdir("./file0") = 0
[pid 5365] ioctl(4, LOOP_CLR_FD) = 0
[pid 5365] close(4) = 0
[pid 5365] exit_group(0) = ?
[pid 5365] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5365, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./144", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./144", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./144/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./144/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./144/binderfs") = 0
umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./144/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./144/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
[ 59.413193][ T5365] loop0: detected capacity change from 0 to 512
[ 59.421580][ T5365] EXT4-fs: Ignoring removed oldalloc option
[ 59.428023][ T5365] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 59.437672][ T5365] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.446477][ T5365] EXT4-fs (loop0): 1 truncate cleaned up
close(4) = 0
rmdir("./144/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./144") = 0
mkdir("./145", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5367
./strace-static-x86_64: Process 5367 attached
[pid 5367] chdir("./145") = 0
[pid 5367] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5367] setpgid(0, 0) = 0
[pid 5367] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5367] write(3, "1000", 4) = 4
[pid 5367] close(3) = 0
[pid 5367] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5367] memfd_create("syzkaller", 0) = 3
[pid 5367] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5367] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5367] munmap(0x7fa925b50000, 262144) = 0
[pid 5367] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5367] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5367] close(3) = 0
[pid 5367] mkdir("./file0", 0777) = 0
[pid 5367] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5367] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5367] chdir("./file0") = 0
[pid 5367] ioctl(4, LOOP_CLR_FD) = 0
[pid 5367] close(4) = 0
[pid 5367] exit_group(0) = ?
[pid 5367] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5367, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./145", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./145", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./145/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./145/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./145/binderfs") = 0
umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./145/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./145/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./145/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
[ 59.510521][ T5367] loop0: detected capacity change from 0 to 512
[ 59.518239][ T5367] EXT4-fs: Ignoring removed oldalloc option
[ 59.524692][ T5367] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 59.535133][ T5367] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.544506][ T5367] EXT4-fs (loop0): 1 truncate cleaned up
rmdir("./145") = 0
mkdir("./146", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5369
./strace-static-x86_64: Process 5369 attached
[pid 5369] chdir("./146") = 0
[pid 5369] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5369] setpgid(0, 0) = 0
[pid 5369] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5369] write(3, "1000", 4) = 4
[pid 5369] close(3) = 0
[pid 5369] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5369] memfd_create("syzkaller", 0) = 3
[pid 5369] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5369] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5369] munmap(0x7fa925b50000, 262144) = 0
[pid 5369] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5369] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5369] close(3) = 0
[pid 5369] mkdir("./file0", 0777) = 0
[pid 5369] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5369] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5369] chdir("./file0") = 0
[pid 5369] ioctl(4, LOOP_CLR_FD) = 0
[pid 5369] close(4) = 0
[pid 5369] exit_group(0) = ?
[pid 5369] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5369, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./146", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./146", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./146/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./146/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./146/binderfs") = 0
umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./146/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./146/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./146/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
[ 59.601897][ T5369] loop0: detected capacity change from 0 to 512
[ 59.610668][ T5369] EXT4-fs: Ignoring removed oldalloc option
[ 59.617031][ T5369] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 59.626772][ T5369] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.635582][ T5369] EXT4-fs (loop0): 1 truncate cleaned up
rmdir("./146") = 0
mkdir("./147", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5371
./strace-static-x86_64: Process 5371 attached
[pid 5371] chdir("./147") = 0
[pid 5371] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5371] setpgid(0, 0) = 0
[pid 5371] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5371] write(3, "1000", 4) = 4
[pid 5371] close(3) = 0
[pid 5371] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5371] memfd_create("syzkaller", 0) = 3
[pid 5371] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5371] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5371] munmap(0x7fa925b50000, 262144) = 0
[pid 5371] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5371] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5371] close(3) = 0
[pid 5371] mkdir("./file0", 0777) = 0
[pid 5371] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5371] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5371] chdir("./file0") = 0
[pid 5371] ioctl(4, LOOP_CLR_FD) = 0
[pid 5371] close(4) = 0
[pid 5371] exit_group(0) = ?
[pid 5371] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5371, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./147", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./147", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./147/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./147/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./147/binderfs") = 0
umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./147/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./147/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
[ 59.691326][ T5371] loop0: detected capacity change from 0 to 512
[ 59.699401][ T5371] EXT4-fs: Ignoring removed oldalloc option
[ 59.705762][ T5371] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 59.715496][ T5371] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.724555][ T5371] EXT4-fs (loop0): 1 truncate cleaned up
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./147/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./147") = 0
mkdir("./148", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5373
./strace-static-x86_64: Process 5373 attached
[pid 5373] chdir("./148") = 0
[pid 5373] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5373] setpgid(0, 0) = 0
[pid 5373] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5373] write(3, "1000", 4) = 4
[pid 5373] close(3) = 0
[pid 5373] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5373] memfd_create("syzkaller", 0) = 3
[pid 5373] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5373] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5373] munmap(0x7fa925b50000, 262144) = 0
[pid 5373] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5373] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5373] close(3) = 0
[pid 5373] mkdir("./file0", 0777) = 0
[pid 5373] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5373] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5373] chdir("./file0") = 0
[pid 5373] ioctl(4, LOOP_CLR_FD) = 0
[pid 5373] close(4) = 0
[pid 5373] exit_group(0) = ?
[pid 5373] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5373, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./148", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./148", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./148/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./148/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./148/binderfs") = 0
umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./148/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./148/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./148/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./148") = 0
mkdir("./149", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bf85d0) = 5375
./strace-static-x86_64: Process 5375 attached
[pid 5375] chdir("./149") = 0
[pid 5375] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5375] setpgid(0, 0) = 0
[pid 5375] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5375] write(3, "1000", 4) = 4
[pid 5375] close(3) = 0
[pid 5375] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5375] memfd_create("syzkaller", 0) = 3
[pid 5375] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5375] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5375] munmap(0x7fa925b50000, 262144) = 0
[pid 5375] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 59.787220][ T5373] loop0: detected capacity change from 0 to 512
[ 59.795043][ T5373] EXT4-fs: Ignoring removed oldalloc option
[ 59.801997][ T5373] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 59.811690][ T5373] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.820281][ T5373] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5375] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5375] close(3) = 0
[pid 5375] mkdir("./file0", 0777) = 0
[pid 5375] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,oldalloc,discard,bsddf,barrier=0x0000000000000000,journal_i"...) = 0
[pid 5375] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5375] chdir("./file0") = 0
[pid 5375] ioctl(4, LOOP_CLR_FD) = 0
[pid 5375] close(4) = 0
[pid 5375] exit_group(0) = ?
[pid 5375] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5375, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./149", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./149", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bf9620 /* 4 entries */, 32768) = 112
umount2("./149/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./149/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./149/binderfs") = 0
umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 59.858999][ T5375] loop0: detected capacity change from 0 to 512
[ 59.867236][ T5375] EXT4-fs: Ignoring removed oldalloc option
[ 59.874418][ T5375] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 59.884159][ T5375] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.892700][ T5375] EXT4-fs (loop0): 1 truncate cleaned up
lstat("./149/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./149/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555c01660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555c01660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./149/file0") = 0
getdents64(3, 0x555555bf9620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./149") = 0
mkdir("./150", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5377 attached
<unfinished ...>
[pid 5377] chdir("./150") = 0
[pid 5377] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid 5075] <... clone resumed>, child_tidptr=0x555555bf85d0) = 5377
[pid 5377] <... prctl resumed>) = 0
[pid 5377] setpgid(0, 0) = 0
[pid 5377] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5377] write(3, "1000", 4) = 4
[pid 5377] close(3) = 0
[pid 5377] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5377] memfd_create("syzkaller", 0) = 3
[pid 5377] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa925b50000
[pid 5377] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5377] munmap(0x7fa925b50000, 262144) = 0
[pid 5377] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5377] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5377] close(3) = 0
[pid 5377] mkdir("./file0", 0777) = 0