./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1342389273 <...> syzkaller syzkaller login: [ 44.069651][ T26] kauditd_printk_skb: 42 callbacks suppressed [ 44.069667][ T26] audit: type=1400 audit(1686651386.496:77): avc: denied { transition } for pid=4839 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 44.098426][ T26] audit: type=1400 audit(1686651386.496:78): avc: denied { noatsecure } for pid=4839 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 44.117889][ T26] audit: type=1400 audit(1686651386.506:79): avc: denied { write } for pid=4839 comm="sh" path="pipe:[1732]" dev="pipefs" ino=1732 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 44.140959][ T26] audit: type=1400 audit(1686651386.506:80): avc: denied { rlimitinh } for pid=4839 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 44.160087][ T26] audit: type=1400 audit(1686651386.506:81): avc: denied { siginh } for pid=4839 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 44.877926][ T26] audit: type=1400 audit(1686651387.306:82): avc: denied { read } for pid=4427 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 Warning: Permanently added '10.128.1.126' (ECDSA) to the list of known hosts. execve("./syz-executor1342389273", ["./syz-executor1342389273"], 0x7ffdfa64ecb0 /* 10 vars */) = 0 brk(NULL) = 0x555555af3000 brk(0x555555af3c40) = 0x555555af3c40 arch_prctl(ARCH_SET_FS, 0x555555af3300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor1342389273", 4096) = 28 brk(0x555555b14c40) = 0x555555b14c40 brk(0x555555b15000) = 0x555555b15000 mprotect(0x7f1979636000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555af35d0) = 4990 ./strace-static-x86_64: Process 4990 attached [pid 4989] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555af35d0) = 4991 [pid 4989] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4990] getpid() = 4990 ./strace-static-x86_64: Process 4991 attached [pid 4989] <... clone resumed>, child_tidptr=0x555555af35d0) = 4992 [pid 4990] mkdir("./syzkaller.4TwD7v", 0700 [pid 4989] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555af35d0) = 4993 [pid 4989] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555af35d0) = 4994 [pid 4989] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4990] <... mkdir resumed>) = 0 [pid 4990] chmod("./syzkaller.4TwD7v", 0777 [pid 4989] <... clone resumed>, child_tidptr=0x555555af35d0) = 4995 ./strace-static-x86_64: Process 4993 attached [pid 4990] <... chmod resumed>) = 0 [pid 4993] getpid() = 4993 [pid 4993] mkdir("./syzkaller.XzH7LM", 0700./strace-static-x86_64: Process 4992 attached [pid 4990] chdir("./syzkaller.4TwD7v") = 0 [pid 4992] getpid(./strace-static-x86_64: Process 4995 attached [pid 4990] mkdir("./0", 0777 [pid 4995] getpid( [pid 4993] <... mkdir resumed>) = 0 [pid 4992] <... getpid resumed>) = 4992 [pid 4992] mkdir("./syzkaller.4aUDKD", 0700 [pid 4990] <... mkdir resumed>) = 0 [pid 4990] openat(AT_FDCWD, "/dev/loop0", O_RDWR [ 72.007384][ T26] audit: type=1400 audit(1686651414.436:83): avc: denied { write } for pid=4986 comm="strace-static-x" path="pipe:[1926]" dev="pipefs" ino=1926 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 72.032960][ T26] audit: type=1400 audit(1686651414.456:84): avc: denied { execmem } for pid=4989 comm="syz-executor134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [pid 4993] chmod("./syzkaller.XzH7LM", 0777) = 0 [pid 4992] <... mkdir resumed>) = 0 [pid 4995] <... getpid resumed>) = 4995 [pid 4995] mkdir("./syzkaller.hSnKiT", 0700) = 0 [pid 4993] chdir("./syzkaller.XzH7LM") = 0 [pid 4993] mkdir("./0", 0777) = 0 [pid 4992] chmod("./syzkaller.4aUDKD", 0777) = 0 [pid 4992] chdir("./syzkaller.4aUDKD") = 0 [pid 4995] chmod("./syzkaller.hSnKiT", 0777) = 0 [pid 4992] mkdir("./0", 0777) = 0 [pid 4993] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 4995] chdir("./syzkaller.hSnKiT") = 0 [pid 4995] mkdir("./0", 0777) = 0 [pid 4992] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 4993] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 4995] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 4992] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 4993] close(3) = 0 [pid 4992] close(3) = 0 [pid 4995] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 4992] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4995] close(3) = 0 [pid 4995] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4993] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4992] <... clone resumed>, child_tidptr=0x555555af35d0) = 4996 [pid 4995] <... clone resumed>, child_tidptr=0x555555af35d0) = 4997 [pid 4993] <... clone resumed>, child_tidptr=0x555555af35d0) = 4998 ./strace-static-x86_64: Process 4996 attached ./strace-static-x86_64: Process 4998 attached [pid 4996] chdir("./0") = 0 [pid 4998] chdir("./0") = 0 [pid 4996] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4996] setpgid(0, 0 [pid 4998] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4996] <... setpgid resumed>) = 0 [pid 4998] <... prctl resumed>) = 0 [pid 4998] setpgid(0, 0) = 0 [pid 4996] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4998] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4996] <... openat resumed>) = 3 [pid 4998] <... openat resumed>) = 3 [pid 4998] write(3, "1000", 4 [pid 4996] write(3, "1000", 4 [pid 4998] <... write resumed>) = 4 [pid 4996] <... write resumed>) = 4 [pid 4998] close(3 [pid 4996] close(3 [pid 4998] <... close resumed>) = 0 [pid 4996] <... close resumed>) = 0 [pid 4998] symlink("/dev/binderfs", "./binderfs" [pid 4996] symlink("/dev/binderfs", "./binderfs" [pid 4998] <... symlink resumed>) = 0 [pid 4996] <... symlink resumed>) = 0 [pid 4991] getpid( [pid 4990] <... openat resumed>) = 3 ./strace-static-x86_64: Process 4997 attached ./strace-static-x86_64: Process 4994 attached [pid 4998] memfd_create("syzkaller", 0 [pid 4996] memfd_create("syzkaller", 0 [pid 4998] <... memfd_create resumed>) = 3 [pid 4997] chdir("./0" [pid 4991] <... getpid resumed>) = 4991 [pid 4990] ioctl(3, LOOP_CLR_FD [pid 4998] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4994] getpid( [pid 4998] <... mmap resumed>) = 0x7f197117a000 [pid 4998] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 4997] <... chdir resumed>) = 0 [pid 4994] <... getpid resumed>) = 4994 [pid 4991] mkdir("./syzkaller.4kokDz", 0700 [pid 4990] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4997] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4994] mkdir("./syzkaller.wrwszP", 0700 [pid 4991] <... mkdir resumed>) = 0 [pid 4990] close(3 [pid 4997] <... prctl resumed>) = 0 [pid 4994] <... mkdir resumed>) = 0 [pid 4997] setpgid(0, 0 [pid 4990] <... close resumed>) = 0 [pid 4997] <... setpgid resumed>) = 0 [pid 4990] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4994] chmod("./syzkaller.wrwszP", 0777 [pid 4997] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4997] write(3, "1000", 4 [pid 4994] <... chmod resumed>) = 0 [pid 4991] chmod("./syzkaller.4kokDz", 0777 [pid 4990] <... clone resumed>, child_tidptr=0x555555af35d0) = 4999 [pid 4997] <... write resumed>) = 4 [pid 4997] close(3 [pid 4994] chdir("./syzkaller.wrwszP" [pid 4991] <... chmod resumed>) = 0 [pid 4997] <... close resumed>) = 0 [pid 4997] symlink("/dev/binderfs", "./binderfs" [pid 4994] <... chdir resumed>) = 0 [pid 4991] chdir("./syzkaller.4kokDz"./strace-static-x86_64: Process 4999 attached [pid 4997] <... symlink resumed>) = 0 [pid 4999] chdir("./0" [pid 4994] mkdir("./0", 0777 [pid 4997] memfd_create("syzkaller", 0 [pid 4991] <... chdir resumed>) = 0 [pid 4999] <... chdir resumed>) = 0 [pid 4999] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4998] <... write resumed>) = 524288 [pid 4997] <... memfd_create resumed>) = 3 [pid 4994] <... mkdir resumed>) = 0 [pid 4991] mkdir("./0", 0777 [pid 4999] setpgid(0, 0 [pid 4997] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4999] <... setpgid resumed>) = 0 [pid 4999] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4998] munmap(0x7f197117a000, 524288 [pid 4991] <... mkdir resumed>) = 0 [pid 4999] <... openat resumed>) = 3 [pid 4998] <... munmap resumed>) = 0 [pid 4997] <... mmap resumed>) = 0x7f197117a000 [pid 4996] <... memfd_create resumed>) = 3 [pid 4994] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4991] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 4999] write(3, "1000", 4 [pid 4998] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4996] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4999] <... write resumed>) = 4 [pid 4998] <... openat resumed>) = 4 [pid 4996] <... mmap resumed>) = 0x7f197117a000 [pid 4999] close(3 [ 72.067534][ T26] audit: type=1400 audit(1686651414.496:85): avc: denied { read write } for pid=4990 comm="syz-executor134" name="loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 72.106202][ T4996] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=4996 'syz-executor134' [pid 4998] ioctl(4, LOOP_SET_FD, 3 [pid 4994] <... openat resumed>) = 3 [pid 4999] <... close resumed>) = 0 [pid 4997] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 4996] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 4991] <... openat resumed>) = 3 [pid 4999] symlink("/dev/binderfs", "./binderfs") = 0 [pid 4999] memfd_create("syzkaller", 0) = 3 [pid 4999] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f197117a000 [pid 4999] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 4996] <... write resumed>) = 524288 [pid 4996] munmap(0x7f197117a000, 524288 [pid 4999] <... write resumed>) = 524288 [pid 4999] munmap(0x7f197117a000, 524288 [pid 4994] ioctl(3, LOOP_CLR_FD [pid 4991] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 4999] <... munmap resumed>) = 0 [pid 4994] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4991] close(3 [pid 4996] <... munmap resumed>) = 0 [pid 4994] close(3 [pid 4998] <... ioctl resumed>) = 0 [pid 4994] <... close resumed>) = 0 [pid 4991] <... close resumed>) = 0 [pid 4999] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4998] close(3 [pid 4996] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4994] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4999] <... openat resumed>) = 4 [pid 4998] <... close resumed>) = 0 [pid 4996] <... openat resumed>) = 4 [pid 4991] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4999] ioctl(4, LOOP_SET_FD, 3 [pid 4998] mkdir("./file0", 0777 [ 72.147673][ T4998] loop3: detected capacity change from 0 to 1024 [ 72.152716][ T26] audit: type=1400 audit(1686651414.496:86): avc: denied { open } for pid=4993 comm="syz-executor134" path="/dev/loop3" dev="devtmpfs" ino=651 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 72.185478][ T4996] loop2: detected capacity change from 0 to 1024 [pid 4996] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5000 attached [pid 4998] <... mkdir resumed>) = 0 [pid 4997] <... write resumed>) = 524288 [pid 4996] <... ioctl resumed>) = 0 [pid 5000] chdir("./0" [pid 4997] munmap(0x7f197117a000, 524288 [pid 4994] <... clone resumed>, child_tidptr=0x555555af35d0) = 5000 [pid 4991] <... clone resumed>, child_tidptr=0x555555af35d0) = 5001 [pid 5000] <... chdir resumed>) = 0 [pid 4997] <... munmap resumed>) = 0 [pid 4998] mount("/dev/loop3", "./file0", "hfsplus", 0, ""./strace-static-x86_64: Process 5001 attached [ 72.188780][ T26] audit: type=1400 audit(1686651414.496:87): avc: denied { ioctl } for pid=4993 comm="syz-executor134" path="/dev/loop3" dev="devtmpfs" ino=651 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 72.193213][ T4999] loop0: detected capacity change from 0 to 1024 [pid 5000] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4997] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5001] chdir("./0" [pid 5000] <... prctl resumed>) = 0 [pid 4998] <... mount resumed>) = 0 [pid 4997] <... openat resumed>) = 4 [pid 4996] close(3 [pid 5001] <... chdir resumed>) = 0 [pid 5000] setpgid(0, 0 [pid 4998] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 4997] ioctl(4, LOOP_SET_FD, 3 [pid 4996] <... close resumed>) = 0 [pid 5001] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5000] <... setpgid resumed>) = 0 [pid 4999] <... ioctl resumed>) = 0 [pid 4998] <... openat resumed>) = 3 [pid 4996] mkdir("./file0", 0777 [pid 5001] <... prctl resumed>) = 0 [pid 5000] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4999] close(3 [pid 4998] ioctl(4, LOOP_CLR_FD [pid 5001] setpgid(0, 0 [pid 5000] <... openat resumed>) = 3 [pid 4999] <... close resumed>) = 0 [pid 4998] <... ioctl resumed>) = 0 [pid 4997] <... ioctl resumed>) = 0 [pid 4996] <... mkdir resumed>) = 0 [pid 5001] <... setpgid resumed>) = 0 [pid 5000] write(3, "1000", 4 [pid 4999] mkdir("./file0", 0777 [pid 4998] close(4 [pid 4997] close(3 [pid 4996] mount("/dev/loop2", "./file0", "hfsplus", 0, "" [pid 5001] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5000] <... write resumed>) = 4 [pid 4999] <... mkdir resumed>) = 0 [pid 4997] <... close resumed>) = 0 [pid 4998] <... close resumed>) = 0 [pid 5000] close(3 [pid 4997] mkdir("./file0", 0777 [pid 5001] <... openat resumed>) = 3 [pid 5000] <... close resumed>) = 0 [pid 4999] mount("/dev/loop0", "./file0", "hfsplus", 0, "" [pid 4998] openat(AT_FDCWD, "/dev/loop5", O_RDONLY [pid 4997] <... mkdir resumed>) = 0 [pid 5001] write(3, "1000", 4 [pid 5000] symlink("/dev/binderfs", "./binderfs" [pid 4997] mount("/dev/loop5", "./file0", "hfsplus", 0, "" [pid 5001] <... write resumed>) = 4 [pid 5000] <... symlink resumed>) = 0 [pid 4998] <... openat resumed>) = 4 [pid 5001] close(3 [pid 5000] memfd_create("syzkaller", 0 [pid 4998] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5001] <... close resumed>) = 0 [pid 5000] <... memfd_create resumed>) = 3 [pid 4999] <... mount resumed>) = 0 [pid 4996] <... mount resumed>) = 0 [pid 5001] symlink("/dev/binderfs", "./binderfs" [pid 5000] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4999] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 4996] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5001] <... symlink resumed>) = 0 [pid 5000] <... mmap resumed>) = 0x7f197117a000 [pid 4999] <... openat resumed>) = 3 [pid 4996] <... openat resumed>) = 3 [pid 5001] memfd_create("syzkaller", 0 [pid 5000] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 4999] ioctl(4, LOOP_CLR_FD [pid 4996] ioctl(4, LOOP_CLR_FD [pid 5001] <... memfd_create resumed>) = 3 [pid 5000] <... write resumed>) = 524288 [pid 4999] <... ioctl resumed>) = 0 [ 72.227240][ T26] audit: type=1400 audit(1686651414.656:88): avc: denied { mounton } for pid=4998 comm="syz-executor134" path="/root/syzkaller.XzH7LM/0/file0" dev="sda1" ino=1943 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 72.260727][ T4997] loop5: detected capacity change from 0 to 1024 [pid 4996] <... ioctl resumed>) = 0 [pid 5001] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f197117a000 [pid 4999] close(4 [pid 4996] close(4 [pid 5000] munmap(0x7f197117a000, 524288 [pid 4999] <... close resumed>) = 0 [pid 4996] <... close resumed>) = 0 [pid 5000] <... munmap resumed>) = 0 [pid 5000] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5000] ioctl(4, LOOP_SET_FD, 3 [pid 5001] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 4999] openat(AT_FDCWD, "/dev/loop5", O_RDONLY [pid 4996] openat(AT_FDCWD, "/dev/loop5", O_RDONLY [pid 5000] <... ioctl resumed>) = 0 [pid 5000] close(3) = 0 [pid 5000] mkdir("./file0", 0777 [pid 5001] <... write resumed>) = 524288 [pid 4999] <... openat resumed>) = 4 [pid 4996] <... openat resumed>) = 4 [pid 4999] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 4996] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5001] munmap(0x7f197117a000, 524288) = 0 [pid 5001] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5001] ioctl(4, LOOP_SET_FD, 3 [pid 5000] <... mkdir resumed>) = 0 [pid 4999] <... ioctl resumed>) = 0 [pid 4998] <... ioctl resumed>) = 0 [pid 4997] <... mount resumed>) = 0 [pid 4996] <... ioctl resumed>) = 0 [pid 4997] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 4999] exit_group(0 [pid 4997] <... openat resumed>) = 3 [pid 4996] exit_group(0 [pid 4999] <... exit_group resumed>) = ? [pid 4998] exit_group(0 [pid 4997] ioctl(4, LOOP_CLR_FD [pid 4996] <... exit_group resumed>) = ? [pid 5000] mount("/dev/loop4", "./file0", "hfsplus", 0, "" [pid 4997] <... ioctl resumed>) = 0 [pid 4999] +++ exited with 0 +++ [pid 4997] close(4 [pid 4998] <... exit_group resumed>) = ? [pid 4997] <... close resumed>) = 0 [pid 4996] +++ exited with 0 +++ [pid 4990] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4999, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 4997] openat(AT_FDCWD, "/dev/loop5", O_RDONLY [pid 4990] restart_syscall(<... resuming interrupted clone ...> [pid 4997] <... openat resumed>) = 4 [pid 4990] <... restart_syscall resumed>) = 0 [pid 4997] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 4997] exit_group(0 [pid 4990] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4997] <... exit_group resumed>) = ? [pid 4990] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4997] +++ exited with 0 +++ [pid 4990] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 4990] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4990] getdents64(3, 0x555555af4620 /* 4 entries */, 32768) = 112 [ 72.314776][ T5000] loop4: detected capacity change from 0 to 1024 [ 72.350837][ T5001] loop1: detected capacity change from 0 to 1024 [pid 4995] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4997, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 4992] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4996, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 4990] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] <... ioctl resumed>) = 0 [pid 4998] +++ exited with 0 +++ [pid 5001] close(3 [pid 4990] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] <... close resumed>) = 0 [pid 4990] lstat("./0/binderfs", [pid 4993] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4998, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5001] mkdir("./file0", 0777 [pid 5000] <... mount resumed>) = 0 [pid 4995] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4990] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5000] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 4990] unlink("./0/binderfs" [pid 5000] <... openat resumed>) = 3 [pid 4993] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4990] <... unlink resumed>) = 0 [pid 5000] ioctl(4, LOOP_CLR_FD [pid 4990] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] <... mkdir resumed>) = 0 [pid 5000] <... ioctl resumed>) = 0 [pid 4995] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4993] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4992] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] mount("/dev/loop1", "./file0", "hfsplus", 0, "" [pid 5000] close(4 [pid 4995] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4993] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4990] <... umount2 resumed>) = 0 [pid 5000] <... close resumed>) = 0 [pid 5000] openat(AT_FDCWD, "/dev/loop5", O_RDONLY) = 4 [pid 5000] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 4992] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5000] <... ioctl resumed>) = 0 [pid 4995] <... openat resumed>) = 3 [pid 5000] exit_group(0 [pid 4995] fstat(3, [pid 4993] <... openat resumed>) = 3 [pid 4992] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5000] <... exit_group resumed>) = ? [pid 4995] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] <... mount resumed>) = 0 [pid 5000] +++ exited with 0 +++ [pid 4995] getdents64(3, [pid 4993] fstat(3, [pid 4992] <... openat resumed>) = 3 [pid 4994] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5000, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 4992] fstat(3, [pid 4994] restart_syscall(<... resuming interrupted clone ...> [pid 4993] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4995] <... getdents64 resumed>0x555555af4620 /* 4 entries */, 32768) = 112 [pid 4994] <... restart_syscall resumed>) = 0 [pid 4992] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 4995] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4993] getdents64(3, [pid 4992] getdents64(3, [pid 4990] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] <... openat resumed>) = 3 [pid 4995] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4993] <... getdents64 resumed>0x555555af4620 /* 4 entries */, 32768) = 112 [pid 4992] <... getdents64 resumed>0x555555af4620 /* 4 entries */, 32768) = 112 [pid 5001] ioctl(4, LOOP_CLR_FD [pid 4995] lstat("./0/binderfs", [pid 4994] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4990] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5001] <... ioctl resumed>) = 0 [pid 4995] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 4994] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 72.358005][ T26] audit: type=1400 audit(1686651414.656:89): avc: denied { mount } for pid=4998 comm="syz-executor134" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [pid 4993] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4992] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5001] close(4 [pid 4995] unlink("./0/binderfs" [pid 4994] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4993] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4990] lstat("./0/file0", [pid 4994] <... openat resumed>) = 3 [pid 4990] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4994] fstat(3, [pid 4990] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4994] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4990] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4994] getdents64(3, [pid 4990] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4994] <... getdents64 resumed>0x555555af4620 /* 4 entries */, 32768) = 112 [pid 4990] <... openat resumed>) = 4 [pid 4994] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4990] fstat(4, [pid 5001] <... close resumed>) = 0 [pid 4994] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4992] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4990] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5001] openat(AT_FDCWD, "/dev/loop5", O_RDONLY [pid 4995] <... unlink resumed>) = 0 [pid 4994] lstat("./0/binderfs", [pid 4993] lstat("./0/binderfs", [pid 4992] lstat("./0/binderfs", [pid 4990] getdents64(4, [pid 5001] <... openat resumed>) = 4 [pid 4995] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4994] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 4990] <... getdents64 resumed>0x555555afc660 /* 2 entries */, 32768) = 48 [pid 4994] unlink("./0/binderfs" [pid 4990] getdents64(4, [pid 5001] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 4994] <... unlink resumed>) = 0 [pid 4993] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 4992] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 4990] <... getdents64 resumed>0x555555afc660 /* 0 entries */, 32768) = 0 [pid 5001] <... ioctl resumed>) = 0 [pid 4994] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4993] unlink("./0/binderfs" [pid 4992] unlink("./0/binderfs" [pid 4990] close(4 [pid 5001] exit_group(0 [pid 4990] <... close resumed>) = 0 [pid 4993] <... unlink resumed>) = 0 [pid 4990] rmdir("./0/file0" [pid 5001] <... exit_group resumed>) = ? [pid 4993] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4992] <... unlink resumed>) = 0 [pid 4990] <... rmdir resumed>) = 0 [pid 4990] getdents64(3, 0x555555af4620 /* 0 entries */, 32768) = 0 [pid 4990] close(3) = 0 [pid 4990] rmdir("./0" [pid 5001] +++ exited with 0 +++ [pid 4992] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4990] <... rmdir resumed>) = 0 [pid 4991] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5001, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 4990] mkdir("./1", 0777) = 0 [pid 4990] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 4991] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4990] <... openat resumed>) = 3 [pid 4991] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4991] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4990] ioctl(3, LOOP_CLR_FD [pid 4991] <... openat resumed>) = 3 [pid 4991] fstat(3, [pid 4990] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4991] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4991] getdents64(3, [pid 4990] close(3 [pid 4991] <... getdents64 resumed>0x555555af4620 /* 4 entries */, 32768) = 112 [pid 4991] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4990] <... close resumed>) = 0 [pid 4991] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4991] lstat("./0/binderfs", [pid 4990] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4991] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 4991] unlink("./0/binderfs") = 0 [pid 4991] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4990] <... clone resumed>, child_tidptr=0x555555af35d0) = 5004 [pid 4994] <... umount2 resumed>) = 0 [pid 4991] <... umount2 resumed>) = 0 [pid 4994] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4992] <... umount2 resumed>) = 0 [pid 4991] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4994] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4991] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4994] lstat("./0/file0", [pid 4991] lstat("./0/file0", [pid 4994] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4991] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4994] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4991] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4994] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4991] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4994] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4991] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4994] <... openat resumed>) = 4 [pid 4991] <... openat resumed>) = 4 [pid 4994] fstat(4, [pid 4993] <... umount2 resumed>) = 0 [pid 4991] fstat(4, [pid 4994] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4991] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4994] getdents64(4, [pid 4991] getdents64(4, [pid 4994] <... getdents64 resumed>0x555555afc660 /* 2 entries */, 32768) = 48 [pid 4991] <... getdents64 resumed>0x555555afc660 /* 2 entries */, 32768) = 48 [pid 4994] getdents64(4, [pid 4991] getdents64(4, [pid 4994] <... getdents64 resumed>0x555555afc660 /* 0 entries */, 32768) = 0 [pid 4991] <... getdents64 resumed>0x555555afc660 /* 0 entries */, 32768) = 0 [pid 4994] close(4 [pid 4991] close(4 [pid 4994] <... close resumed>) = 0 [pid 4991] <... close resumed>) = 0 [pid 4994] rmdir("./0/file0" [pid 4991] rmdir("./0/file0" [pid 4995] <... umount2 resumed>) = 0 [pid 4994] <... rmdir resumed>) = 0 [pid 4991] <... rmdir resumed>) = 0 [pid 4994] getdents64(3, [pid 4991] getdents64(3, [pid 4995] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4994] <... getdents64 resumed>0x555555af4620 /* 0 entries */, 32768) = 0 [pid 4993] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4992] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4991] <... getdents64 resumed>0x555555af4620 /* 0 entries */, 32768) = 0 [pid 4994] close(3 [pid 4991] close(3./strace-static-x86_64: Process 5004 attached [pid 4995] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4994] <... close resumed>) = 0 [pid 4993] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4992] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4991] <... close resumed>) = 0 [pid 4995] lstat("./0/file0", [pid 4994] rmdir("./0" [pid 4991] rmdir("./0" [pid 5004] chdir("./1" [pid 4995] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4994] <... rmdir resumed>) = 0 [pid 4993] lstat("./0/file0", [pid 4992] lstat("./0/file0", [pid 4991] <... rmdir resumed>) = 0 [pid 4995] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4994] mkdir("./1", 0777 [pid 4993] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4991] mkdir("./1", 0777 [pid 4992] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] <... chdir resumed>) = 0 [pid 4995] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4994] <... mkdir resumed>) = 0 [pid 4993] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4992] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 4991] <... mkdir resumed>) = 0 [pid 5004] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4995] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4994] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 4991] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5004] <... prctl resumed>) = 0 [pid 4995] <... openat resumed>) = 4 [pid 4994] <... openat resumed>) = 3 [pid 4993] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4992] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] setpgid(0, 0 [pid 4995] fstat(4, [pid 4994] ioctl(3, LOOP_CLR_FD [pid 4993] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4992] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] <... setpgid resumed>) = 0 [pid 4994] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4994] close(3 [pid 5004] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4994] <... close resumed>) = 0 [pid 4995] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4994] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5004] <... openat resumed>) = 3 [pid 4995] getdents64(4, [pid 4993] <... openat resumed>) = 4 [pid 4992] <... openat resumed>) = 4 [pid 4995] <... getdents64 resumed>0x555555afc660 /* 2 entries */, 32768) = 48 [pid 4994] <... clone resumed>, child_tidptr=0x555555af35d0) = 5005 [pid 4993] fstat(4, [pid 5004] write(3, "1000", 4 [pid 4992] fstat(4, [pid 5004] <... write resumed>) = 4 [pid 4995] getdents64(4, [pid 4993] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 4992] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] close(3 [pid 4995] <... getdents64 resumed>0x555555afc660 /* 0 entries */, 32768) = 0 [pid 4993] getdents64(4, [pid 4992] getdents64(4, [pid 5004] <... close resumed>) = 0 [pid 4995] close(4 [pid 4993] <... getdents64 resumed>0x555555afc660 /* 2 entries */, 32768) = 48 [pid 4992] <... getdents64 resumed>0x555555afc660 /* 2 entries */, 32768) = 48 [pid 5004] symlink("/dev/binderfs", "./binderfs" [pid 4995] <... close resumed>) = 0 [pid 4993] getdents64(4, [pid 4992] getdents64(4, ./strace-static-x86_64: Process 5005 attached [pid 4993] <... getdents64 resumed>0x555555afc660 /* 0 entries */, 32768) = 0 [pid 4992] <... getdents64 resumed>0x555555afc660 /* 0 entries */, 32768) = 0 [pid 4995] rmdir("./0/file0" [pid 5005] chdir("./1") = 0 [pid 5005] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5005] setpgid(0, 0) = 0 [pid 5005] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5004] <... symlink resumed>) = 0 [pid 4993] close(4 [pid 4992] close(4 [pid 5005] write(3, "1000", 4) = 4 [pid 4995] <... rmdir resumed>) = 0 [pid 4993] <... close resumed>) = 0 [pid 4992] <... close resumed>) = 0 [pid 5005] close(3 [pid 4995] getdents64(3, [pid 4993] rmdir("./0/file0" [pid 4992] rmdir("./0/file0" [pid 5004] memfd_create("syzkaller", 0 [pid 4995] <... getdents64 resumed>0x555555af4620 /* 0 entries */, 32768) = 0 [pid 5005] <... close resumed>) = 0 [pid 5005] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5004] <... memfd_create resumed>) = 3 [pid 4995] close(3 [pid 4993] <... rmdir resumed>) = 0 [pid 4992] <... rmdir resumed>) = 0 [pid 5005] memfd_create("syzkaller", 0 [pid 5004] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 4995] <... close resumed>) = 0 [pid 4993] getdents64(3, [pid 4992] getdents64(3, [pid 5005] <... memfd_create resumed>) = 3 [pid 5004] <... mmap resumed>) = 0x7f197117a000 [pid 4995] rmdir("./0" [pid 4993] <... getdents64 resumed>0x555555af4620 /* 0 entries */, 32768) = 0 [pid 4992] <... getdents64 resumed>0x555555af4620 /* 0 entries */, 32768) = 0 [pid 5005] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f197117a000 [pid 4995] <... rmdir resumed>) = 0 [pid 4993] close(3 [pid 4992] close(3 [pid 5005] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5004] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 4995] mkdir("./1", 0777 [pid 4993] <... close resumed>) = 0 [pid 4992] <... close resumed>) = 0 [pid 4995] <... mkdir resumed>) = 0 [pid 4993] rmdir("./0" [pid 4992] rmdir("./0" [pid 4995] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 4993] <... rmdir resumed>) = 0 [pid 4993] mkdir("./1", 0777 [pid 4992] <... rmdir resumed>) = 0 [pid 4995] <... openat resumed>) = 3 [pid 4995] ioctl(3, LOOP_CLR_FD [pid 4993] <... mkdir resumed>) = 0 [pid 4992] mkdir("./1", 0777 [pid 4995] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4993] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 4995] close(3 [pid 4992] <... mkdir resumed>) = 0 [pid 4993] <... openat resumed>) = 3 [pid 4995] <... close resumed>) = 0 [pid 4992] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 4993] ioctl(3, LOOP_CLR_FD [pid 4995] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4992] <... openat resumed>) = 3 [pid 4993] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 4992] ioctl(3, LOOP_CLR_FD [pid 4995] <... clone resumed>, child_tidptr=0x555555af35d0) = 5006 [pid 4993] close(3 [pid 4992] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5005] <... write resumed>) = 524288 [pid 4993] <... close resumed>) = 0 [pid 4992] close(3 [pid 4993] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4992] <... close resumed>) = 0 [pid 5005] munmap(0x7f197117a000, 524288 [pid 4992] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4993] <... clone resumed>, child_tidptr=0x555555af35d0) = 5007 [pid 5005] <... munmap resumed>) = 0 [pid 5005] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5005] ioctl(4, LOOP_SET_FD, 3 [pid 4992] <... clone resumed>, child_tidptr=0x555555af35d0) = 5008 [ 72.473770][ T26] audit: type=1400 audit(1686651414.816:90): avc: denied { unmount } for pid=4990 comm="syz-executor134" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 ./strace-static-x86_64: Process 5006 attached [pid 5004] <... write resumed>) = 524288 [pid 4991] <... openat resumed>) = 3 [pid 4991] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5006] chdir("./1" [pid 4991] close(3 [pid 5006] <... chdir resumed>) = 0 [pid 4991] <... close resumed>) = 0 [pid 4991] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5006] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5008 attached ) = 0 [pid 4991] <... clone resumed>, child_tidptr=0x555555af35d0) = 5009 [pid 5006] setpgid(0, 0 [pid 5008] chdir("./1" [pid 5006] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 5007 attached [pid 5006] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5008] <... chdir resumed>) = 0 [pid 5007] chdir("./1") = 0 [pid 5007] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5008] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5007] <... prctl resumed>) = 0 [pid 5006] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5009 attached [pid 5008] <... prctl resumed>) = 0 [pid 5007] setpgid(0, 0 [pid 5006] write(3, "1000", 4 [pid 5009] chdir("./1" [pid 5008] setpgid(0, 0 [pid 5007] <... setpgid resumed>) = 0 [pid 5006] <... write resumed>) = 4 [pid 5004] munmap(0x7f197117a000, 524288 [pid 5009] <... chdir resumed>) = 0 [pid 5008] <... setpgid resumed>) = 0 [pid 5007] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5006] close(3 [pid 5009] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5008] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5007] <... openat resumed>) = 3 [pid 5006] <... close resumed>) = 0 [pid 5009] <... prctl resumed>) = 0 [pid 5008] <... openat resumed>) = 3 [pid 5007] write(3, "1000", 4 [pid 5006] symlink("/dev/binderfs", "./binderfs" [pid 5009] setpgid(0, 0 [pid 5007] <... write resumed>) = 4 [pid 5004] <... munmap resumed>) = 0 [pid 5009] <... setpgid resumed>) = 0 [pid 5008] write(3, "1000", 4 [pid 5007] close(3 [pid 5006] <... symlink resumed>) = 0 [pid 5009] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5008] <... write resumed>) = 4 [pid 5007] <... close resumed>) = 0 [pid 5004] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5009] <... openat resumed>) = 3 [pid 5008] close(3 [pid 5007] symlink("/dev/binderfs", "./binderfs" [pid 5006] memfd_create("syzkaller", 0 [pid 5004] <... openat resumed>) = 4 [pid 5009] write(3, "1000", 4 [pid 5008] <... close resumed>) = 0 [pid 5007] <... symlink resumed>) = 0 [pid 5006] <... memfd_create resumed>) = 3 [pid 5005] <... ioctl resumed>) = 0 [pid 5004] ioctl(4, LOOP_SET_FD, 3 [pid 5009] <... write resumed>) = 4 [pid 5008] symlink("/dev/binderfs", "./binderfs" [pid 5007] memfd_create("syzkaller", 0 [pid 5006] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5005] close(3 [pid 5009] close(3 [pid 5007] <... memfd_create resumed>) = 3 [pid 5005] <... close resumed>) = 0 [pid 5009] <... close resumed>) = 0 [pid 5007] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5005] mkdir("./file0", 0777 [pid 5009] symlink("/dev/binderfs", "./binderfs" [pid 5007] <... mmap resumed>) = 0x7f197117a000 [pid 5005] <... mkdir resumed>) = 0 [pid 5009] <... symlink resumed>) = 0 [pid 5008] <... symlink resumed>) = 0 [pid 5007] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5006] <... mmap resumed>) = 0x7f197117a000 [pid 5005] mount("/dev/loop4", "./file0", "hfsplus", 0, "" [pid 5004] <... ioctl resumed>) = 0 [pid 5009] memfd_create("syzkaller", 0 [pid 5008] memfd_create("syzkaller", 0 [pid 5007] <... write resumed>) = 524288 [pid 5006] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5004] close(3 [pid 5009] <... memfd_create resumed>) = 3 [pid 5005] <... mount resumed>) = 0 [pid 5009] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5005] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5009] <... mmap resumed>) = 0x7f197117a000 [pid 5005] <... openat resumed>) = 3 [pid 5009] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5005] ioctl(4, LOOP_CLR_FD [pid 5009] <... write resumed>) = 524288 [pid 5008] <... memfd_create resumed>) = 3 [pid 5005] <... ioctl resumed>) = 0 [pid 5007] munmap(0x7f197117a000, 524288 [pid 5005] close(4 [pid 5007] <... munmap resumed>) = 0 [pid 5005] <... close resumed>) = 0 [pid 5005] openat(AT_FDCWD, "/dev/loop5", O_RDONLY) = 4 [pid 5007] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5006] <... write resumed>) = 524288 [pid 5005] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5008] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5007] <... openat resumed>) = 4 [pid 5006] munmap(0x7f197117a000, 524288 [pid 5005] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5004] <... close resumed>) = 0 [pid 5009] munmap(0x7f197117a000, 524288 [pid 5008] <... mmap resumed>) = 0x7f197117a000 [pid 5007] ioctl(4, LOOP_SET_FD, 3 [ 72.532282][ T5005] loop4: detected capacity change from 0 to 1024 [ 72.558419][ T5004] loop0: detected capacity change from 0 to 1024 [pid 5005] exit_group(0 [pid 5004] mkdir("./file0", 0777 [pid 5009] <... munmap resumed>) = 0 [pid 5008] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5006] <... munmap resumed>) = 0 [pid 5005] <... exit_group resumed>) = ? [pid 5009] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5005] +++ exited with 0 +++ [pid 5004] <... mkdir resumed>) = 0 [pid 5009] <... openat resumed>) = 4 [pid 5009] ioctl(4, LOOP_SET_FD, 3 [pid 4994] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5005, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5008] <... write resumed>) = 524288 [pid 5006] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5004] mount("/dev/loop0", "./file0", "hfsplus", 0, "" [pid 4994] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5006] <... openat resumed>) = 4 [pid 4994] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4994] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5008] munmap(0x7f197117a000, 524288 [pid 5006] ioctl(4, LOOP_SET_FD, 3 [pid 5004] <... mount resumed>) = 0 [pid 4994] <... openat resumed>) = 3 [pid 5004] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 4994] fstat(3, [pid 5004] <... openat resumed>) = 3 [pid 4994] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5004] ioctl(4, LOOP_CLR_FD [pid 4994] getdents64(3, [pid 5004] <... ioctl resumed>) = 0 [pid 4994] <... getdents64 resumed>0x555555af4620 /* 4 entries */, 32768) = 112 [pid 5004] close(4 [pid 4994] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5004] <... close resumed>) = 0 [pid 4994] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5004] openat(AT_FDCWD, "/dev/loop5", O_RDONLY [pid 4994] lstat("./1/binderfs", [pid 5004] <... openat resumed>) = 4 [pid 4994] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5004] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 4994] unlink("./1/binderfs") = 0 [pid 4994] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5007] <... ioctl resumed>) = 0 [pid 5007] close(3) = 0 [pid 5007] mkdir("./file0", 0777) = 0 [ 72.609419][ T5007] loop3: detected capacity change from 0 to 1024 [ 72.621737][ T5009] loop1: detected capacity change from 0 to 1024 [ 72.634396][ T5006] loop5: detected capacity change from 0 to 1024 [pid 5007] mount("/dev/loop3", "./file0", "hfsplus", 0, "" [pid 5008] <... munmap resumed>) = 0 [pid 5006] <... ioctl resumed>) = 0 [pid 5009] <... ioctl resumed>) = 0 [pid 5008] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5006] close(3 [pid 5009] close(3 [pid 5006] <... close resumed>) = 0 [pid 5009] <... close resumed>) = 0 [pid 5008] <... openat resumed>) = 4 [pid 5009] mkdir("./file0", 0777) = 0 [pid 5009] mount("/dev/loop1", "./file0", "hfsplus", 0, "" [pid 5008] ioctl(4, LOOP_SET_FD, 3 [pid 5006] mkdir("./file0", 0777 [pid 4994] <... umount2 resumed>) = 0 [pid 5006] <... mkdir resumed>) = 0 [pid 5008] <... ioctl resumed>) = 0 [pid 5006] mount("/dev/loop5", "./file0", "hfsplus", 0, "" [pid 5008] close(3 [pid 4994] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5008] <... close resumed>) = 0 [pid 4994] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 4994] lstat("./1/file0", [pid 5009] <... mount resumed>) = 0 [pid 4994] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5008] mkdir("./file0", 0777 [pid 5009] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 4994] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5009] <... openat resumed>) = 3 [pid 4994] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5009] ioctl(4, LOOP_CLR_FD) = 0 [pid 4994] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5009] close(4 [pid 4994] <... openat resumed>) = 4 [pid 5009] <... close resumed>) = 0 [pid 4994] fstat(4, [pid 5009] openat(AT_FDCWD, "/dev/loop5", O_RDONLY) = 4 [pid 4994] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5009] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 4994] getdents64(4, 0x555555afc660 /* 2 entries */, 32768) = 48 [pid 4994] getdents64(4, 0x555555afc660 /* 0 entries */, 32768) = 0 [pid 4994] close(4) = 0 [pid 4994] rmdir("./1/file0"